Logs for v6ops@ietf.xmpp.org, 2004-08-02

[17:32:55] --- lucioslayer has joined
[17:37:57] --- lucioslayer has left
[17:53:05] --- lucioslayer has joined
[18:23:09] --- lucioslayer has left
[21:17:56] --- lucioslayer has joined
[21:18:02] --- lucioslayer has left
[21:18:42] --- pwilson.apnic.net has joined
[21:20:59] --- lucioslayer has joined
[21:21:05] --- dthaler has joined
[21:21:28] --- Suresh Krishnan has joined
[21:21:54] <Suresh Krishnan> Pekka: Not much has been done since the last IETF
[21:22:29] <Suresh Krishnan> Agenda Bashing:ISP Scenarios missing from the Agenda
[21:22:40] --- norifmi has joined
[21:23:29] <Suresh Krishnan> consensus to go to PS for Teredo and 6PE
[21:23:42] <Suresh Krishnan> 6PE by the routing ADs
[21:23:54] <Suresh Krishnan> and Teredo by the Internet ADs
[21:24:11] <Suresh Krishnan> Doc status
[21:24:25] <Suresh Krishnan> Transition mechanism revision is almost done
[21:24:40] <Suresh Krishnan> NAT-PT and SIIT will require applicability statement
[21:24:58] <Suresh Krishnan> Unmanaged analysis is in RFC edito's wueue
[21:25:17] --- rgaglian has joined
[21:25:35] --- touchwood has joined
[21:25:46] --- sakai has joined
[21:26:38] --- Tina has joined
[21:26:40] <Suresh Krishnan> Bunch of documents passed IESG eval
[21:27:16] <Suresh Krishnan> <lost a bit signing the signup sheet>
[21:27:38] --- ggm has joined
[21:27:52] <Suresh Krishnan> vlan usage draft by tim chown
[21:28:13] <Suresh Krishnan> addresses large enterprise with no ipv6 support
[21:28:32] <Suresh Krishnan> -> need to have 802.1q tagging support
[21:28:46] <Suresh Krishnan> external ipv6 cinnectivity preferred
[21:29:13] <Suresh Krishnan> can use a pc router which supports vlan tagging with multiple vlan tags on the same interface
[21:29:36] --- pablouy has joined
[21:30:02] <Suresh Krishnan> diligently choose vlan tags to map ipv4 subnets onto ipv6 networks
[21:30:38] <Suresh Krishnan> this makes it easy to install v6 support if vlan capability if present
[21:30:53] <Suresh Krishnan> can selectively choose which v4 subnets get ipv6
[21:31:06] --- gih has joined
[21:31:28] <Suresh Krishnan> can use real ipv6 addresses until the site get ipv6 capable equipment
[21:31:39] <Suresh Krishnan> scales pretty well - just add more interfaces
[21:31:48] --- yushun has joined
[21:32:14] <Suresh Krishnan> no config changes on ipv4 network
[21:32:21] <Suresh Krishnan> pim/ssm friendly
[21:32:26] <Suresh Krishnan> easy migration
[21:32:30] <Suresh Krishnan> ---
[21:32:57] <Suresh Krishnan> discussion
[21:33:00] <Suresh Krishnan> the procedure is kind of obvious
[21:33:12] <Suresh Krishnan> does this need to be documenterd?
[21:33:16] <Suresh Krishnan> is it complete?
[21:33:29] <Suresh Krishnan> should this be adopted as WG item?
[21:33:56] <Suresh Krishnan> chair: Question about adoption as WG item to be deferred.
[21:34:17] <Suresh Krishnan> ---
[21:34:28] <Suresh Krishnan> documenting this should contain more info
[21:34:55] <Suresh Krishnan> eg. comparisons with other techniques, performance info, known issues etc.
