Secure Proxy ND Support for SEcure Neighbor Discovery (SEND)
draft-ietf-csi-proxy-send-05
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
05 | (System) | post-migration administrative database adjustment to the No Objection position for Sean Turner |
2011-03-24
|
05 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent. |
2011-03-23
|
05 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2011-03-23
|
05 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2011-03-23
|
05 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2011-03-22
|
05 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2011-03-21
|
05 | (System) | IANA Action state changed to In Progress |
2011-03-21
|
05 | Amy Vezza | IESG state changed to Approved-announcement sent |
2011-03-21
|
05 | Amy Vezza | IESG has approved the document |
2011-03-21
|
05 | Amy Vezza | Closed "Approve" ballot |
2011-03-21
|
05 | Amy Vezza | Approval announcement text regenerated |
2011-03-21
|
05 | Amy Vezza | State changed to Approved-announcement to be sent from IESG Evaluation::AD Followup. |
2011-03-21
|
05 | Amy Vezza | Ballot writeup text changed |
2011-03-17
|
05 | Ralph Droms | Ballot writeup text changed |
2011-03-17
|
05 | Sean Turner | [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss |
2010-09-28
|
05 | (System) | New version available: draft-ietf-csi-proxy-send-05.txt |
2010-07-21
|
05 | Alexey Melnikov | [Ballot Position Update] Position for Alexey Melnikov has been changed to No Objection from Discuss by Alexey Melnikov |
2010-07-21
|
05 | Alexey Melnikov | [Ballot comment] The last sentence in section 5.2.2 looks out of sync when compared to the text in item 1 of the same section. I … [Ballot comment] The last sentence in section 5.2.2 looks out of sync when compared to the text in item 1 of the same section. I am also agreeing with Sean's DISCUSS. |
2010-07-21
|
05 | Alexey Melnikov | [Ballot discuss] |
2010-07-15
|
05 | Cindy Morgan | State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Cindy Morgan |
2010-07-15
|
05 | Tim Polk | [Ballot comment] I support Sean's discuss. |
2010-07-15
|
05 | Tim Polk | [Ballot Position Update] New position, No Objection, has been recorded by Tim Polk |
2010-07-14
|
05 | (System) | State Changes to IESG Evaluation from IESG Evaluation - Defer by system |
2010-07-13
|
05 | Sean Turner | [Ballot discuss] The SECDIR review pointed out a number of changes that are needed. The author agreed. I'll remove this DISCUSS once a new version … [Ballot discuss] The SECDIR review pointed out a number of changes that are needed. The author agreed. I'll remove this DISCUSS once a new version (or an RFC editors note) is posted to incorporate the agreed changes. The SECDIR review also pointed out issues with this document and with draft-ietf-csi-send-cert. That discussion has not completed. |
2010-07-13
|
05 | Sean Turner | [Ballot Position Update] New position, Discuss, has been recorded by Sean Turner |
2010-07-11
|
05 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Sandra Murphy. |
2010-07-02
|
05 | (System) | Removed from agenda for telechat - 2010-07-01 |
2010-07-01
|
05 | Alexey Melnikov | [Ballot comment] The last sentence in section 5.2.2 looks out of sync when compared to the text in item 1 of the same section. |
2010-07-01
|
05 | Alexey Melnikov | [Ballot discuss] This is a minor point and I would like to have a quick discussion on whether I am right or wrong here: Does … [Ballot discuss] This is a minor point and I would like to have a quick discussion on whether I am right or wrong here: Does Section 5.2.2 item 1 contradict text in Section 5.2.1? |
2010-07-01
|
05 | Alexey Melnikov | [Ballot Position Update] New position, Discuss, has been recorded by Alexey Melnikov |
2010-07-01
|
05 | Sean Turner | State Changes to IESG Evaluation - Defer from IESG Evaluation by Sean Turner |
2010-07-01
|
05 | Jari Arkko | [Ballot comment] This is a very well written specification and it was nice to read it. I did not spot any major or minor issues. … [Ballot comment] This is a very well written specification and it was nice to read it. I did not spot any major or minor issues. However, we have in the past discussed the question of compatibility with non-SEND, SEND, and proxy SEND nodes. I think the current specification is now reasonable in that respect. However, I think that the decision to employ two levels of security in proxied messages (ND or SPND) has lead to the rules that are not optimal in all circumstances. In particular, the document says: As a rule of thumb, if the proxied nodes can return to the link in which the proxy operates, the Secure ND Proxy MUST only generate PS options on behalf of nodes with SEND capabilities (i.e. that they could use SEND to defend their messages if being in the same link than the proxy, either RFC3971 nodes or SPND nodes). This is relevant to allow nodes preferring secured information over unsecured one ... What this essentially says is that unless there is knowledge about the network structure and movement patterns, secure proxy cannot proxy plain old ND messages with security at all. I happen to believe that this situation is the typical situation. If you had provided one additional bit of information in the secure proxy messages about the SEND/non-SEND status of the original message, there would not be this limitation. You could have amended the backwards compatibility rules of SEND to prefer native SEND messages over proxied SEND messages over unsecured ND messages. I would like to ask the authors to consider this before final approval of the document as an RFC. |
2010-07-01
|
05 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2010-07-01
|
05 | Ralph Droms | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Ralph Droms |
2010-07-01
|
05 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
2010-06-30
|
05 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel |
2010-06-30
|
05 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
2010-06-30
|
05 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded by Stewart Bryant |
2010-06-30
|
05 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
2010-06-30
|
05 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
2010-06-30
|
05 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded by Gonzalo Camarillo |
2010-06-29
|
05 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks |
2010-06-28
|
05 | Peter Saint-Andre | [Ballot Position Update] New position, No Objection, has been recorded by Peter Saint-Andre |
2010-06-21
|
05 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
2010-06-14
|
