Signaling System 7 (SS7) Message Transfer Part 2 (MTP2) - User Peer-to-Peer Adaptation Layer (M2PA)
draft-ietf-sigtran-m2pa-13
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
13 | (System) | post-migration administrative database adjustment to the No Objection position for Sam Hartman |
2012-08-22
|
13 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
2005-04-20
|
13 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2005-04-19
|
13 | Amy Vezza | IESG state changed to Approved-announcement sent |
2005-04-19
|
13 | Amy Vezza | IESG has approved the document |
2005-04-19
|
13 | Amy Vezza | Closed "Approve" ballot |
2005-04-19
|
13 | Amy Vezza | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Amy Vezza |
2005-03-09
|
13 | Sam Hartman | [Ballot Position Update] Position for Sam Hartman has been changed to No Objection from Discuss by Sam Hartman |
2005-02-23
|
13 | (System) | New version available: draft-ietf-sigtran-m2pa-13.txt |
2005-02-14
|
13 | Sam Hartman | [Ballot discuss] Please remove the following paragraph: When M2PA is running in professionally managed corporate or service provider network, it is reasonable to expect that … [Ballot discuss] Please remove the following paragraph: When M2PA is running in professionally managed corporate or service provider network, it is reasonable to expect that this network includes an appropriate security policy framework. The "Site Security Handbook" [RFC2196] SHOULD be consulted for guidance. |
2005-02-14
|
13 | Sam Hartman | [Ballot Position Update] New position, Discuss, has been recorded for Sam Hartman by Sam Hartman |
2004-10-15
|
13 | (System) | Removed from agenda for telechat - 2004-10-14 |
2004-10-07
|
13 | Jon Peterson | Placed on agenda for telechat - 2004-10-14 by Jon Peterson |
2004-09-10
|
13 | Steven Bellovin | [Ballot discuss] There are a number of places (4.1.2 stands out) where there are SHOULDs that seem like they should be MUSTs. There is no … [Ballot discuss] There are a number of places (4.1.2 stands out) where there are SHOULDs that seem like they should be MUSTs. There is no guidance on when one might not want to follow the advice. For example, the draft says: It is necessary for at least one of the endpoints to be listening on the port on which the other endpoint is trying to establish the association. Therefore, at least one of the port numbers SHOULD be the M2PA registered port. But that's the normal procedure for any client-server protocol. Why is that specified explicitly here? I agree that implementations can do things differently if they wish -- is there something more that I'm missing here? 4.1.2 says "it is RECOMMENDED that each endpoint know the IP address (or IP addresses, if multi-homing is used) and port number of both endpoints." This needs to be clarified somewhat, in light of the text in [Security] -- each party MUST know the cryptographic identity of its authorized peers. This may or may not be an IP address. The assertion about professionally managed networks is, in fact, quite an assumption, and one that probably doesn't belong in this document. What could be said, instead, is a list of conditions that, if true, could justify not turning on m2pa security. |
2004-09-09
|
13 | Jon Peterson | Placed on agenda for telechat - 2004-09-16 by Jon Peterson |
2004-08-30
|
13 | Steven Bellovin | [Ballot discuss] For that matter, I'm wondering if there's enough detail on SCTP. How many streams should be created? (I see an implicit requirement for … [Ballot discuss] For that matter, I'm wondering if there's enough detail on SCTP. How many streams should be created? (I see an implicit requirement for at least two. Is that enough? Are more supported?) Can unordered delivery be used? There are several statements about SCTP providing reliable delivery, so I'd guess not -- but it never says so. How are SCTP exceptional conditions dealt with, such as an unexpected shutdown or an ABORT or any of the odder things listed in Section 10.2 of RFC 2960? Section 4.1.2 of this document shows multiple SCTP connections between multiple pairs of IP addresses; can SCTP's multihoming be used as well? Again, I think that the information is there, but hard to find. I suggest that a section on SCTP interfacing be added. (There's currently a subsection, but it only discusses slow start issues.) There are a number of places (4.1.2 stands out) where there are SHOULDs that seem like they should be MUSTs. But no alternatives are given, or is there any guidance on when one