[21:35:28] <Suresh Krishnan> I do not like the term PC routers
[21:35:40] <Suresh Krishnan> -Bernard
[21:36:59] --- ohira has joined
[21:36:59] <Suresh Krishnan> <DKW>Does this technique traverse NATs? No. It is layer 2
[21:37:05] <Suresh Krishnan> ---
[21:37:11] <Suresh Krishnan> Campus transition draft
[21:37:38] <Suresh Krishnan> Lot of work done on the scenarios draft
[21:37:57] <Suresh Krishnan> because the problem is very complex and the diversity of enterprise types
[21:38:06] <Suresh Krishnan> doc is now in last call
[21:38:28] <Suresh Krishnan> makes sense to work on a case study (university campus)
[21:38:41] <Suresh Krishnan> University of Sothampton UK
[21:38:50] <Suresh Krishnan> 1500+ users with 1000+ sysstems
[21:38:57] <Suresh Krishnan> v6 and v4
[21:39:21] <Suresh Krishnan> falls under scenario 1 of the doc. I.e. Existin IPv4 network
[21:40:03] <Suresh Krishnan> 12 IPv4 class C's allocated from pre-CIDR class block
[21:40:11] <Suresh Krishnan> Has /48 ipv6 connectivity
[21:40:20] <Suresh Krishnan> goal to be ip agnostic
[21:40:42] <Suresh Krishnan> dhcp for ip address assignment
[21:40:58] <Suresh Krishnan> question: DHCPv6 or address autoconf?
[21:41:03] <Suresh Krishnan> no performance management
[21:41:29] <Suresh Krishnan> use tools for monitoring service availaility, firewalls, IDS etc.
[21:41:52] <Suresh Krishnan> Issues about use of 3041 addresses
[21:42:22] <Suresh Krishnan> use vlan based tagging method specified in the vlan draft
[21:42:49] <Suresh Krishnan> pretty much all the ipv4 services were upradeable
[21:42:54] <Suresh Krishnan> using this approach
[21:43:20] <Suresh Krishnan> 9 areas of discussion of requirements (see PPT)
[21:43:29] <Suresh Krishnan> missing things
[21:43:32] <Suresh Krishnan> access control
[21:43:38] <Suresh Krishnan> hard coded ipv4 addresses
[21:43:45] <Suresh Krishnan> network backups
[21:44:38] <Suresh Krishnan> catchall clause about upgradeable h/w and s/w
[21:44:46] <Suresh Krishnan> missing aaa and pki
[21:45:09] <Suresh Krishnan> ---
[21:45:12] --- vlevigneron has joined
[21:45:28] <Suresh Krishnan> stuff like NFS/X11 do not work properly
[21:45:44] <Suresh Krishnan> apache supports ipv6 out of a box but not all modules do
[21:46:00] <Suresh Krishnan> ---
[21:46:03] <Suresh Krishnan> analysis
[21:46:50] <Suresh Krishnan> transition services offered to external users (e.g. students/profs from home)
[21:47:10] <Suresh Krishnan> 6to4, tunnel broker etc
[21:47:13] <Suresh Krishnan> ---
[21:47:32] <Suresh Krishnan> the difficulty is in enabling ipv6 support in apps, not in getting ipv6 on the wire
[21:47:38] <Suresh Krishnan> ---
[21:47:40] <Suresh Krishnan> to do
[21:47:52] <Suresh Krishnan> document analysis of scenario
[21:48:03] <Suresh Krishnan> more detail on dns, smtp etc
[21:48:13] <Suresh Krishnan> categorize missing components
[21:48:17] <Suresh Krishnan> ---
[21:48:39] <Suresh Krishnan> will create a new version of draft by the end of the month
[21:48:59] <Suresh Krishnan> is this useful?
[21:49:36] <Suresh Krishnan> Alain Durand:(Sun) We shipped NFS with IPv6 4 years ago
[21:50:00] <Suresh Krishnan> Should not mention OS version numbers
[21:50:17] <Suresh Krishnan> This makes the document obsolete very fast
[21:51:05] <Suresh Krishnan> Christian: I like the way in which the draft concretely addresses the scenario
[21:51:18] <Suresh Krishnan> Do not generalize since it causes confusion
[21:51:38] --- suz-isc has joined
[21:52:23] --- dudi has joined
[21:52:29] <Suresh Krishnan> Jim Bound: Tim,Good job. This should be worked on in the WG.
