The Diameter Capabilities Update Application
draft-ietf-dime-capablities-update-07
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
07 | (System) | post-migration administrative database adjustment to the No Objection position for Peter Saint-Andre |
2012-08-22
|
07 | (System) | post-migration administrative database adjustment to the No Objection position for Tim Polk |
2012-08-22
|
07 | (System) | post-migration administrative database adjustment to the No Objection position for Alexey Melnikov |
2012-08-22
|
07 | (System) | post-migration administrative database adjustment to the No Objection position for Adrian Farrel |
2012-08-22
|
07 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
2012-05-08
|
07 | Benoît Claise | Ballot writeup was changed |
2012-05-08
|
07 | Benoît Claise | Ballot writeup was changed |
2012-03-29
|
07 | Benoît Claise | Responsible AD changed to Benoit Claise from Dan Romascanu |
2011-06-14
|
07 | Jouni Korhonen | Send to IESG a while ago. |
2011-06-14
|
07 | Jouni Korhonen | IETF state changed to Submitted to IESG for Publication from WG Document |
2011-05-31
|
07 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2011-05-31
|
07 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent. |
2011-05-23
|
07 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2011-05-23
|
07 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2011-05-23
|
07 | (System) | IANA Action state changed to In Progress |
2011-05-23
|
07 | Amy Vezza | IESG state changed to Approved-announcement sent |
2011-05-23
|
07 | Amy Vezza | IESG has approved the document |
2011-05-23
|
07 | Amy Vezza | Closed "Approve" ballot |
2011-05-23
|
07 | Amy Vezza | Approval announcement text regenerated |
2011-05-23
|
07 | Amy Vezza | Ballot writeup text changed |
2011-05-18
|
07 | Peter Saint-Andre | [Ballot Position Update] Position for Peter Saint-Andre has been changed to No Objection from Discuss |
2011-03-10
|
07 | Tim Polk | [Ballot Position Update] Position for Tim Polk has been changed to No Objection from Discuss |
2010-11-16
|
07 | Russ Housley | [Ballot discuss] The Gen-ART Review by Pete McCann on 19-Oct-2010 raised a question that needs to be answered. This document requests allocation of … [Ballot discuss] The Gen-ART Review by Pete McCann on 19-Oct-2010 raised a question that needs to be answered. This document requests allocation of two separate command codes, TBD2 and TBD3. Pete believes these should actually be the same value. |
2010-11-16
|
07 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss |
2010-11-16
|
07 | Adrian Farrel | [Ballot Position Update] Position for Adrian Farrel has been changed to No Objection from Discuss |
2010-10-26
|
07 | Dan Romascanu | State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation::AD Followup by Dan Romascanu |
2010-10-24
|
07 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2010-10-24
|
07 | (System) | New version available: draft-ietf-dime-capablities-update-07.txt |
2010-10-22
|
07 | (System) | Removed from agenda for telechat - 2010-10-21 |
2010-10-21
|
07 | David Harrington | [Ballot Position Update] Position for David Harrington has been changed to No Objection from Discuss by David Harrington |
2010-10-21
|
07 | Cindy Morgan | State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation by Cindy Morgan |
2010-10-21
|
07 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms |
2010-10-21
|
07 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded by Gonzalo Camarillo |
2010-10-21
|
07 | Alexey Melnikov | [Ballot comment] I am agreeing with Peter's DISCUSS. Also: If the receiver of a CUR does not have any applications in common with … [Ballot comment] I am agreeing with Peter's DISCUSS. Also: If the receiver of a CUR does not have any applications in common with the sender then it MUST return a Capabilities-Update-Answer (CUA) (Section 4.1.2) with the Result-Code AVP set to DIAMETER_NO_COMMON_APPLICATION, and SHOULD disconnect the transport Can you please add a reference to RFC 3588 here (where DIAMETER_NO_COMMON_APPLICATION is defined)? layer connection; however, if active sessions are using the connection, peers MAY delay disconnection until the sessions can be redirected or gracefully terminated. 4. Capabilities Update When the capabilities of a Diameter node conforming to this specification change, it MUST notify all of the nodes with which it has an open transport connection and have I think you should insert "which" before "have", because support for this extension needs to be advertised by peers, not the node. A Diameter node only issues a given command to those peers that have advertised support for the Diameter application that defines the command; a Diameter node must cache the supported applications in order to ensure that unrecognized commands and/or Attibute-Value typo: Attribute-Value Pairs (AVPs) are not unnecessarily sent to a peer. 5. Security Considerations The security considerations applicable to the Diameter Base Protocol [I-D.ietf-dime-rfc3588bis] are also applicable to this document. This looks a bit weak, are you sure this extension doesn't raise new security issues? |
2010-10-21
|
07 | Alexey Melnikov | [Ballot Position Update] Position for Alexey Melnikov has been changed to No Objection from Discuss by Alexey Melnikov |
2010-10-21
|
