Logs for v6ops@ietf.xmpp.org, 2004-08-05

[10:23:23] --- tskj has joined
[10:24:02] --- gillos has joined
[10:24:53] --- tskj has left
[10:27:06] --- becarpenter has joined
[10:32:52] --- brabson has joined
[10:38:17] --- hkruse has joined
[10:40:25] --- nov has joined
[10:40:59] --- rpayne has joined
[10:44:03] --- inoue has joined
[10:46:21] --- chown-scribe has joined
[10:46:38] <chown-scribe> Anyone else scribing this?
[10:46:46] --- dudi has joined
[10:46:53] <chown-scribe> ok, i will :)
[10:47:15] --- yushun has joined
[10:47:16] <chown-scribe> meeting just starting
[10:47:46] <chown-scribe> Savola and Soininen both chairs present
[10:48:20] --- ohira has joined
[10:48:37] --- fp has joined
[10:49:24] --- arador has joined
[10:49:35] --- jerome.durand.renater has joined
[10:49:38] <chown-scribe> starting now
[10:49:49] <chown-scribe> agenda bashing
[10:50:12] <chown-scribe> First item is IPR, was some discussion on the mail list
[10:50:25] --- aen has joined
[10:50:41] <chown-scribe> savola: up to wg to make decisions, IETF does not make decisions, based on the stated IPR claims. I encourage you to read the draft with this issue
[10:50:45] <chown-scribe> questions?
[10:50:49] <chown-scribe> [none]
[10:51:20] <chown-scribe> First up: Bound on enterprise analysis
[10:51:55] --- dthaler has joined
[10:52:14] <chown-scribe> [setting up projector for Bound]
[10:52:24] --- tuy has joined
[10:52:27] <fp> very detailled Tim ;)
[10:52:49] <chown-scribe> [taking sp from coffee mug :)]
[10:52:51] --- toro_toro has joined
[10:53:09] --- toro_toro has left
[10:53:12] --- toro_toro has joined
[10:53:37] <chown-scribe> Bound: chairs asked initial authors - chown, bound, palet, pouffary - to present somethinbg to kick off analysis
[10:54:19] <chown-scribe> Bound: we found a matrix which we can use - thanks to Steve Klynsma and Dave Green for this, people deploying v6 with real budgets, ask me offline if you're interested
[10:54:39] <chown-scribe> Bound: we'll present this matrix, 57(!) rows
[10:54:55] <chown-scribe> bound: for 57 scenarios. sounds overwhelming, but we'll home in.
[10:55:27] <chown-scribe> bound: have source, intranet, isp, destination possibilities
[10:55:36] <chown-scribe> bound: for v4, v6 or dual-stack
[10:56:09] --- Suresh Krishnan has joined
[10:56:28] <chown-scribe> bound: the rows correspond to what the user base scenario is, e.g. if they are keeping v4 running on the intranet routing infrastryucture
[10:56:59] <chown-scribe> bound: that would be base scenario 1 from ent-scenarios draft (which has three base scenarios)
[10:57:20] <chown-scribe> [giving example of a row from the matrix]
[10:57:44] <chown-scribe> bound: the transition mechanism affects the rows, not just the columns
[10:58:20] <chown-scribe> four columns are host/app origin, intranet origin, svc provider origin and destination host/app
[10:58:25] --- aen has left: Disconnected
[10:58:39] <chown-scribe> bound: there are 57 listed, of 81 possible (3*3*3*3)
[10:58:47] --- lucioslayer has joined
[10:59:14] <chown-scribe> a number of entries are trivial
[10:59:23] --- becarpenter has left: Replaced by new connection
[10:59:23] --- becarpenter has joined
[10:59:23] --- becarpenter has left
[11:00:12] <chown-scribe> of 57 basic combos, 36 are trivial, and 12 correspond to v4 or v6 only svc provider, and remaining 9 are most interesting
[11:00:16] --- becarpenter has joined
[11:00:19] <chown-scribe> and need analysis and thought
[11:00:45] --- sakai has joined
[11:00:50] <chown-scribe> [scribe: we can thus probably make these sub cases of the three base scenarios in ent-scenarios text]
[11:01:15] --- hp has joined
[11:01:15] <chown-scribe> bound: we think if we analyses up to 12 cases we can do the work by the WG deadline
[11:01:52] <chown-scribe> tools in hand include: configured tunnels, 6to4, isatap, teredo, tunnel broker, dstm and various forms of translation
[11:02:17] <chown-scribe> bound: steve's matrix is helping us think here
[11:02:42] --- ggm has joined
[11:02:57] <chown-scribe> bound: translation is bad, so we should avoid it, but we need to look at it
[11:03:23] <chown-scribe> look at requirements, like security, cost, scalability, management
[11:03:45] <chown-scribe> reflect back to ent-scenarios draft
[11:06:02] --- aen has joined
[11:06:08] <chown-scribe> bound: we'll get the text out, but we need your feedback qickly
[11:06:23] <chown-scribe> questions?
