Count me.
I remember there was an initial individual submission from Glen
and me regarding end to end security topic.
unfortunetely not finished due to lacking energy in the last year .
This may serve as a good input to this topic although more input
are needed.
Sent: Friday, January 13, 2012 2:14 PM
Subject: Re: [Dime] WG Review: Recharter of
Diameter Maintenance andExtensions (dime)
Thanks, Glen! Can we see (at least) a couple of more hands
from people willing to participate in the editing of this
document?
Dan
-----Original Message-----
From: Glen
Zorn [mailto:glenzorn@xxxxxxxxx]
Sent: Fri
1/13/2012 5:34 AM
To: Romascanu, Dan (Dan)
Cc: Stephen Farrell; jouni
korhonen; jouni.korhonen@xxxxxxx;
lionel.morand@xxxxxxxxxxxxxxxxxx;
dime@xxxxxxxx; IETF-Discussion; iesg@xxxxxxxx
Subject: Re: [Dime] WG
Review: Recharter of Diameter Maintenance and Extensions (dime)
On
1/12/2012 7:15 PM, Romascanu, Dan (Dan) wrote:
> Hi,
>
> If
a number of hands were raised now and the folks commanding them say
>
'we are ready to work on this NOW' I would support including explicit
>
wording in the charter.
Consider my hand raised.
If this does
not happen until the telechat next
> week the current text is good
enough to allow interested people to start
> working on contributions
that can be individual submissions. If these
> submissions are
consistent enough the WG can add the milestone later in
> the charter
and adopt the submissions as WG items.
>
>
Dan
>
>
>
>
>
>> -----Original
Message-----
>> From: iesg-bounces@xxxxxxxx [mailto:iesg-bounces@xxxxxxxx] On
Behalf
> Of
>> Stephen Farrell
>> Sent: Thursday,
January 12, 2012 2:13 PM
>> To: jouni korhonen
>> Cc:
jouni.korhonen@xxxxxxx; lionel.morand@xxxxxxxxxxxxxxxxxx;
>>
dime@xxxxxxxx; IETF-Discussion; iesg@xxxxxxxx
>> Subject: Re: WG
Review: Recharter of Diameter Maintenance and
>> Extensions
(dime)
>>
>>
>> Hi Jouni,
>>
>>
Right, I'm trying to encourage this - I'm not trying
>> to make it a
gating function for the recharter. Its
>> still worth doing though if
we can find some victims
>> with enough
energy:-)
>>
>> I agree that the current charter text might
not need
>> to be modified, OTOH, if there were folks who wanted
to
>> do the work, a milestone might be good. I also
agree
>> that as of now, that addition is not
warranted.
>>
>> Cheers,
>>
S
>>
>> On 01/12/2012 12:08 PM, jouni korhonen
wrote:
>>>
>>>
Stephen,
>>>
>>> This topic raises its head every now
and then when a Dime
>>> document arrives at IESG ;) Apart from
that there has been
>>> very little serious public discussion
about it recently,
>>> for some unknown reason to me. A detail
worth pointing out
>>> is that the support for the End-to-End
security framework
>>> (E2E-Sequence AVP and 'P'-bit in the AVP
header) has been
>>> deprecated in RFC3588bis (now in IESG). So we
are "free"
>>> to start from
scratch.
>>>
>>> If there is enough serious energy and
vision for pursuing
>>> end-to-end security, I do not see current
proposed charter
>>> text prohibiting
it:
>>>
>>> "- Maintaining and/or progressing, along
the standards track, the
>>> Diameter Base
protocol and Diameter Applications. This
includes
>>> extensions to Diameter Base
protocol that can be considered as
>>>
enhanced features or bug fixes."
>>>
>>> I would argue
the end-to-end security is an enhanced feature for
>>> Diameter
base protocol that fixes a serious bug/flaw in security.
>>> On
the other hand, if an explicit note is needed about this topic
>>>
in the charter, I might hesitate to include such in this
round.
>>> I would first like to see some concrete
movement& work around
>>> this
topic.
>>>
>>> -
Jouni
>>>
>>>
>>>
>>> On Jan
11, 2012, at 7:31 PM, Stephen Farrell
wrote:
>>>
>>>>
>>>>
Hi,
>>>>
>>>> During the IESG internal review of
this I asked whether
>>>> or not there was interest in trying
to tackle end to
>>>> end security for AVPs. I do know there is
at least some
>>>> interest in that but its not clear there's
enough to
>>>> warrant including it in the re-charter so I said
I'd
>>>> ask when the recharter went out for
review...
>>>>
>>>> So - anyone interested in
DIME solving that problem?
>>>> (And willing and able to help
do the work of course.)
>>>>
>>>> As of now,
Diameter really only has hop-by-hop security
>>>> which is ok
in many cases but far from ideal (wearing
>>>> my security hat)
in some.
>>>>
>>>> Thanks,
>>>>
Stephen.