[21:52:52] <Suresh Krishnan> Need an appendix on the VLAN tags to narrow on how to use the VLAN tags.
[21:52:57] <Suresh Krishnan> There are 4 ways to do this
[21:53:35] <Suresh Krishnan> Alain: I would like to get this published as an RFC. The WG should concentrate on case studies with real depaloyment experience
[21:53:57] <Suresh Krishnan> what works, what did not work. This is exactly the kind of doc this WG should produce.
[21:54:24] --- gih has left
[21:55:07] <Suresh Krishnan> Eric Hertzmann: Differences between IPv6 only deployment and mixed scenarios
[21:55:29] <Suresh Krishnan> ---
[21:55:36] <Suresh Krishnan> Assisted tunneling
[21:55:36] --- pablouy has left
[21:55:45] --- gih has joined
[21:55:52] <Suresh Krishnan> alain durand presenting
[21:55:59] <Suresh Krishnan> doc in last call
[21:56:14] <Suresh Krishnan> sending last call encourages people to read it
[21:56:51] <Suresh Krishnan> issues from last call
[21:57:38] <Suresh Krishnan> prefix length for tunnel link - Keep /128 for backward compatibility and refer to RFC3177 for address delegation
[21:58:13] <Suresh Krishnan> Christian: Why should we differentiate tunnel links from other links?
[21:59:30] --- gih has left
[21:59:38] <Suresh Krishnan> Add section to discuss load balancing and brokering issues
[21:59:55] <Suresh Krishnan> Add a requirement for a load balancing solution but do not specify how
[22:00:47] <Suresh Krishnan> securing the setup session: protect the setup session to not disclose info.
[22:00:53] --- rpayne has joined
[22:00:59] <Suresh Krishnan> registered mode must protect authentication
[22:01:11] <Suresh Krishnan> both reg and non-reg mode may protect data
[22:01:21] <Suresh Krishnan> securing the tunnel link
[22:01:48] <Suresh Krishnan> nothing to do. IP is insecure
[22:02:37] <Suresh Krishnan> Christian feels strongly about this. He thinks status quo is not enough. We should enable the ISPs to provide secure services
[22:03:20] <Suresh Krishnan> this has less security than a l2 which has access control
[22:03:39] --- pablouy has joined
[22:03:52] <Suresh Krishnan> it should be possible to provide authenticated and/or encrypted services
[22:04:29] --- gih has joined
[22:04:39] <Suresh Krishnan> pekka: if we need to do something within 5 years we need to limit ourselves to stuff which is equivalent to existing techniques.
[22:05:02] <Suresh Krishnan> it is good to use e.g. ipsec to secure the data channel but it is out of scope
[22:05:28] <Suresh Krishnan> Pekka had his WG chair hat off during the previous comment
[22:05:54] <Suresh Krishnan> eric fleischmann: one of the touted advantages of ipv6 is improved security
[22:05:55] --- avri has joined
[22:06:03] <Suresh Krishnan> so we need to include this info
[22:06:43] <Suresh Krishnan> Pekka wants to document how to use IPSec to secure tunnels
[22:07:29] <Suresh Krishnan> it is naive to assume everyone will use ipsec
[22:07:58] <Suresh Krishnan> Christian talks to the sudience about using VPN clients using IPSec. Asks for a show of hands from people
[22:08:15] <Suresh Krishnan> A lot of people say they use IPSec tunnels right now
[22:08:39] --- rgaglian has left
[22:09:28] --- tskj has joined
[22:09:37] --- Suresh Krishnan has left: Disconnected
[22:09:43] --- Suresh Krishnan has joined
[22:10:06] <Suresh Krishnan> <Jonne>Could use 2 layers of encryption. e.g. IPSec/SSH or IPSec SSL
[22:10:35] <Suresh Krishnan> Thomas Narten: Need to use MUST and SHOULD for clarity not for pleasing the IESG
[22:10:48] --- peterd has joined
[22:11:36] <Suresh Krishnan> goals don't lend themselves to specifying with 2119 language
[22:12:57] <Suresh Krishnan> Brian Carpenter: A requirements doc has to be a matematically self consistent document. Use milder words "must" instead of "MUST" to ease the review of the document
[22:13:15] <Suresh Krishnan> Since this is not a protocol doc it does not have to be that strict
[22:14:33] <Suresh Krishnan> Christian: DNS considerations not discussed. Contradicts with address autoconf. Section 4.6 needs to be removed
[22:15:06] <Suresh Krishnan> Karen Nielsen: Introduction not clear. Reference to 3GPP is not clear
[22:16:44] <Suresh Krishnan> Thomas Narten: Does 3GPP ask for assisted tunneling? If not what is this reference doing here
[22:17:08] <Suresh Krishnan> Christian: The general problem with the document is that it lists requirements which look good.