[11:06:40] <chown-scribe> savola: thanks jim, two personal comments
[11:07:13] <chown-scribe> savola: 1. matrix is taken with lots of salt, which is good, ie. you focus on real deployment combos of matrix
[11:07:20] <chown-scribe> savola: so promising
[11:07:32] <chown-scribe> bound: thanks. matrix is a mental tool
[11:07:43] <chown-scribe> adurand: will you focus on layer 2 or 7?
[11:07:54] <chown-scribe> bound: mainly on layer 3
[11:08:02] <chown-scribe> bound -00 will be layer 3 foucsed
[11:08:26] <chown-scribe> durand: chown's campus draft is like what my company did
[11:08:35] <chown-scribe> durand: layer 7 harder to fix
[11:08:50] <chown-scribe> bound: but layer 3 is furst issue, need strategy, so both equally important
[11:09:02] <chown-scribe> adurand: pleas put layer 7 in final doc
[11:09:04] <chown-scribe> bound: sure
[11:09:23] <chown-scribe> bound: may need other work on new enterprise issues we find
[11:09:35] <chown-scribe> bound: a lot done by dnsops here
[11:09:59] --- narten has joined
[11:10:12] <chown-scribe> adurand: you have one column for host/app, but we found have to consider hosts that have v4 and v6 in the kernel and apps that have v4 and v6.
[11:10:29] <chown-scribe> bound: i think that's a labelling issue
[11:11:03] <chown-scribe> bound: let's discuss this on list?
[11:11:05] --- dinakar has joined
[11:11:21] <chown-scribe> jonne: ok
[11:11:31] <chown-scribe> templin: i offere dtext, did you find it useful?
[11:11:43] <chown-scribe> bound: sorry not seen it yet
[11:11:57] <chown-scribe> savola: observation: some form of translation, include proxy?
[11:12:03] <chown-scribe> bound: yes, alg, proxy, etc
[11:13:36] <chown-scribe> chown: need to show how ties back to ent-scenarios draft
[11:13:48] <chown-scribe> bound: will talk to many sources to get input
[11:13:59] <chown-scribe> [done]
[11:15:29] <chown-scribe> Next up: Karen Nielsen, Goals of Zero configuration tunnelling
[11:15:39] <chown-scribe> work initiated monday night
[11:15:59] <chown-scribe> sources: morelli, palet, nielson, soininen + 1
[11:16:30] <chown-scribe> starting point is minimal set of requirements for 3gpp scenario
[11:16:37] <chown-scribe> may widen
[11:17:16] <chown-scribe> more advanced and feature rich tunneling will be done via assisted-tunneling as per draft-ietf-v6ops-assisted-tunneling-requirements-00
[11:17:26] <chown-scribe> assumptions:
[11:17:32] <chown-scribe> a) no intra site nats
[11:17:50] <chown-scribe> b) site fuilly proto41 penetrable
[11:17:59] <chown-scribe> c) no v4 source address spoofing
[11:18:07] <chown-scribe> d) site proitected from proto41 from outside
[11:18:21] <chown-scribe> e) access authentication provided by external means
[11:20:28] --- lucioslayer has left: Disconnected.
