Re: WG Review: Recharter of Diameter Maintenance and Extensions (dime)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Hi Jouni,

Right, I'm trying to encourage this - I'm not trying
to make it a gating function for the recharter. Its
still worth doing though if we can find some victims
with enough energy:-)

I agree that the current charter text might not need
to be modified, OTOH, if there were folks who wanted to
do the work, a milestone might be good. I also agree
that as of now, that addition is not warranted.

Cheers,
S

On 01/12/2012 12:08 PM, jouni korhonen wrote:

Stephen,

This topic raises its head every now and then when a Dime
document arrives at IESG ;) Apart from that there has been
very little serious public discussion about it recently,
for some unknown reason to me. A detail worth pointing out
is that the support for the End-to-End security framework
(E2E-Sequence AVP and 'P'-bit in the AVP header) has been
deprecated in RFC3588bis (now in IESG). So we are "free"
to start from scratch.

If there is enough serious energy and vision for pursuing
end-to-end security, I do not see current proposed charter
text prohibiting it:

"- Maintaining and/or progressing, along the standards track, the
    Diameter Base protocol and Diameter Applications. This includes
    extensions to Diameter Base protocol that can be considered as
    enhanced features or bug fixes."

I would argue the end-to-end security is an enhanced feature for
Diameter base protocol that fixes a serious bug/flaw in security.
On the other hand, if an explicit note is needed about this topic
in the charter, I might hesitate to include such in this round.
I would first like to see some concrete movement&  work around
this topic.

- Jouni



On Jan 11, 2012, at 7:31 PM, Stephen Farrell wrote:


Hi,

During the IESG internal review of this I asked whether
or not there was interest in trying to tackle end to
end security for AVPs. I do know there is at least some
interest in that but its not clear there's enough to
warrant including it in the re-charter so I said I'd
ask when the recharter went out for review...

So - anyone interested in DIME solving that problem?
(And willing and able to help do the work of course.)

As of now, Diameter really only has hop-by-hop security
which is ok in many cases but far from ideal (wearing
my security hat) in some.

Thanks,
Stephen.

On 01/11/2012 04:37 PM, IESG Secretary wrote:
A modified charter has been submitted for the Diameter Maintenance and
Extensions (dime) working group in the Operations and Management Area of
the IETF.  The IESG has not made any determination as yet.  The modified
charter is provided below for informational purposes only.  Please send
your comments to the IESG mailing list (iesg@xxxxxxxx) by Wednesday,
January 18, 2012.

Diameter Maintenance and Extensions (dime)
-----------------------------------------
Current Status: Active

Last Modified: 2012-01-10

Chairs:
     Lionel Morand<lionel.morand@xxxxxxxxxxxxxxxxxx>
     Jouni Korhonen<jouni.korhonen@xxxxxxx>

Operations and Management Area Directors:
     Dan Romascanu<dromasca@xxxxxxxxx>
     Ronald Bonica<rbonica@xxxxxxxxxxx>

Operations and Management Area Advisor:
     Dan Romascanu<dromasca@xxxxxxxxx>

Mailing Lists:
     General Discussion: dime@xxxxxxxx
     To Subscribe:       https://www.ietf.org/mailman/listinfo/dime
     Archive:
http://www.ietf.org/mail-archive/web/dime/current/maillist.html

Description of Working Group:

The Diameter Maintenance and Extensions WG will focus on maintenance and
extensions to the Diameter protocol required to enable its use for
authentication, authorization, accounting, charging in network access,
provisioning of configuration information within the network, and for
new AAA session management uses within the extensibility rules of the
Diameter base protocol.

The DIME working group plans to address the following items:

- Maintaining and/or progressing, along the standards track, the
Diameter Base protocol and Diameter Applications. This includes
extensions to Diameter Base protocol that can be considered as enhanced
features or bug fixes.

- Diameter application design guideline. This document will provide
guidelines for design of Diameter extensions. It will detail when to
consider reusing an existing application and when to develop a new
application.

- Protocol extensions for the management of Diameter entities. This work
focuses on the standardization of Management Information Bases (MIBs) to
configure Diameter entities (such as the Diameter Base protocol or
Diameter Credit Control nodes). The usage of other management protocols
for configuring Diameter entities may be future work within the group.

- Protocol extensions for bulk and grouped AAA session management. The
aim of this work is to study and standardize a solution for handling
groups of AAA sessions within the Diameter base protocol context. The
solution would define how to identify and handle grouped AAA sessions in
commands and operations.

