[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
report from the alias BOF
I am resending my notes from the alias BOF below.
I just had a talk with Mark Handley about this,
and plan to send a longer email after I have read the current
version of the proposed charter.
- Sally
---------------------------------------
Access Link Intermediaries Assisting Services BOF (alias)
Disclaimer: I did not read the mailing list.
Revised charter was posted to the mailing list yesterday.
Summary of charter changes:
* Definition of transport intermediaries.
* Enumerate interactions: discovery, request, control, and information reporting.
* Clarification that security association is optional.
* Expand survey of existing intermediaries, to future intermediaries.
* Define "in-scope transport intermediary services" after working group starts.
* Update deliverables and milestones.
Bernard: Trouble with Triggers.
Experience with triggers in DNA bof and in transport
draft-ietf-dhc-ipv4-dna-04.txt
"Hint" might be more clear. Hints can be wrong or misleading.
Bad Hint, No Donut:
- SSID as a hint in 802.11
- link down - it could be a momentary connectivity loss
- link up - when is link usable for IP connectivity?
You need a layer-3 proof of reachability to be sure that the link is up.
Stories of problems with link up in 802.11.
Importance of Robustness:
- Can the host verify the hint? recover if the hint is wrong?
Questions:
- Do we know if a hint is strong or weak? Verification? Recovery?
Strong vs. Weak Hints:
- Probability of being misleading.
Discussion:
* Charity begins at home: not just blaming the link layer.
* Spencer: Appreciation. There is an ugly layer-3 version of misleading hints,
e.g., about firewalls and such.
* Problems with other link-level technologies?
* Steve Bellovin: Use hint in a way that might improve your performance *if*
the hint is right, but keep robustness.
* ICMP host/port unreachable messages. They should be hints.
Kevin, Observations:
* The term "access links": this is an unclear term.
* Where is state maintained:
- security associations are stateful.
- some triggers are stateless.
* How is signalling delivered:
- ICMP vs. ECN model (or direct vs. indirect signalling).
* Things to do with ICMP:
- ICMP is a stateless, standard signalling protocol.
- Not much protection against on-path adversaries. Do we need to fix ICMP?
* Strawperson ICMP messages (just to think about, not advocating):
- "Middlebox on path" message?
- "Radical link change" message?
- "Wrong source address" message?
Jon P.:
Name?
Name suggested by chairs:
LIES: Link Intermediaries for Enhanced Services
Melinda:
Who initiates the dialog. If network devices initiate the dialog, that
might make it easy to be lied to.
Michael Richardson:
What is the consensual model for ICMP messages from middleboxes?
Thomas Woo, Transport intermediary services:
An initial attempt at a survey of transport intermediary services.
* TCP PEP.
- 3GIX (high speed wireless circuit data) dynamically allocates
supplemental channels, based on queue backlog
- HDR (high speed wireless packet data) uses channel-based
scheduling.
- TCP doesn't work well for channels with a highly variable
bandwidth-delay product.
* One approach: regulate flow of acks back to the source.
* IPSec ESP tunnels hide TCP header from intermediary
* Discussion:
- What is being signalled here?
- Melinda: Why aren't you using transport-friendly ESP?
Answer: This is not excluded as an answer.
Melinda: Then why does this require trigtran/alias?
?: Is this in scope for this meeting? This isn't isolated to access links,
this is a generic problem.
Jon P.: We are still trying to understand the scope of the WG,
particular to not be restricted to access links.
?: The description of the problem is in scope. He thinks there exists
solutions that don't require transport-friendly ESP.
Answer: This is an example, we need common solutions to a range of examples.
JTW: For finding generic examples, we don't want to create intermediaries
where they aren't needed.
* Header compression.
* Common issues.
---------------------------------------------------------------
Documents:
Securely Enabling Intermediary-based Transport Services
http://www.ietf.org/internet-drafts/draft-blumenthal-intermediary-transport-01.txt