[11:20:28] <chown-scribe> goals:
[11:20:39] <chown-scribe> a) automated v6 in v4 tunnel establishment
[11:20:42] <chown-scribe> b) simplicity
[11:20:56] <chown-scribe> c) timing (available early for deployment)
[11:21:06] <chown-scribe> d) public and private v4 address space must be allowed
[11:21:16] <chown-scribe> e) allow native when available
[11:21:24] <chown-scribe> f) easy to deploy, easy to phase out
[11:23:25] <chown-scribe> g) address assignment on tunnel link
[11:23:33] <chown-scribe> h) tunnel end point discovery
[11:23:43] <chown-scribe> i) tunnel link sustainability
[11:23:53] <chown-scribe> j) detectable tunnel endpoint availability
[11:24:03] <chown-scribe> k) security - no new vulnerabilities
[11:24:52] <chown-scribe> non-goals:
[11:24:57] <chown-scribe> 1) nat and firewall traversal
[11:25:10] <chown-scribe> 2) extensibility beyond v4/v6 tunnelling
[11:25:18] <chown-scribe> 3) mandate of authentication required
[11:26:07] --- lucioslayer has joined
[11:26:21] <chown-scribe> next steps: do the draft, in 1-2 weeks
[11:26:36] <chown-scribe> adurand: one point is how many addresses do you want to serve behind the tunnel?
[11:26:57] <chown-scribe> nielsen: goal is for at least 1 address, no additional goals
[11:27:09] <chown-scribe> adurand: sounds nice, but restrictive
[11:27:31] <chown-scribe> templin: good with goals, but non goals are something i din't see being appropriate
[11:29:57] <chown-scribe> chown: emphasise differences with assisted tunneling
[11:30:20] <chown-scribe> soininen: how does laptop behind phoen get ip address if phone is already using one v6 address?
[11:30:48] <chown-scribe> soininen: don't sahre pdp contexts with opohone and device behind phone, have two different links (answering pekka's question above)
[11:31:09] <chown-scribe> kessens: i am happy with scoping process and not trying to solve all problems
[11:31:27] <chown-scribe> adurand: a lot of common things between this and assisted tunneling, diffs are non-goals
[11:31:45] <chown-scribe> should we find common ground and do one thing? or do both?
[11:32:00] <chown-scribe> kessens: too early to answer
[11:32:17] --- fp has left: Disconnected
[11:32:52] <chown-scribe> palet: important to comment on peeka's question - we have discussed on whether /128 is enough, as we don;t want to increase complexity we want to ensure going for a /64 will not imply a more complicated mechanism
[11:33:14] <chown-scribe> palet: to druand: something we need to look at, difficult to say yet
[11:33:34] --- mocmobile has joined
[11:33:36] <chown-scribe> palet: trying to be as simple as possible here, we might look beyond 3gpp to other access networks
[11:33:38] --- toro_toro has left: Disconnected
[11:34:15] --- toro_toro has joined
[11:36:17] <chown-scribe> bound: these are just "things to think about"
[11:37:03] <chown-scribe> bound: i see interop problems with tunnel brokers and other methods
[11:37:19] <chown-scribe> adurand: another presentation today will answer some of the comments Jim made
[11:37:29] <chown-scribe> [done]
[11:37:38] <chown-scribe> Next up: Adurand: Assisted tunnelling requirements
[11:38:08] <chown-scribe> draft-ietf-v6ops-assisted-tunneling-requirements-00
[11:38:35] <chown-scribe> Here we see a comparison of several solutions against the assisted tunneling goals (done last night, not in the I-D)
[11:38:48] <chown-scribe> (anonymous@the_bar :))
[11:39:06] --- tuy has left: Disconnected.
[11:39:21] <chown-scribe> solutions:
[11:39:24] <chown-scribe> a) isatap
[11:39:26] <chown-scribe> b) tsp
[11:39:28] <chown-scribe> c) step
[11:39:38] <chown-scribe> d) ppp (l2tp, tcp, udp)
[11:40:05] <chown-scribe> l2tp = v6/ppp/l2tp/udp/ipsec/ipv4/...
