Transport Layer Security- based Mobile IPv6 Security Framework for MN Node to HA Communication IETF#80 MEXT WG, 1-April-2011 draft-ietf-mext-mip6-tls-00.

Slides:

Advertisements

Similar presentations

Mobile Communications-Network Protocols/Mobile IP

Advertisements

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

Mobile IPv6 趨勢介紹 1. Mobile IP and its Variants Mobile IPv4 (MIPv4) – MIPv4 – Low-Latency Handover for MIPv4 (FMIPv4) – Regional Registration for MIPv4.

IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT

1 Dual Stack Support in Mobile IPv6 for Hosts and Routers OR IPv4 traversal for Mobile IPv6 ! draft-ietf-mip6-nemo-v4traversal-00 H. Soliman, G. Tsirtsis,

1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.

IPv6: The Next Generation Internet Dipen Chauhan.

Basavaraj Patil IETF 78.  Implementation details: Implemented on Nokia N900 and Ubuntu 10, and Debian 5 linux variants TLS connection is established.

Controlling Traffic Offloading Using Neighbor Discovery Protocol IETF#80 Mif WG, 28-March-2011 draft-korhonen-mif-ra-offload-01 Jouni Korhonen Teemu Savolainen.

Host Identity Protocol

2002 년 2 학기이동인터넷프로토콜 1 Mobile IP:Overview 년 2 학기이동인터넷프로토콜 2 Mobile IP overview Is Mobile IP an official standard? What problems does Mobile IP solve?

Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt) Ashutosh Dutta, Telcordia.

Runtime LMA Assignment Support for Proxy Mobile IPv6 draft-ietf-netext-recirect-03 Jouni Korhonen, Sri Gundavelli, Hidetoshi Yokota, Xiangsong Cui IETF.

1 MIPv6 CN-Targeted Location Privacy and Optimized Routing draft-weniger-mobopts-mip6-cnlocpriv-01 IETF #68, Prague, March 2007.

1 IPFIX Protocol Specifications IPFIX IETF-59 March 3, 2004 Benoit Claise Mark Fullmer Reinaldo Penno Paul Calato Stewart Bryant Ganesh Sadasivan.

NEMO Requirements and Mailing List Discussions/Conclusions T.J. Kniveton - Nokia Pascal Thubert - Cisco IETF 54 – July 14, 2002 Yokohama, Japan.

Click to edit Master title style Click to add subtitle © 2008 Wichorus Inc. All rights reserved. CONFIDENTIAL - DO NOT DISTRIBUTE rfc3775bis Issues July.

NSIS IETF 56 MONDAY, March 17, 2003: Morning Session TUESDAY, March 18, 2003: Afternoon Sessions I.

DIME WG IETF 82 Dime WG Agenda & Status THURSDAY, November 17, 2011 Jouni Korhonen & Lionel Morand.

49th IETF - San Diego - 1 Mobile Networks Support in IPv6 - Draft Update draft-ernst-mobileip-v6-01.txt - Thierry Ernst - MOTOROLA Labs Ludovic Bellier.

1 Julien Laganier MEXT WG, IETF-79, Nov Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

CDB Chris Bonatti (IECA, Inc.) Tel: (+1) Proposed PKI4IPSEC Certificate Management Requirements Document IETF #59 – PKI4IPSEC Working.

21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx Title: IETF Liaison Report Date Submitted: July 19, 2007 Presented at.

TSVWG IETF-76 (Hiroshima) James Polk Gorry Fairhurst With an assist for this meeting from **Magnus Westerlund**

ALTO BOF Charter Discussion. Charter Iterated (twice) on the list  Several comments on the first version Terminology, caching  No complains on current.

Doc.: IEEE /0691r0 Submission May 2011 Dorothy Stanley, Aruba NetworksSlide 1 IEEE IETF Liaison Report Date: Authors:

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Thierry Ernst - MOTOROLA Labs / INRIA Ludovic Bellier - INRIA project PLANETE Claude Castelluccia - INRIA project PLANETE Hong-Yon Lach - MOTOROLA Labs.

1 Evaluation of PMIPv6 Base Multicast Support Drafts Stig Venaas Behcet Sarikaya November 2009 Multimob WG IETF 76.

Introduction to Mobile IPv6

07/03/ nd IETF – Minneapolis Mobile IPv6 WG meeting PF_KEY Extension as an Interface between Mobile IPv6 and IPsec/IKE Shinta Sugimoto Francis Dupont.

IETF-90 (Toronto) DHC WG Meeting Wednesday, July 23, GMT IETF-90 DHC WG1 Last Updated: 07/21/ :10 EDT.

Ασύρματες και Κινητές Επικοινωνίες Ενότητα # 10: Mobile Network Layer: Mobile IP Διδάσκων: Βασίλειος Σύρης Τμήμα: Πληροφορικής.