might not want to follow the advice. For example, 4.1.2 says "it is RECOMMENDED that each endpoint know the IP address (or IP addresses, if multi-homing is used) and port number of both endpoints." It's rather hard to see how the two ends can communicate if they don't know each other's IP address. (Knowing the remote end's IP address -- or certificate, or *some* sort of IPsec identity -- is also a security issue.) Is this intended to suggest that the DNS not be used? I'm puzzled. The assertion about professionally managed networks is, in fact, quite an assumption, and one that probably doesn't belong in this document. What could be said, instead, is a list of conditions that, if true, could justify not turning on m2pa security. |
2004-08-30
|
13 | Steven Bellovin | [Ballot comment] Except for this sentence: The description of how to use IPsec is inadequate. my DISCUSS issues have not been … [Ballot comment] Except for this sentence: The description of how to use IPsec is inadequate. my DISCUSS issues have not been addressed at all. My DISCUSS stands. |
2004-08-26
|
13 | Jon Peterson | Placed on agenda for telechat - 2004-09-02 by Jon Peterson |
2004-08-19
|
13 | Harald Alvestrand | [Ballot comment] Reviewed by John Loughney, Gen-ART (both at -11 and -12). His comment (excerpted): I worked with the author to resolve the DISCUSSes on … [Ballot comment] Reviewed by John Loughney, Gen-ART (both at -11 and -12). His comment (excerpted): I worked with the author to resolve the DISCUSSes on this. I don't see any reason to hold this draft up any longer. |
2004-08-19
|
13 | Harald Alvestrand | [Ballot comment] Reviewed by John Loughney, Gen-ART His comment (excerpted): I worked with the author to resolve the DISCUSSes on this. I don't see any … [Ballot comment] Reviewed by John Loughney, Gen-ART His comment (excerpted): I worked with the author to resolve the DISCUSSes on this. I don't see any reason to hold this draft up any longer. |
2004-08-18
|
13 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner |
2004-08-12
|
13 | Jon Peterson | Placed on agenda for telechat - 2004-08-19 by Jon Peterson |
2004-08-12
|
13 | Jon Peterson | [Note]: 'Returning item to clear discuss' added by Jon Peterson |
2004-06-17
|
13 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2004-06-17
|
12 | (System) | New version available: draft-ietf-sigtran-m2pa-12.txt |
2004-05-19
|
13 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss by Russ Housley |
2004-04-29
|
13 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
2004-04-29
|
13 | Thomas Narten | [Ballot Position Update] New position, No Objection, has been recorded for Thomas Narten by Thomas Narten |
2004-04-29
|
13 | Bert Wijnen | [Ballot comment] Missing IPR statements: $ idnits <drafts/draft-ietf-sigtran-m2pa-11.txt idnits 1.26, (21 Apr 2004) The document seems to use RFC 2026 boilerplate... The document seems to … [Ballot comment] Missing IPR statements: $ idnits <drafts/draft-ietf-sigtran-m2pa-11.txt idnits 1.26, (21 Apr 2004) The document seems to use RFC 2026 boilerplate... The document seems to lack an 2026 Section 10.4(C) Copyright Notice The document seems to lack an RFC 2026 Section 10.4(C) Permission Grants Notice The document seems to lack an RFC 2026 Section 10.4(C) Disclaimer |
2004-04-29
|
13 | Bert Wijnen | [Ballot Position Update] New position, No Objection, has been recorded for Bert Wijnen by Bert Wijnen |
2004-04-29
|
13 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
2004-04-29
|
13 | Alex Zinin | [Ballot Position Update] New position, No Objection, has been recorded for Alex Zinin by Alex Zinin |
2004-04-28
|
13 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens |
2004-04-28
|
13 | Allison Mankin | [Ballot Position Update] New position, No Objection, has been recorded for Allison Mankin by Allison Mankin |
2004-04-28
|