[22:17:14] --- rgaglian has joined
[22:17:25] <Suresh Krishnan> No correlation between scenarios and requirements
[22:17:44] <Suresh Krishnan> Pekka: We have too few operators in the IETF
[22:19:29] <Suresh Krishnan> Christian: Goals for assisted tunneling should be derived from the scenario docs
[22:19:52] <Suresh Krishnan> i.e. This goal exists because scenario <blah blah> requires it
[22:19:56] --- gih has left
[22:20:40] <Suresh Krishnan> <DKW> Cannot force requirements on 3GPP without justification
[22:21:47] <Suresh Krishnan> Karen: The requirements do not directly map to 3GPP scenarios.
[22:22:10] <Suresh Krishnan> I think this document primarily addresses ISP scenarios and thus should not mention 3GPP
[22:22:36] <Suresh Krishnan> ---
[22:22:40] <Suresh Krishnan> the way forward
[22:23:48] <Suresh Krishnan> all scenarios are finished
[22:24:10] <Suresh Krishnan> analysis documents are almost done with the exception of enterprise scenarios
[22:24:52] <Suresh Krishnan> we need to figure out how the different analysis documents interact with each other
[22:25:05] <Suresh Krishnan> chairs met with ADs
[22:25:35] <Suresh Krishnan> Gaps were found - Need to be translated into requirements
[22:25:49] <Suresh Krishnan> Map requirements into solutions
[22:26:10] <Suresh Krishnan> May need to refocus/recharter the WG once these things are done
[22:26:26] <Suresh Krishnan> ---
[22:26:27] <Suresh Krishnan> TODO
[22:26:42] <Suresh Krishnan> Required features
[22:26:51] <Suresh Krishnan> BGP tunneling went to Routing area
[22:27:11] <Suresh Krishnan> Teredo - Internet ADs behind this draft
[22:27:45] <Suresh Krishnan> IPv4->IPv6 transition for SIP will be taken care of by the SIPPING
[22:27:57] <Suresh Krishnan> Assisted tunneling
[22:28:09] <Suresh Krishnan> Zeroconfig tunneling mechanism
[22:28:16] <Suresh Krishnan> Configured tunneling thru NATs
[22:28:22] <Suresh Krishnan> Tunnel v4 over v6
[22:28:38] <Suresh Krishnan> Map items into mechanisms
[22:28:51] <Suresh Krishnan> Need to complete enterprise analysis
[22:29:04] <Suresh Krishnan> NEED DEADLINES. Work needs to be done by a given time
[22:29:24] <Suresh Krishnan> need someone to write enterprise analysis in 2 weeks
[22:29:31] <Suresh Krishnan> WGLC by Sept 7
[22:29:42] --- gih has joined
[22:30:29] <Suresh Krishnan> finish assisted tunneling requirements by Aug 20th
[22:30:41] <Suresh Krishnan> need to identify solutions which fit these requirements
[22:30:56] <Suresh Krishnan> form a mailing list and/or BOF
[22:31:14] <Suresh Krishnan> need to list 0conf requirements
[22:31:28] <Suresh Krishnan> need a basis for proposal BY THURSDAY ;-)
[22:31:45] <Suresh Krishnan> requirements doc to be ready by Sep 1
[22:31:49] <Suresh Krishnan> identify solution
[22:32:27] <Suresh Krishnan> does confiured tunneling thru NATs and v4 over v6 need its own doc
[22:32:41] <Suresh Krishnan> or can this be clubbed with assisted tunneling
[22:32:52] <Suresh Krishnan> new WG items on hold until these are done
[22:33:52] <Suresh Krishnan> Erik Nordmark: Nail down the requirements about configuring v4 over v6 tunnels
[22:34:24] <Suresh Krishnan> Pekka: Right now covers only manually configured tunnels. No requirements for path optimization.