[11:40:33] <chown-scribe> tcp = ipv6/ppp/tcp and ipv6/ppp/ssl/tcp
[11:40:45] <chown-scribe> many observations
[11:41:10] <chown-scribe> differences on prefix delgation, nat traverseal, registered mode, security ways of working
[11:41:21] <chown-scribe> All methods today fail the tunnel discovery mechanism goal
[11:41:28] <chown-scribe> no published solution to this problem yet
[11:42:08] --- yushun has left: Disconnected
[11:42:10] <chown-scribe> Isatap - fails prefix delgation and nat traversal, concern with in-band registered mode (but could do it out of band)
[11:42:15] --- nov has left: Replaced by new connection
[11:42:17] --- nov has joined
[11:42:49] <chown-scribe> templin: can discuss on list
[11:43:22] --- nov has left: Disconnected
[11:43:44] <chown-scribe> STEP: pass most requirements, coern is out of band v4 address based registration (n o roaming users, auth requires extra layer of indirection), also need to be better documented, and no implemnettaion yet
[11:44:03] <chown-scribe> TSP: passed most requirements, concern is current version needs refinement
[11:44:51] <chown-scribe> L2TP: passed most requirements, concerns: heavyweight, encapsulations!, simple to dploy if you have l2tp, security (do we need to secure L2TP with ipsec?)
[11:45:47] <chown-scribe> thaler: simple to deploy comment could apply to all mechanisms
[11:46:12] --- tuy has joined
[11:46:18] --- nov has joined
[11:46:30] <chown-scribe> IPv6/PPP/TCP, could use SSL, passes most requirements, conerns on tcp for link with packet loss, overhead for small packets, and a need to document it (define port number)
[11:46:42] <dthaler> the full comment on the slide was basically that it's simple to deploy if you already have it, and harder to deploy if you don't already have it.
[11:46:56] <dthaler> nothing specific to L2TP there.
[11:48:10] --- dudi has left: Replaced by new connection
[11:48:10] --- dudi has joined
[11:48:11] --- dudi has left
[11:48:27] <chown-scribe> IPv6/PPP/UDP: passes most (ie all bar tep discovery, as per the above methods)
[11:48:35] <dthaler> also templin's point up above, was specifically on the prefix delegation issue. He said it could be done out of band, and that's what they could discuss on the list.
[11:48:49] <chown-scribe> concern on needing a keepalive for NAT mapping, and it needs to be dcoumented (for a port number)
[11:48:59] <chown-scribe> none of these last three need heavy protocol work
[11:49:17] --- aen has left: Replaced by new connection
[11:49:17] <chown-scribe> this is what we did over last two days
[11:49:27] <chown-scribe> we will write draft if there is interest
[11:50:07] <chown-scribe> hinden: tcp over tcp makes my head hurt
[11:50:23] --- dudi has joined
[11:50:28] <chown-scribe> hinden: so other considerations here
[11:51:20] <chown-scribe> bound: useful if possible to extend to discover where tep is while be useful for clients
[11:51:32] <chown-scribe> adurand: yes, agree, all solutions need this, as all fail it now
[11:52:07] <chown-scribe> soininen: we need to get documents to do the analysis
[11:52:29] <chown-scribe> adurand: we have matrix analysis, but complex to show here
[11:52:49] <chown-scribe> kessens: please keep up this speed
[11:52:55] --- narten has left
[11:53:58] <chown-scribe> next up: Transition mechanisms update (savola)
[11:54:05] <chown-scribe> draft-ietf-v6ops-mech-v2-03
[11:54:16] <chown-scribe> at IESG evaluation
[11:54:47] <chown-scribe> comment that v6/v4 address selection preference overly simplistic, so refer to 3483 instead?
[11:55:25] <chown-scribe> solution? convince iesg simple ordering not an issue, or state dns ordering out of scope, or create a dependency on 3483 (3 options)
[11:55:58] <chown-scribe> opinions?
[11:56:03] <chown-scribe> [none]
[11:56:53] --- tuy has left: Replaced by new connection.
[11:56:59] --- tuy has joined
[11:57:25] <chown-scribe> next up: IPv6 Mobility Scenarios/Requirements update, 10 mins, Williams
[11:57:36] <chown-scribe> follow-up on draft-yamamoto-mipv6node-v4trav-00
[11:59:29] <ggm> Roy on the phone.
[11:59:40] <chown-scribe> change of plan due to projector problems
[11:59:44] <ggm> [sorry wrong room=ggm]
[11:59:53] <chown-scribe> [next up = palet now]
[12:00:01] <chown-scribe> Distributed v6 security requirements/problem statement
[12:00:09] <chown-scribe> - draft-palet-v6ops-ipv6security-00.txt - draft-vives-v6ops-ipv6-security-ps-00.txt
[12:00:29] --- Hadmut has joined
[12:00:38] <chown-scribe> goal is auto-transition to gain v6 connectivity at any time on any network.
