[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Internal WG Review: Recharter of Next Steps in Signaling (nsis)

In general, this charter looks good, but I've got one question about
the security section. In IAB discussions with Ran Atkinson last fall,
it came up that one inhibitor for end to end Diffsrv is that it opens
a potential DoS attack pathway on the receiving network, in that the
attacker can label packets as EF and thereby enhance the effectiveness
of the attack (and potentially overwhelm the EF forwarding capacity of
the routers). According to Ran, this is a major barrier to QoS
deployment among ISPs.

Would it be possible to insert some text into the security section
that specifically mentions security as a barrier to deployment,
something like:

    Security is a very important concern for NSIS. The working group
will
    study and analyze the threats and security requirements for
signaling,
    particularly using threats that are currently acting as barriers
to deployment of
    QoS as examples. Compatibility with authentication and
authorization mechanisms
    such as those of Diameter, COPS-PR, and RSVP-PR auth-session, will
be
    addressed.

Or would this be skewing the charter too much in the direction of the
particular QoS application of NSIS?

            jak

----- Original Message -----
From: "The IETF Secretariat" <ietf-secretariat@ietf.org>
To: <iesg@ietf.org>; <iab@ietf.org>
Cc: <john.loughney@nokia.com>
Sent: Thursday, May 22, 2003 12:38 PM
Subject: Internal WG Review: Recharter of Next Steps in Signaling
(nsis)


> A new charter for Next Steps in Signaling (nsis) WG in the Transport
Area is being considered.
> The revised draft charter is provided below for your review and
comments.
>
> The IETF Secretariat.
>
>  Next Steps in Signaling (nsis)
>  -------------------------------
>
>  Chair(s):
>  J. Loughney <john.loughney@nokia.com>
>
>  Transport Area Director(s):
>  Allison Mankin <mankin@psg.com>
>  Jon Peterson <jon.peterson@neustar.biz>
>
>  Transport Area Advisor:
>  Allison Mankin <mankin@psg.com>
>
>  Mailing Lists:
>  General Discussion: nsis@ietf.org
>  To Subscribe: nsis-request@ietf.org
>  In Body: (un)subscribe
>  Archive:
>  www.ietf.org/mail-archive/working-groups/nsis/current/maillist.html
>
>  Description of Working Group:
>
>  The Next Steps in Signaling Working Group is responsible for
>  standardizing an IP signaling protocol with QoS signaling as the
first
>  use case. This working group will concentrate on a two-layer
signaling
>  paradigm. The intention is to re-use, where appropriate, the
protocol
>  mechanisms of RSVP, while at the same time simplifying it and
applying a
>  more general signaling model.
>
>  The existing work on the requirements, the framework and analysis
of
>  existing protocols will be completed and used as input for the
protocol
>  work.
>
>  NSIS will develop a transport layer signaling protocol for the
transport
>  of upper layer signaling. In order to support a tool box or
building
>  block approach, the two-layer model will be used to separate the
>  transport of the signaling from the application signaling. This
allows
>  for a more general signaling protocol to be developed to support
>  signaling for different services or resources, such as NAT &
firewall
>  traversal and QoS resources. The initial NSIS application will be
an
>  optimized RSVP QoS signaling protocol. The second application will
be
>  a middle box traversal protocol. It may be that a rechartering of
the
>  working group occurs before the completion of this milestone.
>
>  Security is a very important concern for NSIS. The working group
will
>  study and analyze the threats and security requirements for
signaling.
>  Compatibility with authentication and authorization mechanisms such
as
>  those of Diameter, COPS-PR, and RSVP-PR auth-session, will be
addressed.
>
>  It is a non-goal of the working group to develop new resource
allocation
>  protocols. Resource reservation and traffic engineering are out of
scope
>  of this working group. Additionally, third party signaling is out
of
>  scope of this working group. Mobility protocols and AAA work are
out of
>  scope of the working group. The work produced in this Working Group
>  should work with existing IETF mobility and AAA protocols,
including
>  (but not limited to) Mobile IP, Seamoby, AAA, Midcom and RAP. It
>  will also welcome participation and expression of requirements from
>  non-IETF standards organization members, for instance 3GPP and
3GPP2
>  and ITU-T.
>
>  Goals and Milestones:
>
>  MAY 03 Submit "Requirements for Signaling Protocols" to IESG for
>                  publication as Informational RFC
>  JUN 03 Submit "RSVP Security Properties" to IESG as Informational
RFC
>  JUN 03 Submit "NSIS Threats" to IESG as Informational RFC
>  JUL 03 Submit "Analysis of Existing Signaling Protocols" to IESG as
>                  Informational RFC
>  SEP 03 Submit "Next Steps in Signaling: Framework" to IESG for
>                  publication as Informational RFC
>  FEB 04 Submit "NSIS Transport Protocol" to IESG for publication for
>                  Proposed Standard
>  MAR 04 Submit "NSIS QoS Application Protocol" to IESG for
publication
>                  for Proposed Standard
>  SEP 04 Submit "NSIS Middle Box Signaling Application Protocol" to
>                  IESG for publication for Proposed Standard
>  SEP 04 Conclude WG
>
>