[22:34:27] --- pablouy has left: Disconnected
[22:34:48] <Suresh Krishnan> Erik: Discovery. Is this for inter domain or intra domain.
[22:34:54] <Suresh Krishnan> Pekka: Inter domain
[22:35:23] <Suresh Krishnan> Alain: v4 over v6 and nat traversal are covered in the assisted tunneling document
[22:35:53] <Suresh Krishnan> is assisted tunneling enough for v4 over v6
[22:36:17] <Suresh Krishnan> Alain: What happens if deadlines are not met? Will you close the WG or hand the participants?
[22:36:29] <Suresh Krishnan> s/hand/hang/
[22:36:47] --- timchown has joined
[22:37:47] <Suresh Krishnan> Alain: No progress/slow progress in this area. Too much carrot not enough stick
[22:38:17] --- hkruse has joined
[22:38:27] <Suresh Krishnan> Dave Kessens objects to this and says lot of progress has been made
[22:38:49] <Suresh Krishnan> Margaret: wants to say a few positive things
[22:39:11] <Suresh Krishnan> She takes the blame for the lack of progress in the last 3 yrs as she was a chair
[22:39:33] <Suresh Krishnan> She thinks a lot of work has been done since and she is pleased to see it come to fruition
[22:39:48] --- pablouy has joined
[22:39:50] <Suresh Krishnan> Good job to the WG
[22:40:53] <Suresh Krishnan> Jim Bound: Need to get IESG aproval before doing something rash and quick.
[22:41:11] <Suresh Krishnan> The timeframes are INSANE. It is like a programmed working 48 hrs straight
[22:41:47] <Suresh Krishnan> Jonne: It is only a first version. It will be improved over time. I just need buyin from somebody
[22:42:15] <Suresh Krishnan> Jim: How about the WGLC deadlines?
[22:43:00] <Suresh Krishnan> Make it 3 weeks. I will do it. I need co-authors who actually do stuff and write text
[22:43:11] <Suresh Krishnan> I do not want people with opinions on hallways
[22:43:44] <Suresh Krishnan> Jordi Palet: Zeroconf not possible by Thursday.
[22:44:29] <Suresh Krishnan> Jonne: Don't think zeroconf as anything specific. It is just a different name which needs to be defined
[22:44:56] <Suresh Krishnan> Tim chown: Deadlines are crazy. Can we set deadlines on IESG?
[22:45:17] <Suresh Krishnan> Jonne: Question to IESG. How quick can you give comments?
[22:45:52] <Suresh Krishnan> David Kessens: I will do my best to get it on the first possible slot of the IESG
[22:45:59] <Suresh Krishnan> two weeks from now
[22:46:41] <Suresh Krishnan> Jonne: Maybe the deadlines are crazy but we need them to speed up work
[22:46:59] <Suresh Krishnan> Thomas Naarten: There is no room for iteration in the deadlines
[22:47:13] <Suresh Krishnan> Jonne: Dates are open to discussion
[22:47:37] <Suresh Krishnan> a better approach is to have a revision every month
[22:47:49] <Suresh Krishnan> 2 weeks for people to read and 2 weeks for the authors to make the changes
[22:48:32] <Suresh Krishnan> Jim Bound:3 weeks is fine.
[22:48:34] <Suresh Krishnan> Tim Chown and Jordi Palet to help him
[22:49:27] <Suresh Krishnan> Pekka wants the draft out ASAP
[22:49:49] <Suresh Krishnan> Dvid Kessens: Get stuff out by IETF-61 is too late.
[22:50:17] <Suresh Krishnan> We need to make it earlier so that we can discuss the future of this WG at IETF-61
[22:50:27] <Suresh Krishnan> Jonne: wants WGLC by end of September
[22:51:20] <Suresh Krishnan> Jim Bound: I do not want this WG killed like ngtrans was.
