[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-ietf-aaa-diameter-mobileip-13.txt (fwd)

To: iesg@ietf.org
Subject: RE: draft-ietf-aaa-diameter-mobileip-13.txt (fwd)
From: Bernard Aboba <aboba@internaut.com>
Date: Sun, 30 Mar 2003 22:11:16 -0800 (PST)

---------- Forwarded message ----------
Date: Sun, 30 Mar 2003 20:11:44 -0800
From: Tony Johansson <tjohansson@bytemobile.com>
To: Bernard Aboba <aboba@internaut.com>, Thomas Narten <narten@us.ibm.com>
Cc: Basavaraj.Patil@nokia.com, Phil Roberts <PRoberts@MEGISTO.com>,
     gabriel montenegro <gab@sun.com>, David Mitton <david@mitton.com>,
     Erik Nordmark <Erik.Nordmark@sun.com>, Randy Bush <randy@psg.com>
Subject: RE: draft-ietf-aaa-diameter-mobileip-13.txt

Bernard,

The only comments that I've seen from IESG is the following two url's
[There is no info in the IESG draft tracker for this draft...]:

Issue 385 -
http://www.drizzle.com/~aboba/AAA/issues4.html#Issue%20385

These comments from have been addressed see attachment and acknowledge.

Issue 386 -
http://www.drizzle.com/~aboba/AAA/issues4.html#Issue%20386

These comments have only been partly addressed, since we still need more
detailed info regarding any issues Steve may have with the security
schema and the use of security associations.... So, the only things
addressed are changes regarding the filter rules section 1.10, see
below, and mandating 128 bit keys instead of 64, since that is now
supported in AAA Registration Keys for Mobile IP
(draft-ietf-mobileip-aaa-key-11.txt).

New proposed text:
"
.in 0
1.10  IP filter rule support

.in 3

This application has support for pushing filter rules to either of the
mobility agents to enable appropriate restrictions for the mobile node,
such as limiting the mobile nodes access due to roaming agreements or
network protection. The filter rules are set by the AAAH by adding one
or more MIP-Filter-Rule AVPs in the HAR if destined for the home agent
and/or in the AMA if destined for the foreign agent. The filer rules
does only apply to the mobile node in the HAR and/or AMA message, thus
the mobility agents will process the filter rules individually for each
mobile node.

If MIP-Filter-Rule AVPs are included in the HAR and the home agent does
not have support to handle filter rules, the home agent MUST return a
HAA with Result-Code AVP equal to
DIAMETER_ERROR_MIP_FILTER_NOT_SUPPORTED.

If the MIP-Filter-Rule AVPs are included in the AMA and the foreign
agent does not have support to handle filter rules, the foreign agent
SHOULD log the event and MUST issue a Session-Termination-Request (STR)
back to its local Diameter server. "

Regards,

/Tony

-----Original Message-----
From: Bernard Aboba [mailto:aboba@internaut.com]
Sent: Wednesday, March 26, 2003 8:56 AM
To: Thomas Narten
Cc: Basavaraj.Patil@nokia.com; Phil Roberts; gabriel montenegro; David
Mitton; Erik Nordmark; Randy Bush; Tony Johansson
Subject: Re: draft-ietf-aaa-diameter-mobileip-13.txt

Here's the information I have:

1. Draft Tracker shows that this draft is in IESG Evaluation: Revised ID
Needed. However, the comment log appears to relate to other Diameter
drafts such as Base, and not to this draft. The text of the IESG
discussion only shows comments from Steve, Patrik and Bert relating to
Diameter MIPv4.

2. My (admittedly poor) memory seems to recall a conversation with Steve
Bellovin a few months back, in which Steve requested further
clarification on the relationships between the parties and
authentication (point 5 in Steve's comments). I also recall a
conversation with Tony Johansson in which we concluded that we needed
more detailed feedback from the IESG on exactly what the remaining issues
were and what further analysis was required. Tony -- can you fill us in
on where you think we are?

3. In order to help make it clear where we are and what we need to
do, we invited Russ Housley to present at the AAA WG meeting at
IETF 56. Russ's presentation is available here:

http://www.drizzle.com/~aboba/IETF56/AAA/AAA-Key-Mgmt.ppt

The minutes of the meeting are available here:
http://www.drizzle.com/~aboba/IETF56/AAA/aaa-ietf56-minutes.txt

On Wed, 26 Mar 2003, Thomas Narten wrote:

> Can someone fill me in on the overall status of this document? Are
> there token holders that understand what they need to do?
>
> Note:
>
>  - it has a normative reference to draft-ietf-mobileip-aaa-key-09.txt,
>    which we are close to having a revised document for. The revised
>    document cleans up a bunch of security terminology and tries to use
>    more consistent terms.
>
>  - draft-ietf-mobileip-aaa-nai-05.txt (which the WG says is ready to
>    advance) has a normative ref on diameter-mobileip.
>
> Thomas

Prev by Date: Re: Last Call: Sieve -- Subaddress Extension to Proposed Standard
Next by Date: draft-ietf-ccamp-gmpls-architecture-05.txt
Previous by thread: XMPP Compatibility
Next by thread: draft-ietf-ccamp-gmpls-architecture-05.txt
Index(es):
- Date
- Thread