1 / 7

RSVP Security Properties ( draft-ietf-nsis-rsvp-sec-properties-02.txt )

Author: Hannes Tschofenig . RSVP Security Properties ( draft-ietf-nsis-rsvp-sec-properties-02.txt ). Update. Based on comments i removed IPsec handling from Section 4 (“Detailed Security Properties Discussion”) Reason:

kurt
Download Presentation

RSVP Security Properties ( draft-ietf-nsis-rsvp-sec-properties-02.txt )

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Author: Hannes Tschofenig RSVP Security Properties(draft-ietf-nsis-rsvp-sec-properties-02.txt)

  2. Update • Based on comments i removed IPsec handling from Section 4 (“Detailed Security Properties Discussion”) • Reason: IPsec handling is not the suggested RSVP security mechanism (only some RFCs briefly mention the usage of IPsec) • Section 5 (Miscellaneous Issues) still covers IPsec handling

  3. Update • Appendix A on “Dictionary Attacks and Kerberos” shortened • Additionally some typos and grammar problems have been fixed. • RSVP security literature briefly mentioned in Appendix C. • Draft is therefore shorter BUT ...

  4. What is still missing? • Multicast issues not covered in detail • It seems that there is a lack of interest in multicast handling in general! • Should it be skipped? • I started to add some references/short description to other RSVP related security activities • Is this helpful? • Biggest Issue: Authorization / User Identity Representation

  5. Authorization / User Identity Representation • Currently the drafts does not describe too much about authorization. • Reason 1: The topic is fairly large. • draft-tschofenig-nsis-qos-authz-issues-00.txt • draft-tschofenig-nsis-aaa-issues-01.txt • Analysis of Mobile IP and RSVP Interactions (M. Thomas) • Accounting and Access Control for Multicast Distributions: Models and Mechanisms • etc.

  6. Authorization / User Identity Representation • Reason 2: An analysis is difficult. • RSVP related RFCs do not go into the details. • What is the expected behavior? • Comparison only useful if this behavior can be compared against the currently available mechanisms. • Big difference in the expected behavior. Something should be covered in the draft – but what?

  7. Next Steps • Incorporate comments.

More Related