[22:51:31] <Suresh Krishnan> I will scream murder if it is.
[22:52:02] <Suresh Krishnan> David: There are no rumours about closing v6ops
[22:52:18] <Suresh Krishnan> we did explore the possibility of a WG for tunneling
[22:52:51] <Suresh Krishnan> 2743 is the template for an implementer to build a tunnel
[22:53:27] <Suresh Krishnan> there is no value for a new doc/WG
[22:54:17] <Suresh Krishnan> Margaret: Jim is better connected to the rumour mill than I am.
[22:54:20] --- rpayne has left
[22:54:32] <Suresh Krishnan> I did not hear about the tunneling WG until 4 hours back
[22:54:45] <Suresh Krishnan> David: If you want to discuss rumours, talk to me
[22:54:46] --- peterd has left
[22:55:29] <Suresh Krishnan> Karen:I would like to know what the Zeroconf tunneling scenario is
[22:56:00] <Suresh Krishnan> Jonne: It is derived from ISP scenarios. This is derived from 3GPP documents
[22:56:41] <Suresh Krishnan> Christian: There was a note in the unmanaged scenario about ISP configured tunnels
[22:56:52] <Suresh Krishnan> Christian: Why is ISATAP missing?
[22:57:20] <Suresh Krishnan> Jonne: It is not missing. .... It is missing ...(sic)
[22:57:26] <Suresh Krishnan> (laughter)
[22:58:25] <Suresh Krishnan> Fred has asked the RFC editor to publish the ISATAP as experimental
[22:58:38] <Suresh Krishnan> but wishes it would go Standards track
[22:59:42] <Suresh Krishnan> Christian: Last 2 years, It feels like we are doing something but nothing happens
[23:00:00] --- suz-isc has left
[23:00:06] <Suresh Krishnan> It is good to document a few things
[23:00:35] <Suresh Krishnan> If Cisco/Microsoft ... do a few things other people maybe interested in gettin it documented
[23:01:43] <Suresh Krishnan> Jim: It is unfair to send ISATAP to experimental
[23:02:34] <Suresh Krishnan> I think when we are done in 3 weeks ISATAP/Teredo needs to be Standards track
[23:02:57] <Suresh Krishnan> Jonne: Fred DOES NOT have to go EXperimental track. He MAY if he wants to
[23:03:02] <Suresh Krishnan> Tim Chown:
[23:03:31] <Suresh Krishnan> ISATAP has been dropped by USAGI because it did not make standards track
[23:03:37] <Suresh Krishnan> Fred: It is still there
[23:04:14] <Suresh Krishnan> Brian: ID tracker for ISATAP says it is waiting for scenarios work
[23:04:27] <Suresh Krishnan> The id tracker is old/wrong
[23:05:33] <timchown> isatap has been removed from usagi... this is on the usagi users list
[23:05:38] <Suresh Krishnan> ---
[23:06:08] <Suresh Krishnan> ipsec to secure tunnels
[23:06:31] <dthaler> (Fred reported ISATAP was back in USAGI 2.4)
[23:07:04] <Suresh Krishnan> why ipsec?
[23:07:16] <Suresh Krishnan> Tunneling is one transition mechanism
[23:07:34] <Suresh Krishnan> it explicitly allows v6 inside and v4 oytside
[23:07:41] <timchown> i think it's removed from 2.6 snapshot
[23:08:05] <Suresh Krishnan> cyptographic protection thru tunnel but may cause multiple nested encrypted tunnels
[23:08:49] <timchown> usagi-users archive needs a search option :)
[23:09:25] --- Suresh Krishnan has left: Disconnected
[23:09:35] --- Suresh Krishnan has joined
[23:09:42] <Suresh Krishnan> ESP is required in IPv6
[23:09:56] --- pwilson.apnic.net has left: Disconnected
[23:10:08] --- pablouy has left: Disconnected
[23:10:16] <Suresh Krishnan> approach uses a bunch of drafts concerning ipsec
[23:10:32] <Suresh Krishnan> The draft recommends transport mode router->router
[23:10:38] <Suresh Krishnan> ---
[23:10:41] <Suresh Krishnan> open issues
[23:10:53] <Suresh Krishnan> need to add text for using IKEv1
[23:11:22] <Suresh Krishnan> use of ipsec transpopr mode for dynamic routing
[23:11:32] <Suresh Krishnan> define address config mechanism
[23:11:34] --- norifmi has left: Disconnected
[23:11:47] <Suresh Krishnan> fix examples to use IPV6 addresses
[23:11:55] <Suresh Krishnan> add a new example in section 10
[23:12:02] <Suresh Krishnan> implications of mobility
[23:12:31] <Suresh Krishnan> is this useful? wg adoption?...