>>>>
>>>> On 01/11/2012 04:37 PM, IESG
Secretary wrote:
>>>>> A modified charter has been submitted
for the Diameter Maintenance
>> and
>>>>>
Extensions (dime) working group in the Operations and Management
>>
Area of
>>>>> the IETF. The IESG has not made any
determination as yet. The
>> modified
>>>>>
charter is provided below for informational purposes only.
Please
>> send
>>>>> your comments to the IESG
mailing list (iesg@xxxxxxxx) by
>> Wednesday,
>>>>>
January 18, 2012.
>>>>>
>>>>> Diameter
Maintenance and Extensions (dime)
>>>>>
-----------------------------------------
>>>>> Current
Status: Active
>>>>>
>>>>> Last Modified:
2012-01-10
>>>>>
>>>>>
Chairs:
>>>>> Lionel
Morand<lionel.morand@xxxxxxxxxxxxxxxxxx>
>>>>>
Jouni
Korhonen<jouni.korhonen@xxxxxxx>
>>>>>
>>>>>
Operations and Management Area
Directors:
>>>>> Dan
Romascanu<dromasca@xxxxxxxxx>
>>>>>
Ronald
Bonica<rbonica@xxxxxxxxxxx>
>>>>>
>>>>>
Operations and Management Area
Advisor:
>>>>> Dan
Romascanu<dromasca@xxxxxxxxx>
>>>>>
>>>>>
Mailing Lists:
>>>>> General
Discussion:
dime@xxxxxxxx
>>>>> To
Subscribe:
> https://www.ietf.org/mailman/listinfo/dime
>>>>>
Archive:
>>>>> http://www.ietf.org/mail-archive/web/dime/current/maillist.html
>>>>>
>>>>>
Description of Working Group:
>>>>>
>>>>>
The Diameter Maintenance and Extensions WG will focus on
>>
maintenance and
>>>>> extensions to the Diameter protocol
required to enable its use for
>>>>> authentication,
authorization, accounting, charging in network
>>
access,
>>>>> provisioning of configuration information
within the network, and
>> for
>>>>> new AAA
session management uses within the extensibility rules of
>>
the
>>>>> Diameter base
protocol.
>>>>>
>>>>> The DIME working
group plans to address the following
items:
>>>>>
>>>>> - Maintaining and/or
progressing, along the standards track, the
>>>>> Diameter
Base protocol and Diameter Applications. This includes
>>>>>
extensions to Diameter Base protocol that can be considered as
>>
enhanced
>>>>> features or bug
fixes.
>>>>>
>>>>> - Diameter application
design guideline. This document will
> provide
>>>>>
guidelines for design of Diameter extensions. It will detail when
>>
to
>>>>> consider reusing an existing application and when
to develop a new
>>>>>
application.
>>>>>
>>>>> - Protocol
extensions for the management of Diameter entities.
> This
>>
work
>>>>> focuses on the standardization of Management
Information Bases
>> (MIBs) to
>>>>> configure
Diameter entities (such as the Diameter Base protocol
or
>>>>> Diameter Credit Control nodes). The usage of other
management
>> protocols
>>>>> for configuring
Diameter entities may be future work within the
>>
group.
>>>>>
>>>>> - Protocol extensions
for bulk and grouped AAA session management.
>>
The
>>>>> aim of this work is to study and standardize a
solution for
>> handling
>>>>> groups of AAA
sessions within the Diameter base protocol context.
>>
The
>>>>> solution would define how to identify and handle
grouped AAA
>> sessions in
>>>>> commands and
operations.
>>>>>
>>>>> Additionally,
Diameter-based systems require interoperability in
>>
order
>>>>> to work. The working group, along with the AD,
will need to
>> evaluate any
>>>>> potential
extensions and require verification that the proposed
>>>>>
extension is needed, and is within the extensibility rules of
>>
Diameter
>>>>> and AAA scope. Coordination with other IETF
working groups and
>> other
>>>>> SDOs (e.g. 3GPP)
will be used to ensure this.
>>>>>
>>>>>
Goals and Milestones:
>>>>>
>>>>>
Done - Submit the following two Diameter Mobility
documents to
>>
the
>>>>>
IESG for consideration as a Proposed Standards:*
>>
'Diameter
>>>>>
Mobile IPv6: Support for Home Agent to Diameter
Server
>>>>>
Interaction' * 'Diameter Mobile IPv6: Support for
>>
Network
>>>>>
Access Server to Diameter Server Interaction'
>>>>>
Done - Submit 'Diameter API' to the IESG for
consideration as
>>
an
>>>>>
Informational RFC
>>>>> Done -
Submit 'Quality of Service Parameters for Usage
with
>>>>>
Diameter' to the IESG for consideration as a
Proposed
>>>>>
Standard.