[12:00:56] <chown-scribe> need to deal with nats, firewalls, etc and choose mechanism based on some performance criteria
[12:01:29] <chown-scribe> v6 autoconfiguration only really works with native v6 networks, we need plug and play all the way
[12:01:54] <chown-scribe> goal is to build an algorithm, and include in stack or as some form of wizard
[12:02:07] <chown-scribe> applicable to nodes and middle boxes
[12:02:10] <chown-scribe> transparent to users
[12:02:20] <chown-scribe> Algorithm:
[12:02:25] <chown-scribe> native v6 preferred
[12:02:41] --- aen has joined
[12:02:52] <chown-scribe> selection criteria based on performance - initial implementation uses delay and losses
[12:03:46] <chown-scribe> many methods to check, or that could be checked, eg. native v6, TS with proto41, TS with UDP, ISATAP, STEP, 6to4, Teredo
[12:03:53] <chown-scribe> should be open to new methods also
[12:04:34] --- tuy has left: Disconnected.
[12:05:10] <chown-scribe> need to think about how to handle nats and firewalls that block access
[12:05:51] <chown-scribe> could expand network management to set policy based networks with policies for transition mechanisms, as they do already for qos and other features
[12:06:10] <chown-scribe> Next steps:
[12:06:21] <chown-scribe> need a good nat traversal mechanism
[12:06:31] --- jerome.durand.renater has left: Disconnected
[12:06:44] <chown-scribe> maybe look at reverse scenario: v6 present but v4 required, i.e. v4 over v6 tunneling in some way
[12:07:02] <chown-scribe> questions?
[12:08:02] <chown-scribe> thaler: how do you decide tiebreakers(?)
[12:08:25] --- tuy has joined
[12:08:43] <chown-scribe> thaler: going native may mean forwarding on slow path, so v4 tunnel may be better, so users may flip to and fro between the two
[12:09:15] <chown-scribe> palet: maybe say once you choose one, stick with it.
[12:09:25] <chown-scribe> thaler: or admin supplied preference list
[12:10:04] <chown-scribe> palet: user may have choice to prefer v6 native
[12:10:21] <chown-scribe> savola: concerned about policy based netywork approach as ietf rejected that 3 years ago and no isps doing this?
[12:10:37] <chown-scribe> savola: so not operational or relaistic now
[12:10:53] <dthaler> my first point was that longest match beats the preference. otherwise an edge router that uses say 6to4 on Internet and something else internally won't work
[12:11:04] <chown-scribe> palet: very important to have idea host-centric, network may wish to provide helper
[12:11:40] <chown-scribe> savola: this won't be done at all, so it's wrong way to do it, as far as i recall on policy based networks, but no objection to for example look up something in dns
[12:11:53] <chown-scribe> palet: any isps in room with view?
[12:12:04] <chown-scribe> durand: enterprise may be an isp, may want to do that
[12:12:16] <chown-scribe> adurand: debugging is hard, so need predictability
[12:12:30] <chown-scribe> [done]
[12:12:36] <chown-scribe> next up: Carl Williams (take 2)
[12:12:53] <chown-scribe> draft-yamamoto-mipv6node-v4trav-00
[12:13:11] <chown-scribe> IPv4/IPv6 Interoperability for Mobility
[12:13:18] <chown-scribe> have had a bar bof
[12:13:24] <chown-scribe> in seoul
[12:13:49] <chown-scribe> discussion with Soliman and Savola
[12:14:11] <chown-scribe> shoukd there be mipv6 protocol changes, or work to be done in v6ops?
[12:14:21] <chown-scribe> doing scenario analysis
[12:14:29] <chown-scribe> a) problem space
[12:14:33] <chown-scribe> b) scenarios
[12:15:06] <chown-scribe> c) solution space approach - security, reuse, efficincy of mobility
[12:15:28] <chown-scribe> Hope to provide a vision for MIPv6 transition (MIP based solution vs others)
[12:15:44] <chown-scribe> where should we focus our engergies? trying to understand
[12:16:19] <chown-scribe> have looked at pros and cons and still fleshing these out
[12:17:19] <chown-scribe> we have a matrix of mip4/6 and ip4/6 combinations (8 combinations)
[12:17:26] <chown-scribe> looking at this now
[12:17:46] <chown-scribe> questions?