[23:13:00] --- pwilson.apnic.net has joined
[23:13:27] <Suresh Krishnan> Brian: This scenario passed a stringent security review at IBM. It is currently working and this proves it is workable
[23:13:50] <Suresh Krishnan> Jim Bound: The operational view in the draft is done well.
[23:14:15] <Suresh Krishnan> I am concerned about the end to end model with transport mode
[23:15:47] <Suresh Krishnan> ---
[23:15:54] <Suresh Krishnan> v6ops security overview
[23:16:17] <Suresh Krishnan> tries to show a big picture view of security with ipv6
[23:16:50] --- gih has left
[23:16:51] <Suresh Krishnan> does not try to cover everything. The approach is to refer to the relevant documents for more details
[23:17:05] --- brabson has joined
[23:17:22] <Suresh Krishnan> added considerations for probing/mapping ipv6 addresses
[23:17:30] <Suresh Krishnan> added considerations for privacy
[23:17:31] <timchown> (on ISATAP and USAGI: http://www.linux-ipv6.org/ml/usagi-announce/msg00102.html, says removed because "obsolete"(!) and IPR issues... (Nov'03) - has it been put back since then?)
[23:18:07] <Suresh Krishnan> Since other docs refer to this one, this needs to be published one way or another
[23:18:38] <Suresh Krishnan> Goal is to fix issues and publish as Informational. No hurry
[23:19:01] <Suresh Krishnan> Should we take as WG document?
[23:19:15] <Suresh Krishnan> Need co author and editor
[23:19:29] <Suresh Krishnan> volunteers contact Pekka
[23:19:41] <Suresh Krishnan> Jonne: Did you contact the people from Security Area
[23:19:53] <Suresh Krishnan> Pekka: No response from the security area
[23:20:53] --- gih has joined
[23:21:04] --- rpayne has joined
[23:21:12] <Suresh Krishnan> TEP auto dicovery
[23:21:21] <Suresh Krishnan> 4 secnarios
[23:21:36] --- gih has left
[23:21:38] <Suresh Krishnan> 1 Inital IPv6 deploymeny no native IPv6
[23:21:57] <Suresh Krishnan> 2 Initial IPV6 support from External ISP
[23:22:13] <Suresh Krishnan> 3 Nomadic users moving between ISPs
[23:22:43] <Suresh Krishnan> 4 Advanced stages of IPv6 deployment
[23:23:02] <Suresh Krishnan> ---
[23:23:08] <Suresh Krishnan> analysis of solutions
[23:23:18] <Suresh Krishnan> -> anycast based solutions
[23:23:36] <Suresh Krishnan> - global anycast for scen 2
[23:23:50] <Suresh Krishnan> -> Centralized broker based solutions
[23:24:02] <Suresh Krishnan> - needs to deploy a centralized server
[23:24:11] <Suresh Krishnan> - can use anycast here as well
[23:24:27] <Suresh Krishnan> -> Forward DNS based solutions
[23:24:38] <Suresh Krishnan> - already deployed and used
[23:24:47] <Suresh Krishnan> -> Reverse DNS based solutions
[23:25:02] <Suresh Krishnan> - maps the topology very well
[23:25:11] <Suresh Krishnan> -> DHCP and PPP based solutions
[23:25:30] <Suresh Krishnan> - problem is to get new option types for PPP
[23:26:15] <Suresh Krishnan> -> combination of solutions
[23:26:17] <Suresh Krishnan> ---
[23:26:19] <Suresh Krishnan> next steps
[23:26:28] <Suresh Krishnan> finalize IF as WG item
[23:26:37] <Suresh Krishnan> s/IF/ID/
[23:26:48] --- norifmi has joined