13 | Harald Alvestrand | [Ballot comment] Reviewed by John Loughney, Gen-ART Some points from his review: 2) Security section seems a bit off. I don't know about the … [Ballot comment] Reviewed by John Loughney, Gen-ART Some points from his review: 2) Security section seems a bit off. I don't know about the M2PA usage scenarios - if it is interoperator or intraoperator. If it is solely within an operator, perhaps "Site Security Handbook" is enough. However, in general, I guess some text talking more about threats & how the protocol is used would be more helpful. My guess is that this kind of signaling is high-value, so that if it gets knocked-out, there will be problems. 3) The folloing section could probably be removed, I am unsure how it relates to this protocol. 6.2 Protecting Confidentiality Particularly for wireless users, the requirement for confidentiality MAY include the masking of IP addresses and ports. In this case application-level encryption is not sufficient. IPSec ESP SHOULD be used instead [RFC2401]. Regardless of which level performs the encryption, the IPSec ISAKMP service SHOULD be used for key management. 4) The (and TCP) should probably be removed, as there is no mention of TCP usage elsewhere. Or better, it could say "TCP port 3565 is reserved for this protocol in case a definition for TCP is created later". 7.1 SCTP Payload Protocol Identifier The SCTP (and TCP) Registered User Port Number Assignment for M2PA is 3565. 6) "SS7 MTP2" should be spelled out in the document title. |
2004-04-28
|
13 | Harald Alvestrand | [Ballot Position Update] New position, No Objection, has been recorded for Harald Alvestrand by Harald Alvestrand |
2004-04-27
|
13 | Russ Housley | [Ballot discuss] Section 6.2 ought to point to IKE, not ISAKMP, for key management for IPsec. Further, a normative reference is needed. |
2004-04-27
|
13 | Russ Housley | [Ballot discuss] Section 6.2 ought to point to IKE, not ISAKMP, for key management for IPsec. Further, a normative reference is needed. |
2004-04-27
|
13 | Russ Housley | [Ballot Position Update] New position, Discuss, has been recorded for Russ Housley by Russ Housley |
2004-04-27
|
13 | Steven Bellovin | [Ballot discuss] The description of how to use IPsec is inadequate. For that matter, I'm wondering if there's enough detail on SCTP. How many streams … [Ballot discuss] The description of how to use IPsec is inadequate. For that matter, I'm wondering if there's enough detail on SCTP. How many streams should be created? (I see an implicit requirement for at least two. Is that enough? Are more supported?) Can unordered delivery be used? There are several statements about SCTP providing reliable delivery, so I'd guess not -- but it never says so. How are SCTP exceptional conditions dealt with, such as an unexpected shutdown or an ABORT or any of the odder things listed in Section 10.2 of RFC 2960? Section 4.1.2 of this document shows multiple SCTP connections between multiple pairs of IP addresses; can SCTP's multihoming be used as well? Again, I think that the information is there, but hard to find. I suggest that a section on SCTP interfacing be added. (There's currently a subsection, but it only discusses slow start issues.) There are a number of places (4.1.2 stands out) where there are SHOULDs that seem like they should be MUSTs. But no alternatives are given, or is there any guidance on when one might not want to follow the advice. For example, 4.1.2 says "it is RECOMMENDED that each endpoint know the IP address (or IP addresses, if multi-homing is used) and port number of both endpoints." It's rather hard to see how the two ends can communicate if they don't know each other's IP address. (Knowing the remote end's IP address -- or certificate, or *some* sort of IPsec identity -- is also a security issue.) Is this intended to suggest that the DNS not be used? I'm puzzled. Similarly, the statement in 6.2 that "the IPSec ISAKMP service SHOULD be used" is quite vague. (The assertion about professionally managed networks is, in fact, quite an assumption, and one that probably doesn't belong in this document. What could be said, instead, is a list of conditions that, if true, could justify not turning on m2pa security.) |
2004-04-27
|
13 | Steven Bellovin | [Ballot discuss] The description of how to use IPsec is inadequate. For that matter, I'm wondering if there's enough detail on SCTP. How many streams … [Ballot discuss] The description of how to use IPsec is inadequate. For that matter, I'm wondering if there's enough detail on SCTP. How many streams should be created? (I see an implicit requirement for at least two. Is that enough? Are more supported?) Can unordered delivery be used? There are several statements about SCTP providing reliable delivery, so I'd guess not -- but it never says so. How are SCTP exceptional conditions dealt with, such as an unexpected shutdown or an ABORT or any of the odder things listed in Section 10.2 of RFC 2960? Section 4.1.2 of this document shows multiple SCTP connections between multiple pairs of IP addresses; can SCTP's multihoming be used as well? Again, I think that the information is there, but