NEMO Route Optimization Civil Aeronautical Requirements (draft-ietf-mext-aero-reqs)

1
NEMO Route OptimizationCivil Aeronautical
Requirements(draft-ietf-mext-aero-reqs)

• Presenter Wesley Eddy
• Verizon / NASA GRC
• weddy_at_grc.nasa.gov
• IETF 71 - MEXT WG - March 2008

2
Draft Status

• Including individual submission, prior to the WG
  draft, this is the 5th version of the document
• Feedback incorporated from over a dozen
  contributors
• From the IETF NEMO and MEXT WGs
• From the aeronautics community via ICAO meetings
  and the MPI mailing list
• Actively worked on during the MEXT interim
• Believed to be ready for last call

3
Recent Main Changes

• Clarified wording on high-level requirements
• Changed requirement on loss to also require NOT
  duplicating packets
• Completely rewrote security requirement with more
  specific goals

4
Security Requirement

• Old
• IPsec MUST be usable over the RO scheme, and the
  data used to make RO decisions MUST be
  authenticable, perhaps using some form of IPsec
• Correctly called pixie dust

• New
• Apps ability to use IPsec was moved to another
  requirement
• PIES doman - no additional requirement beyond
  standard MIPv6 RO.
• ATC/AOS domains
• The RO scheme MUST NOT further expose MNPs on
  the wireless link than already is the case for
  NEMO basic support
• The RO scheme MUST permit validation of the
  COAs
• The RO scheme MUST ensure that only explicitly
  authorized MRs are able to perform a binding
  update for a specific MNP.

5
ATS/AOS Security RequirementExplanation and
Rationale

• CoA validation
• May assume ingress filtering by all access
  network providers
• BU receiver can correlate a BUs source address
  with the decrypted alternate CoA (WG to discuss)
• MR authorization to perform BU for specific MNPs
• May assume trust relationships between MR and
  mobility anchor points topologically near to
  CNs, but not necessarily with every CN itself.