07 | Jari Arkko | [Ballot Position Update] New position, Yes, has been recorded by Jari Arkko |
2010-10-20
|
07 | Sean Turner | [Ballot comment] I support Peter's discuss. |
2010-10-20
|
07 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded by Sean Turner |
2010-10-20
|
07 | Tim Polk | [Ballot comment] I support Peter's discuss. |
2010-10-20
|
07 | Tim Polk | [Ballot discuss] This is a discuss-discuss. To be clear, I am not asking for changes, just looking for clarification. In section 4, it states: … [Ballot discuss] This is a discuss-discuss. To be clear, I am not asking for changes, just looking for clarification. In section 4, it states: If the receiver of a CUR does not have any applications in common with the sender then it MUST return a Capabilities-Update-Answer (CUA) (Section 4.1.2) with the Result-Code AVP set to DIAMETER_NO_COMMON_APPLICATION, and SHOULD disconnect the transport layer connection Given that the receiver of the CUR has an existing connection with the sender, doesn't that imply that there were some capabilities in common at the time the connection was established? It seems odd that the capabilities update results in no applications in common. Is this just for completeness? This section continues: however, if active sessions are using the connection, peers MAY delay disconnection until the sessions can be redirected or gracefully terminated. If the update removed whatever applications were previously in common, how can the session continue? |
2010-10-20
|
07 | Tim Polk | [Ballot Position Update] New position, Discuss, has been recorded by Tim Polk |
2010-10-20
|
07 | Adrian Farrel | [Ballot discuss] I support this work in principle, but there are a few small points to be addressed before I can ballot No Objection. --- … [Ballot discuss] I support this work in principle, but there are a few small points to be addressed before I can ballot No Objection. --- Although it is relatively obvious, before giving the message format in section 4.1, you should state "using the BNF defined in [I-D.ietf-dime-rfc3588bis] --- I am not clear how the case of a peer not supporting receipt of a CUR is handled. Section 3 is clear that nodes that do support CUR will advertise the fact. I presume that "standard" Diameter processing applies to the unexcpeted receipt of a CUR, but for clarity of backward compatibility, it may be good to state it in one line. --- Section 3 says that is to be assigned for use be applications that conform to this specification. But neither section 3 nor section 6.1 appears to give a name to this application ID (c.f. the name Auth-Application-Id). --- Is it possible to put the application I-D for applications conforming to this specification in the CUR or CUA? Can support for update be withdrawn? |
2010-10-20
|
07 | Adrian Farrel | [Ballot Position Update] New position, Discuss, has been recorded by Adrian Farrel |
2010-10-20
|
07 | Russ Housley | [Ballot discuss] The Gen-ART Review by Pete McCann on 19-Oct-2010 raised a question that needs to be answered. This document requests allocation of … [Ballot discuss] The Gen-ART Review by Pete McCann on 19-Oct-2010 raised a question that needs to be answered. This document requests allocation of two separate command codes, TBD2 and TBD3. Pete believes these should actually be the same value. |
2010-10-20
|
07 | Russ Housley | [Ballot Position Update] New position, Discuss, has been recorded by Russ Housley |
2010-10-20
|
07 | Alexey Melnikov | [Ballot comment] 4. Capabilities Update When the capabilities of a Diameter node conforming to this specification change, it MUST notify all of the … [Ballot comment] 4. Capabilities Update When the capabilities of a Diameter node conforming to this specification change, it MUST notify all of the nodes with which it has an open transport connection and have I think you should insert "which" before "have", because support for this extension needs to be advertised by peers, not the node. A Diameter node only issues a given command to those peers that have advertised support for the Diameter application that defines the command; a Diameter node must cache the supported applications in order to ensure that unrecognized commands and/or Attibute-Value typo: Attribute-Value Pairs (AVPs) are not unnecessarily sent to a peer. 5. Security Considerations The security considerations applicable to the Diameter Base Protocol [I-D.ietf-dime-rfc3588bis] are also applicable to this document. This looks a bit weak, are you sure this extension doesn't raise new security issues? |
2010-10-20
|
07 | Alexey Melnikov | [Ballot discuss] If the receiver of a CUR does not have any applications in common with the sender then it MUST return a Capabilities-Update-Answer … [Ballot discuss] If the receiver of a CUR does not have any applications in common with the sender then it MUST return a Capabilities-Update-Answer (CUA) (Section 4.1.2) with the Result-Code AVP set to DIAMETER_NO_COMMON_APPLICATION, and SHOULD disconnect the transport Does this need to be registered with IANA, or is this already registered? layer connection; however, if active sessions are using the connection, peers MAY delay disconnection until the sessions can be redirected or gracefully terminated. |
2010-10-20
|
07 | Alexey Melnikov | [Ballot Position Update] New position, Discuss, has been recorded by Alexey Melnikov |
2010-10-20
|