>>>>> Done - Submit
'Diameter QoS Application' to the IESG
for
>>>>>
consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter Support for EAP
Re-authentication
>>>>>
Protocol' as DIME working group item
>>>>>
Done - Submit 'Diameter User-Name and Realm Based
Request
>>
Routing
>>>>>
Clarifications' as DIME working group item
>>>>>
Done - Submit 'Diameter Proxy Mobile IPv6' as DIME
working
>>
group
>>>>>
item
>>>>> Done - Submit 'Quality of
Service Attributes for Diameter' to
>>
the
>>>>>
IESG for consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter Proxy Mobile IPv6' to the IESG
for
>>>>>
consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter User-Name and Realm Based
Request
>>
Routing
>>>>>
Clarifications' to the IESG for consideration as a
>>
Proposed
>>>>>
Standard
>>>>> Done - Submit
'Diameter NAT Control Application' as DIME
>>
working
>>>>>
group item
>>>>> Done - Submit
'Diameter Capabilities Update' as DIME working
>>
group
>>>>>
item
>>>>> Done - Submit 'Diameter
Credit Control Application MIB' to
the
>>>>>
IESG for consideration as an Informational RFC
>>>>>
Done - Submit 'Diameter Base Protocol MIB' to the IESG
for
>>>>>
consideration as an Informational RFC
>>>>>
Done - Submit 'Diameter Capabilities Update' to the
IESG
for
>>>>>
consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter Extended NAPTR' as DIME
working group
>> item
>>>>>
Done - Submit 'Realm-Based Redirection In Diameter' as
DIME
>>>>>
working group item
>>>>> Done -
Submit 'Diameter Support for Proxy Mobile IPv6
>
Localized
>>>>>
Routing' as DIME working group item
>>>>>
Done - Submit 'Diameter Attribute-Value Pairs
for
>
Cryptographic
>>>>>
Key Transport' as DIME working group item
>>>>>
Done - Submit 'Diameter Priority Attribute Value
Pairs' as
>
DIME
>>>>>
working group item
>>>>> Done -
Submit 'Diameter IKEv2 PSK' as DIME working group item
>>>>>
Done - Submit Revision of 'Diameter Base Protocol' to
the IESG
>>
for
>>>>>
consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter Attribute-Value Pairs
for
>
Cryptographic
>>>>>
Key Transport' to the IESG for consideration as a
>>
Proposed
>>>>>
Standard
>>>>> Done - Submit
'Diameter Priority Attribute Value Pairs' to
the
>>>>>
IESG for consideration as a Proposed Standard
>>>>>
Done - Submit Revision of 'Diameter Network Access
Server
>>>>>
Application - RFC 4005bis' as DIME working group item
>>>>>
Done - Submit 'Diameter NAT Control Application' to
the IESG
>>
for
>>>>>
consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter IKEv2 PSK' to the IESG
for
>>
consideration
>>>>>
as a Proposed Standard
>>>>> Done -
Submit 'Diameter Extended NAPTR' to the IESG
for
>>>>>
consideration as a Proposed Standard
>>>>>
Done - Submit 'Diameter Support for Proxy Mobile
IPv6
>
Localized
>>>>>
Routing' to the IESG for consideration as a Proposed
>>>>>
Mar 2012 - Submit 'Realm-Based Redirection In Diameter' to the
>
IESG
>>>>>
for consideration as a Proposed Standard
>>>>> Mar 2012 -
Submit Revision of 'Diameter Network Access
Server
>>>>>
Application - RFC 4005bis' to the IESG for
>> consideration as
a
>>>>>
Proposed Standard
>>>>> May 2012 - Submit 'Diameter
Application Design Guidelines' to the
>>
IESG
>>>>>
for consideration as a BCP document Standard
>>>>> Jul 2012
- Submit 'Diameter Support for EAP
Re-authentication
>>>>>
Protocol' to the IESG for consideration as a
Proposed
>>>>>
Standard
>>>>> Aug 2012 - Submit a document on 'Protocol
extension for bulk and
>>
group
>>>>>
signaling' as a working group item
>>>>> Aug 2013 - Submit a
document on 'Protocol extension for bulk and
>>
group
>>>>>
signaling' to the IESG for consideration as a
Proposed
>>>>>
Standard
>>>>>
_______________________________________________
>>>>>
IETF-Announce mailing list
>>>>>
IETF-Announce@xxxxxxxx
>>>>> https://www.ietf.org/mailman/listinfo/ietf-announce
>>>>>
>>>>
_______________________________________________
>>>> Ietf
mailing list
>>>> Ietf@xxxxxxxx
>>>> https://www.ietf.org/mailman/listinfo/ietf
>>>
>
_______________________________________________
> DiME mailing
list
> DiME@xxxxxxxx
> https://www.ietf.org/mailman/listinfo/dime
_______________________________________________
DiME mailing
list
DiME@xxxxxxxx
https://www.ietf.org/mailman/listinfo/dime