Additionally, Diameter-based systems require interoperability in order
to work. The working group, along with the AD, will need to evaluate any
potential extensions and require verification that the proposed
extension is needed, and is within the extensibility rules of Diameter
and AAA scope. Coordination with other IETF working groups and other
SDOs (e.g. 3GPP) will be used to ensure this.

Goals and Milestones:

Done     - Submit the following two Diameter Mobility documents to the
            IESG for consideration as a Proposed Standards:* 'Diameter
            Mobile IPv6: Support for Home Agent to Diameter Server
            Interaction' * 'Diameter Mobile IPv6: Support for Network
            Access Server to Diameter Server Interaction'
Done     - Submit 'Diameter API' to the IESG for consideration as an
            Informational RFC
Done     - Submit 'Quality of Service Parameters for Usage with
            Diameter' to the IESG for consideration as a Proposed
            Standard.
Done     - Submit 'Diameter QoS Application' to the IESG for
            consideration as a Proposed Standard
Done     - Submit 'Diameter Support for EAP Re-authentication
            Protocol' as DIME working group item
Done     - Submit 'Diameter User-Name and Realm Based Request Routing
            Clarifications' as DIME working group item
Done     - Submit 'Diameter Proxy Mobile IPv6' as DIME working group
            item
Done     - Submit 'Quality of Service Attributes for Diameter' to the
            IESG for consideration as a Proposed Standard
Done     - Submit 'Diameter Proxy Mobile IPv6' to the IESG for
            consideration as a Proposed Standard
Done     - Submit 'Diameter User-Name and Realm Based Request Routing
            Clarifications' to the IESG for consideration as a Proposed
            Standard
Done     - Submit 'Diameter NAT Control Application' as DIME working
            group item
Done     - Submit 'Diameter Capabilities Update' as DIME working group
            item
Done     - Submit 'Diameter Credit Control Application MIB' to the
            IESG for consideration as an Informational RFC
Done     - Submit 'Diameter Base Protocol MIB' to the IESG for
            consideration as an Informational RFC
Done     - Submit 'Diameter Capabilities Update' to the IESG for
            consideration as a Proposed Standard
Done     - Submit 'Diameter Extended NAPTR' as DIME working group item
Done     - Submit 'Realm-Based Redirection In Diameter' as DIME
            working group item
Done     - Submit 'Diameter Support for Proxy Mobile IPv6 Localized
            Routing' as DIME working group item
Done     - Submit 'Diameter Attribute-Value Pairs for Cryptographic
            Key Transport' as DIME working group item
Done     - Submit 'Diameter Priority Attribute Value Pairs' as DIME
            working group item
Done     - Submit 'Diameter IKEv2 PSK' as DIME working group item
Done     - Submit Revision of 'Diameter Base Protocol' to the IESG for
            consideration as a Proposed Standard
Done     - Submit 'Diameter Attribute-Value Pairs for Cryptographic
            Key Transport' to the IESG for consideration as a Proposed
            Standard
Done     - Submit 'Diameter Priority Attribute Value Pairs' to the
            IESG for consideration as a Proposed Standard
Done     - Submit Revision of 'Diameter Network Access Server
            Application - RFC 4005bis' as DIME working group item
Done     - Submit 'Diameter NAT Control Application' to the IESG for
            consideration as a Proposed Standard
Done     - Submit 'Diameter IKEv2 PSK' to the IESG for consideration
            as a Proposed Standard
Done     - Submit 'Diameter Extended NAPTR' to the IESG for
            consideration as a Proposed Standard
Done     - Submit 'Diameter Support for Proxy Mobile IPv6 Localized
            Routing' to the IESG for consideration as a Proposed
Mar 2012 - Submit 'Realm-Based Redirection In Diameter' to the IESG
            for consideration as a Proposed Standard
Mar 2012 - Submit Revision of 'Diameter Network Access Server
            Application - RFC 4005bis' to the IESG for consideration as a
            Proposed Standard
May 2012 - Submit 'Diameter Application Design Guidelines' to the IESG
            for consideration as a BCP document Standard
Jul 2012 - Submit 'Diameter Support for EAP Re-authentication
            Protocol' to the IESG for consideration as a Proposed
            Standard
Aug 2012 - Submit a document on 'Protocol extension for bulk and group
            signaling' as a working group item
Aug 2013 - Submit a document on 'Protocol extension for bulk and group
            signaling' to the IESG for consideration as a Proposed
            Standard
_______________________________________________
IETF-Announce mailing list
IETF-Announce@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf-announce

_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]