hard to find. I suggest that a section on SCTP interfacing be added. (There's currently a subsection, but it only discusses slow start issues.) There are a number of places (4.1.2 stands out) where there are SHOULDs that seem like they should be MUSTs. But no alternatives are given, or is there any guidance on when one might not want to follow the advice. For example, 4.1.2 says "it is RECOMMENDED that each endpoint know the IP address (or IP addresses, if multi-homing is used) and port number of both endpoints." It's rather hard to see how the two ends can communicate if they don't know each other's IP address. (Knowing the remote end's IP address -- or certificate, or *some* sort of IPsec identity -- is also a security issue.) Is this intended to suggest that the DNS not be used? I'm puzzled. Similarly, the statement in 6.2 that "the IPSec ISAKMP service SHOULD be used" is quite vague. (The assertion about professionally managed networks is, in fact, quite an assumption, and one that probably doesn't belong in this document. What could be said, instead, is a list of conditions that, if true, could justify not turning on m2pa security.) |
2004-04-27
|
13 | Steven Bellovin | [Ballot Position Update] New position, Discuss, has been recorded for Steve Bellovin by Steve Bellovin |
2004-04-27
|
13 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
2004-04-27
|
13 | Scott Hollenbeck | [Ballot Position Update] New position, No Objection, has been recorded for Scott Hollenbeck by Scott Hollenbeck |
2004-04-26
|
13 | Amy Vezza | State Changes to IESG Evaluation from Waiting for Writeup by Amy Vezza |
2004-04-21
|
13 | Jon Peterson | Placed on agenda for telechat - 2004-04-29 by Jon Peterson |
2004-04-21
|
13 | Jon Peterson | [Ballot Position Update] New position, Yes, has been recorded for Jon Peterson |
2004-04-21
|
13 | Jon Peterson | Ballot has been issued by Jon Peterson |
2004-04-21
|
13 | Jon Peterson | Created "Approve" ballot |
2004-04-14
|
13 | (System) | State has been changed to Waiting for Writeup from In Last Call by system |
2004-03-31
|
13 | Amy Vezza | Last call sent |
2004-03-31
|
13 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
2004-03-30
|
13 | Jon Peterson | Last Call was requested by Jon Peterson |
2004-03-30
|
13 | Jon Peterson | State Changes to Last Call Requested from AD Evaluation::Revised ID Needed by Jon Peterson |
2004-03-30
|
13 | (System) | Ballot writeup text was added |
2004-03-30
|
13 | (System) | Last call text was added |
2004-03-30
|
13 | (System) | Ballot approval text was added |
2004-03-07
|
(System) | Posted related IPR disclosure: ECI Telecom's Statement about IPR claimed in draft-ietf-sigtran-m2pa | |
2004-02-02
|
11 | (System) | New version available: draft-ietf-sigtran-m2pa-11.txt |
2004-01-19
|
13 | Jon Peterson | State Changes to AD Evaluation::Revised ID Needed from AD Evaluation by Jon Peterson |
2004-01-06
|
13 | Jon Peterson | State Changes to AD Evaluation from Publication Requested by Jon Peterson |
2003-10-24
|
13 | Dinara Suleymanova | State Changes to Publication Requested from AD is watching by Dinara Suleymanova |
2003-10-24
|
13 | Dinara Suleymanova | Intended Status has been changed to Proposed Standard from None |
2003-10-16
|
10 | (System) | New version available: draft-ietf-sigtran-m2pa-10.txt |
2003-07-01
|
09 | (System) | New version available: draft-ietf-sigtran-m2pa-09.txt |
2003-04-23
|
08 | (System) | New version available: draft-ietf-sigtran-m2pa-08.txt |
2003-03-29
|
13 | Jon Peterson | Shepherding AD has been changed to Peterson, Jon from Bradner, Scott |
2003-01-20
|
07 | (System) | New version available: draft-ietf-sigtran-m2pa-07.txt |
2002-08-29
|
06 | (System) | New version available: draft-ietf-sigtran-m2pa-06.txt |
2002-05-06
|
05 | (System) | New version available: draft-ietf-sigtran-m2pa-05.txt |
2002-05-03
|
13 | Scott Bradner | 2002-05-03 - from Lyndon Ong expect to complete before Yokohama (no major issues) |
2002-05-03
|
13 | Scott Bradner | A new comment added by sob |
2002-04-27
|
13 | Scott Bradner | Draft Added by Scott Bradner |
2002-03-01
|
04 | (System) | New version available: draft-ietf-sigtran-m2pa-04.txt |
2001-07-24
|
03 | (System) | New version available: draft-ietf-sigtran-m2pa-03.txt |
2001-03-02
|
02 | (System) | New version available: draft-ietf-sigtran-m2pa-02.txt |
2000-11-28
|
01 | (System) | New version available: draft-ietf-sigtran-m2pa-01.txt |
2000-11-09
|
00 | (System) | New version available: draft-ietf-sigtran-m2pa-00.txt |