Presentation is loading. Please wait.

Presentation is loading. Please wait.

March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba

Published byBartholomew Johnson Modified over 8 years ago

Similar presentations

Presentation on theme: "March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba"— Presentation transcript:

1 March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba (yohba@tari.toshiba.com)

2 Issues 23 issues are part of AD review 2 other issues Only major issues are explained

3 Issues on stateless PAA discovery Issue 223: Cookie example –Issue Cookie example is not useful –Resolution: Cookie example was removed Reference to RFC 4083 is added for randomness of cookie value Issue 224: Concern on stateless discovery –Issue: Is complexity of stateless discovery worth adding? –Resolution: Rejected because the stateless feature is more important in multi-hop scenarios Issue 225: Stateless discovery indication –Issue: There is no explicit indication of stateless discovery Only insertion of a Cookie AVP implicitly indicates stateless discovery –Resolution: Added ‘L’-flag in PANA header

4 Issue 240: PaC updating its IP address Issue: When a PaC moves to a new subnet, not only IP address but also device id may change –This can happens when IP address is used as device id –PANA-Update exchange should support this Resolution: –Added optional Device-Id AVP in PUR to update PaC’s device id –Added Device-Id AVP in PUA to update the device identifier(s) of EP(s)

5 Issues 169 and 245: PANA lower layer ciphering and KDF Issue: –HMAC-SHA1 as KDF without iteration does not produce 64-octet key –KDF should not be hard-coded in the spec Resolution: –Use of IKEv2 prf+ to generate keys of arbitrary length based on iteration of a base algorithm –The hash algorithm used for prf+ is carried in Algorithm AVP The first 2 bytes of the value field contains the hash algorithm The last 2 bytes carries integrity algorithm used for generating AUTH AVP (MAC AVP is renamed to AUTH AVP based on Issue 221) The algorithm code space is defined in IKEv2 and managed by IANA –Mandatory supported base algorithms for prf+ HMAC-SHA1 for both key derivation and integrity algorithms

6 Other issues Issue 227: Rate limiting to responding to request –Issue: Missing details on rate limitation –Resolution: Rate limiting to responding to duplicate request is a “MUST” Rate limiting to responding to non-duplicate Ping-Request is a “MAY” Issue 235 Nonces –Issues: What is the suggested length of nonce? –Resolution: The nonce length is at least the length of the PRF key

Download ppt "March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba"

Similar presentations

Web security: SSL and TLS

Web security: SSL and TLS
Network Layer IPv6 Slides were original prepared by Dr. Tatsuya Suda.

Network Layer IPv6 Slides were original prepared by Dr. Tatsuya Suda.
PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.

PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
JOSE Open Issue Discussion Chairs Jim Schaad. Process Room vote for Closure – Three Choices for topics We adopt the change We reject the change We discuss.

JOSE Open Issue Discussion Chairs Jim Schaad. Process Room vote for Closure – Three Choices for topics We adopt the change We reject the change We discuss.
IKEv2 extension: MOBIKE Faisal Memon Erik Weathers CS 259.

IKEv2 extension: MOBIKE Faisal Memon Erik Weathers CS 259.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
IPsec – IKE CS 470 Introduction to Applied Cryptography

IPsec – IKE CS 470 Introduction to Applied Cryptography
IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.

IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-02.txt.

SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-02.txt.
12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba.

12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba.
July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das

July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das
Dean Cheng Jouni Korhonen Mehamed Boucadair

Dean Cheng Jouni Korhonen Mehamed Boucadair
IP Security: Security Across the Protocol Stack

IP Security: Security Across the Protocol Stack
7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.

7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.
INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.

INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.
CSCE 715: Network Systems Security

CSCE 715: Network Systems Security
August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba

August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba
SMUCSE 5349/49 IP Sec. SMUCSE 5349/7349 Basics Network-level: all IP datagrams covered Mandatory for next-generation IP (v6), optional for current-generation.

SMUCSE 5349/49 IP Sec. SMUCSE 5349/7349 Basics Network-level: all IP datagrams covered Mandatory for next-generation IP (v6), optional for current-generation.

Similar presentations

Ads by Google