Re: comments on draft-ietf-shim6-proto-05.txt {2}

[marcelo bagnulo braun <marcelo@it.uc3m.es>]

El 08/10/2006, a las 17:09, Deguang Le escribió:
> > agree
> > basically the usage of the BROKEN flag is intended for when the host  
> > knows thanks to local information that a locator is temporarily  
> > unavailbale/unreachable, so it can mark it as such, so that the peer  
> > doesn't use it for communicating.
>
> I agree with you, it is a good way to deal with the temporary failure 
> of
> locator using the BROKEN flag.
> However, if the locator is permanently unavailbale/unreachable say due
> to mobility or rehoming, I think it is not necessary to keep the
> unavailable locator in the locator set. Right?

both approaches are possible and i guess that your viewpoint makes more 
sense

> > As mentioned in the other email, another option would be to remove 
> > from  the locator set using a Update message, but i guess this option 
> > is  cheaper in terms of processing (cheaper security checks)
>
> As for security check, I am not familiar with security issue, so I 
> don't
> know why the Locator Preference option need not verification check. ^-^
>
> Does anyone provide some explanations about it? Thank in advance.

to change the locator set you need to include security information 
either HBA or CGA. In the HBA case, this is a hash calculation and in 
the CGA is a public key operation. OTOH, to change the preferences, 
only a cookie is used, so it is much cheaper. This is so because 
changing the locator set may result in all types of redirection attacks 
from off path attacker. However, changing the preferences can only be 
done by on path attacker and it would result in potentially changing 
the locator used (if the peer takes into account the preferences). 
Hence the protection of one operation is less than the other.

> > > Besides, the above explanation for "TEMPORARY" is still not clear 
> > > for  me. What are the more stable addresses and what are the less 
> > > stable  addresses?
> > the goal here is that if the host knows that there are some addresses 
> >  that may change rapidly, it can mark them as such, so that the peer 
> > use  more aggresive failure detection mechanisms on that address.
>
> I think it is an interesting usage although it is not easy to determine
> which addresses belong to more stable or less stable. :-)
>
> > In the case of MIP a HoA is a more stable address and a CoA is a less 
> >  stable address
> In my own veiw, I don't think the HoA is the more stable address and 
> the
> CoA is the less stable address because the mobile node may stay at any
> place including the home network or foreign network at any time.
> For example, a mobile node may access to the Internet through some
> foreign network, then it may moves between the foreign networks, which
> are far from the home network. In this case, the HoA may never be 
> usable
> during the whole communication period. Therefore, we could not regard 
> the HoA as the more stable address. Right?

i don't think so...

the Hoa is always reachable because the Home Agent would forward the 
packets delivered to the HoA (the performance would be worse though) 
The CoA is only usable while the node is in the visited network, hence 
the HoA is much more stable than the CoA even in the scenario that you 
describe, agree?

> > >  I think it is better if this draft could provides some special  
> > > situations about them. Morever, I also can not understand how the  
> > > TEMPORARY can be used to distinguish them.
> > The usage would be that it will include the Temporary flag when  
> > conveying CoA information in the locator set.
>
> As my above statements, I think it is not suitable to tag the CoA as
> Temporary. Right? :-)
see above


> > Do you think that additional text is required to explain this?
> Yes, I think these flags are very important in order to put the Locator
> Preference option in real use, we need to formulate these flags'
> functions and their usage (e.g. applied situations) more clearly.

I am ok with addin additional text for the broken flag since there is 
no text describing it... i am willing to include additional text on the 
temporary flag, but not sure what to include there though...

Regards, marcelo


> With best regards,
> Deguang
>
>
> > Regards, marcelo
> > > Cheers,
> > > Deguang
> > >
> > > > Geoff Huston schrieb:
> > > >
> > > > > Hi,
> > > > >
> > > > > This note starts the WG Last Call for comments on the three "base" 
> > > > >  Shim6 documents:
> > > > >
> > > > >
> > > > > draft-ietf-shim6-proto-05.txt         "Level 3 multihoming shim  
> > > > > protocol"
> > > > >  draft-ietf-shim6-hba-01               "Hash Based Addresses (HBA)"
> > > > >
> > > > > draft-ietf-shim6-failure-detection-06 "Failure Detection and 
> > > > > Locator  Pair                                        Exploration 
> > > > > Protocol for  IPv6
> > > > >                                        Multihoming"
> > > > >
> > > > > They can be found at:
> > > > >    
> > > > > http://www.ietf.org/internet-drafts/draft-ietf-shim6-proto-05.txt
> > > > >    http://www.ietf.org/internet-drafts/draft-ietf-shim6-hba-01.txt
> > > > >     http://www.ietf.org/internet-drafts/draft-ietf-shim6-failure- 
> > > > > detection-06.txt
> > > > >
> > > > > Please review the documents carefully, and send your feedback to 
> > > > > the  SHIM6 list.  Please also indicate whether or not you believe 
> > > > > that  these documents
> > > > > are ready to go to the IESG for publication as a set of Proposed  
> > > > > Standards.
> > > > >
> > > > > This Working Group Last Call will end in two weeks, on the 12th  
> > > > > October 2006 at 0800,  UTC+10
> > > > >
> > > > >
> > > > >   Thanks,
> > > > >
> > > > >
> > > > >         Geoff & Kurtis