[12:18:15] <chown-scribe> nielsen: are you looking at mip6 movement detection?
[12:18:35] <chown-scribe> nielsen: are you considering which mechanism on a tunnel link will enable movement detection?
[12:18:40] <chown-scribe> williams: no
[12:19:07] <chown-scribe> nielsen: rather which requirements do you have wrt movement detection on tunnels
[12:19:37] <chown-scribe> williams: ah, i see. problem statement raises issue of not having two mobility management protocols, and if we used mipv4 how would we handle that?
[12:19:51] <chown-scribe> nielsen: we'll take off line
[12:20:38] <chown-scribe> anon: movement detection is orthogonal, rely as normally done for mip6 and mip4 environments, as described in those documents. will be augmented by dna v4 and dna v6 work
[12:21:05] <chown-scribe> bound: important work.
[12:21:21] --- inoue has left: Disconnected
[12:21:42] <chown-scribe> bound: suggesting mip4 is history
[12:21:49] <chown-scribe> bound: lets not tie to 3gpp
[12:22:04] --- hp has left: Disconnected
[12:22:07] <chown-scribe> bound: really got to focus on mip6, and nothing more or less
[12:22:16] <chown-scribe> bound: nor focus on 3gpp
[12:22:40] <chown-scribe> williams: agree, but need to do analysis for people that want it for scenarios today, to help provide path to mip6 end goal
[12:23:05] --- rpayne has left
[12:23:22] <chown-scribe> tsirtsis: mip4 is deployed today, so operators use it. they would like to ffer ipv6 as well, they will not rip mip4 out for that. so need answers
[12:23:36] <chown-scribe> bound: good point, but deployments on intranets now
[12:23:52] <chown-scribe> anon: it's deployed, come on
[12:24:19] --- hp has joined
[12:24:47] <chown-scribe> henrik: wrong approach - not a transition issue but coexistence, if you have mip4 deployed, you need to add ipv6 capability, and to provide ipv6 with existing mip4
[12:24:59] --- inoue has joined
[12:25:22] <chown-scribe> tsirtsis: problem like big network on v4 private network and wants to add v6, its another transition scenario.
[12:25:42] <chown-scribe> bound: ok, but combinations here, across an internet not just intranet, much more complex
[12:25:56] <chown-scribe> tsitsis: like v4 private nets
[12:26:05] <chown-scribe> savola: enough
[12:26:14] <chown-scribe> williams: we'll submit draft
[12:26:18] <chown-scribe> [done]
[12:26:25] <chown-scribe> next up: Palet again
[12:27:22] <chown-scribe> [Correction: previous Palet talk was "Auto-trdraft-palet-v6ops-auto-trans-00.txt]sition": picking the right mechanism,
[12:27:38] <chown-scribe> [This presentation really is Distributed v6 security requirements/problem statement]
[12:27:45] <chown-scribe> - draft-palet-v6ops-ipv6security-00.txt - draft-vives-v6ops-ipv6-security-ps-00.txt
[12:28:00] <chown-scribe> We have a 3rd rfat now also
[12:28:09] <chown-scribe> rfat=draft
[12:28:39] <chown-scribe> Need to look at issues of end-to-end communication, IPsec in all stacks, more IP devices, more nomadic devices
[12:28:45] --- aen has left: Disconnected
[12:28:59] <chown-scribe> identify v6 issues that justify need for a new security model
[12:30:00] <chown-scribe> traditional model no longer as appropriate as it once was
[12:30:59] --- hp has left
[12:31:25] <chown-scribe> for a hosty-based security model, we need a centrally defined policy and distribute this to PEPs, using a policy specification language, a policy exchange protocol, and an authentication mechanism for entities
[12:31:35] <chown-scribe> we can reuse existing policy based network statndards
[12:31:46] --- becarpenter has left: Replaced by new connection
[12:32:06] --- becarpenter has joined
[12:33:07] --- tuy has left: Replaced by new connection.
