RSVP%20Security%20Properties%20(draft-ietf-nsis-rsvp-sec-properties-02.txt) - PowerPoint PPT Presentation

About This Presentation
Title:

RSVP%20Security%20Properties%20(draft-ietf-nsis-rsvp-sec-properties-02.txt)

Description:

... RSVP security mechanism (only some RFCs briefly mention the usage of IPsec) ... Authorization / User Identity Representation ... – PowerPoint PPT presentation

Number of Views:58
Avg rating:3.0/5.0
Slides: 8
Provided by: HannesTs8
Learn more at: https://www.ietf.org
Category:

less

Transcript and Presenter's Notes

Title: RSVP%20Security%20Properties%20(draft-ietf-nsis-rsvp-sec-properties-02.txt)


1
RSVP Security Properties(draft-ietf-nsis-rsvp-sec
-properties-02.txt)
  • Author
  • Hannes Tschofenig

2
Update
  • Based on comments i removed IPsec handling from
    Section 4 (Detailed Security Properties
    Discussion)
  • Reason
  • IPsec handling is not the suggested RSVP
    security mechanism (only some RFCs briefly
    mention the usage of IPsec)
  • Section 5 (Miscellaneous Issues) still covers
    IPsec handling

3
Update
  • Appendix A on Dictionary Attacks and Kerberos
    shortened
  • Additionally some typos and grammar problems have
    been fixed.
  • RSVP security literature briefly mentioned in
    Appendix C.
  • Draft is therefore shorter BUT ...

4
What is still missing?
  • Multicast issues not covered in detail
  • It seems that there is a lack of interest in
    multicast handling in general!
  • Should it be skipped?
  • I started to add some references/short
    description to other RSVP related security
    activities
  • Is this helpful?
  • Biggest Issue Authorization / User Identity
    Representation

5
Authorization / User Identity Representation
  • Currently the drafts does not describe too much
    about authorization.
  • Reason 1 The topic is fairly large.
  • draft-tschofenig-nsis-qos-authz-issues-00.txt
  • draft-tschofenig-nsis-aaa-issues-01.txt
  • Analysis of Mobile IP and RSVP Interactions (M.
    Thomas)
  • Accounting and Access Control for Multicast
    Distributions Models and Mechanisms
  • etc.

6
Authorization / User Identity Representation
  • Reason 2 An analysis is difficult.
  • RSVP related RFCs do not go into the details.
  • What is the expected behavior?
  • Comparison only useful if this behavior can be
    compared against the currently available
    mechanisms.
  • Big difference in the expected behavior.
    Something should be covered in the draft but
    what?

7
Next Steps
  • Incorporate comments.
Write a Comment
User Comments (0)
About PowerShow.com