[23:27:06] --- pablouy has joined
[23:27:15] <Suresh Krishnan> To create a new ID for the proposed solutions
[23:27:41] <Suresh Krishnan> <DKW> Applicability to 3PP
[23:28:09] <Suresh Krishnan> Tim Chown: Performance analysis on the different methods
[23:28:14] <Suresh Krishnan> needs to be done
[23:28:26] <Suresh Krishnan> Jordi: It is planned for the next version
[23:29:03] --- gih has joined
[23:29:09] <Suresh Krishnan> <3GPP issues to be discussed offline>
[23:29:34] <Suresh Krishnan> ---
[23:29:39] <Suresh Krishnan> BONUS TOPIC
[23:29:46] <Suresh Krishnan> IT IS YOUR LUCKY DAY FOLKS
[23:30:00] <Suresh Krishnan> What do we want to do with NAT-PT
[23:30:15] <Suresh Krishnan> doc came out 2 IETFs ago
[23:31:09] <Suresh Krishnan> needs to be more negative on NAT-PT "Don't do it. But if you really, really want to this is how we do it"
[23:31:15] <Suresh Krishnan> Do we want to continue work
[23:31:46] <Suresh Krishnan> Bernard: NAT-PT is another version of NAT. We should drop it.
[23:32:31] <Suresh Krishnan> Christian: We need to specify in the document that we MUST NOT require vendors to implement this
[23:32:53] <Suresh Krishnan> Bernard: Is anybody using it?
[23:33:58] <Suresh Krishnan> <DKW> What about IPv4 hosts in the future?
[23:34:44] <Suresh Krishnan> NAT-PT is only one choice not the only choice.
[23:34:54] <Suresh Krishnan> Alain: The problem is two fold
[23:35:17] <Suresh Krishnan> 1) Everyone is not familiar with all the technologies for v6 v4 interop
[23:35:35] --- gih has left
[23:35:37] <Suresh Krishnan> 2) NAT-PT works but is not a good solution
[23:36:19] <Suresh Krishnan> Change the status of the NAT-PT document to OBSOLETE
[23:36:43] <Suresh Krishnan> <DKW> NAT-PT can save valuable bandwidth on radio links
[23:37:31] <Suresh Krishnan> NAT-PT is more performant than other methods
[23:38:27] <Suresh Krishnan> Brian: The draft describes what works and what does not work.
[23:38:50] <Suresh Krishnan> we need a volunteer to update the document
[23:39:25] <dthaler> Tony Hain just volunteered
[23:39:43] <Suresh Krishnan> dave, you beat me to it
[23:40:03] <Suresh Krishnan> Bernard: What about SIIT?
[23:40:04] --- brabson has left
[23:40:13] <Suresh Krishnan> Pekka: It is included in the NAT-PT document
[23:40:20] --- hkruse has left
[23:40:29] --- rgaglian has left
[23:40:33] --- norifmi has left
[23:40:36] --- yushun has left
[23:40:41] --- pablouy has left
[23:40:42] --- sakai has left
[23:40:47] --- tskj has left
[23:40:48] --- touchwood has left
[23:40:48] <Suresh Krishnan> people can stay back and discuss zeroconf requirements.
[23:40:57] --- touchwood has joined
[23:40:59] <Suresh Krishnan> <Show is over folks>
[23:41:18] --- dthaler has left
[23:41:22] --- dudi has left
[23:41:24] <Suresh Krishnan> <signing off>
[23:41:25] --- timchown has left
[23:41:46] --- Suresh Krishnan has left
[23:41:48] --- rpayne has left
[23:42:21] --- touchwood has left
[23:42:42] --- lucioslayer has left
[23:43:48] --- Tina has left
[23:44:14] --- ggm has left
[23:44:17] --- avri has left: Disconnected
[23:45:41] --- vlevigneron has left: Disconnected