07 | Robert Sparks | [Ballot comment] Support Peter's discuss. I also suggest being even more explicit about what an implementation should/could do if a peer tries to modify the … [Ballot comment] Support Peter's discuss. I also suggest being even more explicit about what an implementation should/could do if a peer tries to modify the things this document declares unmodifiable. |
2010-10-20
|
07 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks |
2010-10-20
|
07 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded by Stewart Bryant |
2010-10-20
|
07 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
2010-10-20
|
07 | Lars Eggert | [Ballot comment] I support Peter's discuss. Section 1., paragraph 3: > Discussion of this draft may be directed to the dime Working Group of … [Ballot comment] I support Peter's discuss. Section 1., paragraph 3: > Discussion of this draft may be directed to the dime Working Group of > the IETF (dime@ietf.org). Remove. Section 4., paragraph 2: > order to ensure that unrecognized commands and/or Attibute-Value Nit: s/Attibute-Value/Attribute-Value/ |
2010-10-20
|
07 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
2010-10-19
|
07 | Peter Saint-Andre | [Ballot comment] 1. In Section 4, there is a typo: "Attibute-Value" |
2010-10-19
|
07 | Peter Saint-Andre | [Ballot discuss] 1. Let me see if I understand this. The basic idea is that any two Diameter nodes can dynamically inform each other when … [Ballot discuss] 1. Let me see if I understand this. The basic idea is that any two Diameter nodes can dynamically inform each other when their capabilities have changed, without forcing a reconnection. There are several kinds of capabilities that might change, such as (a) security mechanisms, (b) commands related to a particular application, and (c) the list of applications supported. It seems that several rules apply: (a) do not attempt to dynamically modify a security mechanism that is currently in use, because reconnection is required, (b) send updated commands related to a given application only to those peers which also support that application, and (c) send an updated list of supported applications to all peers [this seems to implicit]. Unfortunately, these rules are not explained very clearly, and certain matters are left unspecified: a. Is it OK to dynamically inform peers about capabilities security mechanisms that are *not* currently in use for that connection? b. When a node receives a Capabilities Update Request (CUR) from a peer, it needs to check if the two entities have any supported applications in common, and if not it SHOULD disconnect the transport connection. Why? Does this behavior protect against some unspecified threat? Does this behavior prevent two entities from exchanging a CUR that updates the list of supported applications (i.e., if they currently have no supported applications in common)? c. Is the Capabilities Update Application limited to informing peers about new/changed capabilities, or does it also assume that based on communication of those new/changed capabilities a peer MAY/SHOULD/MUST take action based on those modified capabilities (e.g., "modifying the security mechanism")? |
2010-10-19
|
07 | Peter Saint-Andre | [Ballot Position Update] New position, Discuss, has been recorded by Peter Saint-Andre |
2010-10-18
|
07 | David Harrington | [Ballot discuss] 1) The last paragraph of 4.0 discusses the possibility of a peer being down, and sending an UNABLE-TO-Deliver error, which can trigger rerouting … [Ballot discuss] 1) The last paragraph of 4.0 discusses the possibility of a peer being down, and sending an UNABLE-TO-Deliver error, which can trigger rerouting to an alternate peer. section 4.1.1. says "Upon detection of a transport failure, this message MUST NOT be sent to an alternate peer." Are these two statements in conflict? 2) when using SCTP, the request may contain multiple IP addresses. Can the authorization depend on the address? for example, could the peer only support ipv4 addresse bu tnot ipv6 addresses, or global but not private addresses? if so, how would the answer be indicated? If the peer did not support all the addresses, must it refuse the request? what if a transport connection for one of the addresses already existed, and the update was adding a new address that is not supported? 3) in the general case, what happens if the peer does not support the new capability? |
2010-10-18
|
07 | David Harrington | [Ballot Position Update] New position, Discuss, has been recorded by David Harrington |
2010-10-12
|
07 | Dan Romascanu | [Ballot Position Update] New position, Yes, has been recorded for Dan Romascanu |
2010-10-12
|
07 | Dan Romascanu | Ballot has been issued by Dan Romascanu |
2010-10-12
|
07 | Dan Romascanu | Created "Approve" ballot |
2010-10-12
|
07 | Dan Romascanu | Placed on agenda for telechat - 2010-10-21 by Dan Romascanu |
2010-10-12
|
07 | Dan Romascanu | State changed to IESG Evaluation from Waiting for AD Go-Ahead by Dan Romascanu |
2010-10-12
|
06 | (System) | New version available: draft-ietf-dime-capablities-update-06.txt |
2010-10-10
|
07 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Dan Harkins. |
2010-10-05
|
07 | Amy Vezza | State changed to Waiting for AD Go-Ahead from In Last Call by Amy Vezza |
2010-09-30
|