[12:33:08] --- tuy has joined
[12:33:08] --- tuy has left
[12:33:13] --- tuy has joined
[12:33:16] --- tuy has left
[12:33:24] --- tuy has joined
[12:33:33] <chown-scribe> [explaining usual list of pros/cons of host-based security]
[12:33:44] <chown-scribe> IPv6 issues:
[12:33:47] <chown-scribe> a) end to end
[12:33:55] <chown-scribe> b) ipsec transport mode
[12:34:03] <chown-scribe> c) mobility
[12:34:13] <chown-scribe> d) address handling, e.g. link local and rfc3041
[12:34:19] <chown-scribe> e) ND, including send
[12:34:24] <chown-scribe> f) embedded devices
[12:34:49] <chown-scribe> We have list of requirements, currently in 8 areas
[12:37:01] <chown-scribe> questions?
[12:37:15] --- vlevigneron has joined
[12:37:27] <chown-scribe> borakio(?): you have decided that policy based thing is what you want to do. this work should be in another wg
[12:37:31] <chown-scribe> savola: agree
[12:38:02] <chown-scribe> borakio: looks like a product spec - let's see requirements. btw i just walked in and haven't read drafts
[12:38:08] <chown-scribe> palet: we just want comments
[12:38:40] <chown-scribe> palet: of we go end to end, we need to look at problems
[12:38:54] <chown-scribe> borakio: look at nanog san francisco paper on v6
[12:39:13] <chown-scribe> palet: have looked at that, and have asked security groups, and got NO reply or inputs
[12:39:19] <chown-scribe> savola: enough
[12:39:32] <chown-scribe> palet: ok. we will have implementation in 2004
[12:39:37] <chown-scribe> trials in 2005
[12:39:51] <chown-scribe> palet: please give us inputs
[12:40:18] <chown-scribe> kessens: stop!
[12:40:29] --- sakai has left
[12:40:35] <chown-scribe> palet: ok, bte we will also have autotransition implemnation in 2004
[12:41:21] <chown-scribe> [done]
[12:42:13] <chown-scribe> Next up: draft-kondo-quarantine-overview-01, submitted in Seoul originally
[12:42:27] <chown-scribe> -01 version is update from that
[12:43:20] <chown-scribe> implemtation coming as WIDE project secure6-wg item, q4/2004-q1/2005
[12:43:49] <chown-scribe> looking at how to segment a network through security policy
[12:44:12] <chown-scribe> may use pana/8021.x, dhcpv6, TSP or DTCP and VLAN (802.1q) components
[12:44:28] <chown-scribe> have v6 prefix assigment for each security segment
[12:46:33] --- aen has joined
[12:46:47] --- hp has joined
[12:46:57] --- hp has left
[12:47:01] <chown-scribe> prefix assigned could change based on security status of the node
[12:47:43] <chown-scribe> evaluating protocols now for which is best suited
[12:48:07] <chown-scribe> next step is to continue evluation and then soon begin implemntation
[12:48:23] --- ggm has left: Disconnected
[12:48:24] <chown-scribe> please send comments
[12:48:45] <chown-scribe> questions?
[12:48:48] <chown-scribe> [none]
[12:49:08] --- tuy has left: Disconnected.
[12:49:20] <chown-scribe> Next up: Morelli: Advanced L3 IPv6 Exchange Model
[12:49:28] <chown-scribe> draft-morelli-v6ops-ipv6-ix-00
[12:49:56] <chown-scribe> goal is to document experience gained in Euro6IX project (www.euor6ix.org)
[12:50:02] <chown-scribe> www.euro6ix.org
[12:50:11] --- gillos has left: Disconnected
[12:50:14] <chown-scribe> have 7 ix nodes
[12:50:53] <chown-scribe> interesting bit is IX assigning addresses to customers
[12:51:04] <chown-scribe> so customer changing provider does not have to change prefix
[12:51:11] <chown-scribe> if changing local provider
[12:51:21] <chown-scribe> need wg input please
[12:51:57] <chown-scribe> tuy: why are ix's providing addresses to customers? why?