05 | Amanda Baber | IANA comments: ACTION 1: Upon approval of this document, IANA will make the following assignment in the "Internet Control Message Protocol version 6 (ICMPv6) Parameters" … IANA comments: ACTION 1: Upon approval of this document, IANA will make the following assignment in the "Internet Control Message Protocol version 6 (ICMPv6) Parameters" registry located at http://www.iana.org/assignments/icmpv6-parameters sub-registry "IPv6 Neighbor Discovery Option Formats" Type Description Reference ------ -------------------------------------- --------- TBD Proxy Signature [RFC-csi-proxy-send-04] ACTION 2: Upon approval of this document, IANA will make the following assignment in the "Cryptographically Generated Addresses (CGA) Message Type Name Space" registry located at http://www.iana.org/assignments/cga-message-types/cga-message-types.xhtml sub-registry "CGA Extension Type Tags" CGA Type Tag Reference 09F5 2BE5 3B62 4C76 CB96 4E7F CDC9 2804 [RFC-csi-proxy-send-04] |
2010-06-09
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Sandra Murphy |
2010-06-09
|
05 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Sandra Murphy |
2010-06-07
|
05 | Amy Vezza | Last call sent |
2010-06-07
|
05 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2010-06-06
|
05 | Ralph Droms | Placed on agenda for telechat - 2010-07-01 by Ralph Droms |
2010-06-06
|
05 | Ralph Droms | [Ballot Position Update] New position, Yes, has been recorded for Ralph Droms |
2010-06-06
|
05 | Ralph Droms | Ballot has been issued by Ralph Droms |
2010-06-06
|
05 | Ralph Droms | Created "Approve" ballot |
2010-06-06
|
05 | Ralph Droms | State Changes to Last Call Requested from AD Evaluation by Ralph Droms |
2010-06-06
|
05 | Ralph Droms | Last Call was requested by Ralph Droms |
2010-06-06
|
05 | (System) | Ballot writeup text was added |
2010-06-06
|
05 | (System) | Last call text was added |
2010-06-06
|
05 | (System) | Ballot approval text was added |
2010-06-03
|
05 | Ralph Droms | State Changes to AD Evaluation from Publication Requested by Ralph Droms |
2010-06-03
|
05 | Ralph Droms | [Note]: 'Marcelo Bagnulo (marcelo@it.uc3m.es) is the document shepherd.' added by Ralph Droms |
2010-06-01
|
05 | Cindy Morgan | Document Shepherd Write-up for draft-ietf-csi-proxy-send-04 (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally … Document Shepherd Write-up for draft-ietf-csi-proxy-send-04 (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? The document shepherd is Marcelo Bagnulo who has reviewed this version of the document and believes that us ready for forwarding to the IESG for publication. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? The document has received adequate level of review. We had 2 WGLC during which several issues were raised and the current version deals with all of them. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization, or XML? No. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on this issue. No special concerns or issues. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? The consensus behind the document is solid. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarize the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) No conflicts. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See http://www.ietf.org/ID-Checklist.html and http://tools.ietf.org/tools/idnits/.) Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type, and URI type reviews? If the document does not already indicate its intended status at the top of the first page, please indicate the intended status here. I have verified the ID nits. No MIB Doctor, media type nor UR type reviews are needed for this document. The document intended status is Experimental. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. The references are split into normative and informative. There is one normative references that are in draft status. draft-ietf-csi-send-cert-03 is under IESG review. (1.i) Has the Document Shepherd verified that the document's IANA Considerations section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC2434]. If the document describes an Expert Review process, has the Document Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during IESG Evaluation? The IANA section is the draft exists and it is coherent with the body of the document. No new registry is created, A couple of values for existing registries are assigned. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? The document does no contain any section written in a formal language. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. Secure Neighbor Discovery (SEND) specifies a method for securing Neighbor Discovery (ND) signaling against specific threats. As defined today, SEND assumes that the node sending a ND message is the owner of the address from which the message is sent, so that it is in possession of the private key used to generate the digital signature on the message. This means that the Proxy ND signaling performed by nodes that do not possess knowledge of the address owner's private key cannot be secured using SEND. This document extends the current SEND specification in order to secure Proxy ND operation. Working Group Summary Was there anything in the WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? Nothing special that worth noting. Not a controversial document. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type, or other Expert Review, what was its course (briefly)? In the case of a Media Type Review, on what date was the request posted? The document has benefits from a number of reviewers, who are detailed in the ACK section of the draft. Personnel Who is the Document Shepherd for this document? Who is the Responsible Area Director? If the document requires IANA experts(s), insert 'The IANA Expert(s) for the registries in this document are .' Document shepherd: Marcelo Bagnulo Area Director: Ralf Droms |
2010-06-01
|
05 | Cindy Morgan | Draft Added by Cindy Morgan in state Publication Requested |
2010-06-01
|
05 | Cindy Morgan | [Note]: 'Marcelo Bagnulo (marcelo@it.uc3m.es) is the document shepherd.' added by Cindy Morgan |
2010-05-31
|
04 | (System) | New version available: draft-ietf-csi-proxy-send-04.txt |
2010-03-22
|
03 | (System) | New version available: draft-ietf-csi-proxy-send-03.txt |
2010-03-03
|
02 | (System) | New version available: draft-ietf-csi-proxy-send-02.txt |
2010-01-14
|
05 | (System) | Document has expired |
2009-07-14
|
01 | (System) | New version available: draft-ietf-csi-proxy-send-01.txt |
2008-11-04
|
00 | (System) | New version available: draft-ietf-csi-proxy-send-00.txt |