07 | Amanda Baber | Upon approval of this document, IANA understands that there are two IANA actions that it must complete. First, in the Application IDs subregistry of the … Upon approval of this document, IANA understands that there are two IANA actions that it must complete. First, in the Application IDs subregistry of the Authentication, Authorization, and Accounting (AAA) Parameters registry located at: http://www.iana.org/assignments/aaa-parameters/aaa-parameters.xhtml#aaa-parameters-45 a new registration must be added: Value Name Reference ----- ---------------------------------------- ----------- TBD Diameter Capabilities Update [RFC-to-be] Second, in the Command Codes subregistry of the Authentication, Authorization, and Accounting (AAA) Parameters registry located at: http://www.iana.org/assignments/aaa-parameters/aaa-parameters.xhtml#aaa-parameters-45 two new registrations must be added: Code Value Name Reference ---------- --------------------------------------------- --------- TBD Capabilities-Update-Request [RFC-to-be] TBD Capabilities-Update-Answer [RFC-to-be] IANA understands that these two actions are all the changes that need to be made upon approval of this document. |
2010-09-25
|
07 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Dan Harkins |
2010-09-25
|
07 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Dan Harkins |
2010-09-20
|
07 | Amy Vezza | Last call sent |
2010-09-20
|
07 | Amy Vezza | State changed to In Last Call from Last Call Requested by Amy Vezza |
2010-09-20
|
07 | Dan Romascanu | Last Call was requested by Dan Romascanu |
2010-09-20
|
07 | (System) | Ballot writeup text was added |
2010-09-20
|
07 | (System) | Last call text was added |
2010-09-20
|
07 | (System) | Ballot approval text was added |
2010-09-20
|
07 | Dan Romascanu | State Changes to Last Call Requested from AD Evaluation by Dan Romascanu |
2010-09-19
|
07 | Dan Romascanu | State Changes to AD Evaluation from Publication Requested by Dan Romascanu |
2010-07-22
|
07 | Cindy Morgan | [Note]: 'Lionel Morand (lionel.morand@orange-ftgroup.com) is the document shepherd.' added by Cindy Morgan |
2010-07-22
|
07 | Cindy Morgan | (1.a) Who is the Document Shepherd for this document? ==> Lionel Morand Has the Document Shepherd personally reviewed this version of the document and, in … (1.a) Who is the Document Shepherd for this document? ==> Lionel Morand Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? ==> Yes. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? ==> Yes. Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? ==> No. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization or XML? ==> No. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? ==> No. Has an IPR disclosure related to this document been filed? ==> No. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? ==> This document was pushed mainly by the authors but captures a solution for a problem understood and agreed by the Dime WG. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? ==> No. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See the Internet-Drafts Checklist and http://tools.ietf.org/tools/idnits/). Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type and URI type reviews? ==> The document was verified. No issue found. (1.h) Has the document split its references into normative and informative? ==> Yes. Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? ==> The draft has a normative reference to the draft-ietf-dime-rfc3588bis that is not yet published as RFC. However, this draft is under review process and should be soon published. (1.i) Has the Document Shepherd verified that the document IANA consideration section exists and is consistent with the body of the document? ==> Yes. If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? ==> Yes. One new Diameter application id and two new Diameter command code values are requested in the corresponding existing IANA registries. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? ==> Yes. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up? Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This document defines a new Diameter application and associated command codes. The Diameter Capabilities Update application is intended to allow the dynamic update of certain Diameter peer capabilities while the peer-to-peer connection is in the open state. This application relies on the exchange of the Capabilities-Update-Request/Answer (CUR/CUA) messages between peers supporting the Diameter Capabilities Update application Working Group Summary There was consensus in the WG to publish the document. Document Quality This document has been reviewed and commented from key people in the Dime WG. |
2010-07-22
|
07 | Cindy Morgan | Draft Added by Cindy Morgan in state Publication Requested |
2010-06-18
|
05 | (System) | New version available: draft-ietf-dime-capablities-update-05.txt |
2010-05-24
|
04 | (System) | New version available: draft-ietf-dime-capablities-update-04.txt |
2010-02-26
|
03 | (System) | New version available: draft-ietf-dime-capablities-update-03.txt |
2010-02-26
|
02 | (System) | New version available: draft-ietf-dime-capablities-update-02.txt |
2009-12-02
|
01 | (System) | New version available: draft-ietf-dime-capablities-update-01.txt |
2009-07-27
|
00 | (System) | New version available: draft-ietf-dime-capablities-update-00.txt |