IPv6 WORKING GROUP (IPNGWG) December 2000 San Diego IETF Bob Hinden / Nokia Steve Deering / Cisco Systems Co-Chairs.

By Mau, Morgan Arora, Pankaj Desai, Kiran.  Large address space  Briefing on IPsec  IPsec implementation  IPsec operational modes  Authentication.

Diameter Maintenance and Extensions (dime) IETF 68, March 2007, Prague David Frascone, Hannes Tschofenig.

1 Alternative (Future) Proposals for MIPv6 Security MIP6 BOF/WG IETF-57 Jari Arkko, Ericsson Research NomadicLab Charlie Perkins, Nokia Research Center.

Revising RFC 3775 MEXT WG, IETF 70 Vijay Devarapalli

IETF70 - Mobopts RG1 On Mobile IPv6 Optimization and Multihoming draft-ng-mobopts-multihoming-00.txt Chan-Wah Ng

Routing Information Protocol

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

Network Mobility (NEMO) Advanced Internet 2004 Fall

Behcet Sarikaya Frank Xia July 2009 Dual-stack Lite Mobility Solutions IETF-75

1 Mobility for IPv6 [MIP6] November 12 th, 2004 IETF61.

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

Click to edit Master title style Click to add subtitle © 2008 Wichorus Inc. All rights reserved. CONFIDENTIAL - DO NOT DISTRIBUTE rfc3775bis Issues November.

Submission doc.: IEEE 11-12/0273r7 May 2012 Hiroki Nakano, Trans New Technology, Inc.Slide 1 SFD Text for Upper Layers Date: Authors: NameAffiliationsAddressPhone .

Multiple Care-of Address Registration draft-ietf-monami6-multiplecoa-02.txt.

MEXT WG IETF 82 Agenda and Presentations MONDAY, November 14, 2011 Jouni Korhonen, Julien Laganier.

IPFIX Charter Discussion Juergen Quittek 65th IETF meeting, IPFIX session.

IP Address Location Privacy and Mobile IPv6: Problem Statement draft-irtf-mobopts-location-privacy-PS-00.txt Rajeev Koodli.

1 Behcet Sarikaya Frank Xia November 2010 NAT64 for DSMIPv6 IETF 79

RFC 3775 bis Julien Laganier, Marcelo Bagnulo MEXT WG chairs IETF-71 Philadelphia, PA, USA March 2008.

Multiple Interfaces (MIF) WG documents status MIF WG IETF 80, Prague Problem statement and current practices documents.

Service Flows Distribution and Handoff Technique based on MIPv6 draft-liu-dmm-flows-distribution-and-handoff-00

San Diego, November 2006 IETF 67 th – mip6 WG Goals for AAA-HA interface (draft-ietf-mip6-aaa-ha-goals-03) Gerardo Giaretta Ivano Guardini Elena Demaria.

IPv6 Security By Eric Pennington COSC 356 – Network Security Dr. Oblitey

Ken Grewal Gabriel Montenegro Manav Bhatia

Internet Protocol Version 6 Specifications

MOBILE IPv6 SECURITY ISSUES

Booting up on the Home Link

Mobile Networking (I) CS 395T - Mobile Computing and Wireless Networks

Mobile IP and Upper Layer Interaction

GRE-in-UDP Encapsulation

ONAP and the Internet Engineering Task Force

IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli

Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

Transport Layer Security- based Mobile IPv6 Security Framework for MN Node to HA Communication IETF#80 MEXT WG, 1-April-2011 draft-ietf-mext-mip6-tls-00 J. Korhonen, B. Patil, H. Tschofenig, D. Kroeselberg

General Background: A DSMIPv6 solution using TLS as the security protocol instead of ESP, and a specific “HAC function” for bootstrapping the MN and provision the HA. First individual submission July 6, MN & HA implementations around for Linux (including N900..) Approved to WG (as per current charter) with an experimental track status.

On going discussion We got few extensive reviews (thanks to Domagoj, Ruyji,..) that pointed out several places to clarify & enhance. Lack of route optimization: Lets add it (originally route optimization was scoped out from the I-D..) Encapsulation discussion: Currently the I-D defines UDP encapsulation with TLS encryption and a very similar encapsulation to ESP. Thus, why not using ESP then?! Because the original proposal _was_ to avoid IKE/IPsec all together.. the packet formats just look ~about the same. The discussion saturated on the list but continued offline with smaller group of people.

Next steps.. Address the obvious review comments.. nits and alike.. Start with the route optimization: Would that mean old style return routability test, or could that mean placing a HAC to a CN, and skip return routebility test (the HA would not be needed then at all for route optimization) Figure out whether current TLS-based encapsulation needs to be changed to something else.. The authors encourage people to bring concrete proposals to the mailing list & authors and then find a consensus among those.