[12:52:28] <chown-scribe> morelli: in our model ix oprovies addresses not the lcoal provider/isp
[12:52:39] <chown-scribe> tuy: in real world no isp will work with this model
[12:53:13] <chown-scribe> kurtis: this is flawed, due to return traffic problem from ix
[12:53:43] <chown-scribe> kurtis: not enough detail in drfat to say how it could even work, whoever announces aggereate prefix becomes an isp
[12:54:40] <chown-scribe> leinen: trying to understand, but i find it confusing that you call this an ix, to me it's a "regional address allocation approach", it could be a national regulator function or something. people will always read this and not recognise ix in this
[12:54:51] <chown-scribe> morelli: agree name should be changed
[12:54:57] <chown-scribe> savola: list
[12:56:05] <chown-scribe> chown: other wgs doing assisted tunneling?
[12:56:14] <chown-scribe> kessens: yes
[12:57:14] <chown-scribe> [for some reason chairs have closed meeting while Alain Durand has something to present??]
[12:57:31] <chown-scribe> Next up: Durand: tunnel end point discovery
[12:57:57] <chown-scribe> some solutions?
[12:58:10] <chown-scribe> forward dns tree solutions do not map to topology
[12:58:20] <chown-scribe> anycast addresses have propogation control issues
[12:58:33] <chown-scribe> dhcp(v4) options are difficult to dploy in practice
[12:58:48] <chown-scribe> So how can we have a way to discover a tunnel end point for a node to use?
[12:59:42] <chown-scribe> View from 30,000 feet
[13:00:00] --- Hadmut has left
[13:00:04] <chown-scribe> why not use reverse dns tree? host can then look up own reverse entry
[13:00:15] --- tuy has joined
[13:00:32] <chown-scribe> control can be performed for users by admin on per host or per subnet basis (with wildcards)
[13:01:05] <chown-scribe> Populating large zones is an issue, could use wildcards, with care
[13:01:28] <chown-scribe> or could dynamically generate all the records
[13:01:29] --- jerome.durand.renater has joined
[13:01:41] <chown-scribe> could generate on query
[13:02:10] <chown-scribe> Next question is what to do for user behind NAT? Their lookup will be Net10, so ISP could populate reverse DNS for all Net10.
[13:02:28] <chown-scribe> Or if there was a way to discover the IP address on far side of NAT we could use that, but there isn't such a way
[13:03:02] <chown-scribe> Which record type to use? SRV? NAPTR?
[13:03:08] <chown-scribe> not sure right now
[13:03:52] --- fp has joined
[13:04:20] --- nov has left
[13:04:39] --- aen has left
[13:04:44] <chown-scribe> palet: looking at this in conjunction with draft-palet-v6ops-tun-auto-disc-01
[13:05:08] <chown-scribe> templin: can i present?
[13:05:54] <chown-scribe> soininen: meeting is closed, room is available
[13:06:26] <chown-scribe> Unofficial talk: Templin, IPv6 Addressing in the IPv4 Internet
[13:06:34] --- brabson has left
[13:07:14] <chown-scribe> - seee http://www.geocities.com/osprey67/v6v4inet-01a.txt
[13:07:29] <chown-scribe> send comments to Templin
[13:08:32] --- droms has joined
[13:08:54] <chown-scribe> [scribing ended]
[13:09:07] <chown-scribe> meeting is closed ralph
[13:09:26] <chown-scribe> fred just talking "unofficially" about http://www.geocities.com/osprey67/v6v4inet-01a.txt
[13:09:34] --- chown-scribe has left
[13:10:09] --- vlevigneron has left
[13:11:36] <droms> thanks... bye
[13:11:43] --- ohira has left
[13:11:44] --- droms has left
[13:11:50] --- tuy has left
[13:12:46] --- inoue has left: Disconnected
[13:13:25] --- dudi has left
[13:16:17] --- hkruse has left: Disconnected
[13:16:50] --- mocmobile has left: Disconnected
[13:17:42] --- toro_toro has left
[13:17:43] --- arador has left
[13:18:09] --- jerome.durand.renater has left
[13:18:22] --- lucioslayer has left
[13:18:32] --- dthaler has left
[13:20:30] --- Suresh Krishnan has left
[13:20:38] --- dinakar has left
[13:22:04] --- becarpenter has left
[13:41:33] --- fp has left: Disconnected
[16:02:01] --- becarpenter has joined
[16:11:18] --- becarpenter has left
[22:25:26] --- tuy has joined
[22:27:39] --- tuy has left
[22:41:14] --- tuy has joined
[22:41:25] --- tuy has left