SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME

    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    iFCP: minutes iFCP authors' confcall this Fri October 19th 9:00am PST

    • To: "IPS Reflector (E-mail)" <ips@ece.cmu.edu>
    • Subject: iFCP: minutes iFCP authors' confcall this Fri October 19th 9:00am PST
    • From: "Franco Travostino" <travos@nortelnetworks.com>
    • Date: Fri, 19 Oct 2001 13:49:24 -0400
    • Content-Type: multipart/alternative; boundary="=====================_13253817==_.ALT"
    • Sender: owner-ips@ece.cmu.edu

    Attendees:

    Kevin Gibbons, Nishan Systems
    Charles Monia, Nishan Systems
    Inder Monga, Nortel Networks
    Franco Travostino, Nortel Networks
    Wayland Jeong,. Troika Networks

    a) Comments on iFCP, -06.

    CM described the delta between -05 and -06. The section on AES (with proper I-D references) will be removed should AES hit any roadblock in its way to RFC (to be verified at the upcoming Salt Lake City meeting, IPsec WG meeting). CM mentioned that the mechanisms for comparing WWNs (e.g., tie breaking) are currently under-specified and should rather reference an RFC. All participants agreed that it will be good to receive substantial review feedback based on -06 from the community.

    b) iFCP Security Update

    FT described changes that occurred in the iFCP security words while they were "massaged" within the security informational draft. Changes are as follows:
    1) "Conformant iFCP implementations MUST support ESP in tunnel mode and MAY support ESP in transport mode" (the MAY was a SHOULD in former iFCP text).
    2) "Manual keying MUST NOT be used". (missing in former iFCP text)
    3) Signature key authentication MAY be implemented (it was a SHOULD in former iFCP text)
    4) Aggressive mode SHOULD be used when pre-shared keys are used for authentication ((it was a MUST in former iFCP text)
    5) ID Payload MUST carry a single IP address and a single non-zero port number (there wasn't a port number in former iFCP text).
    Changes 2-4 will be immediately retrofitted to the (authoritative) iFCP specification text. There was consensus to wait for 1) and 5), with the action item (IM the owner) to verify whether commercial, off the shelf IKE implementations support this ID payload format.

    CM queried about signature key authentication, which is still left as a TBS in the iFCP spec. FT recalled that the authors of the security informational draft are also waiting for new text on this topic. FT owns the action item of checking with that crowd at their next confcall (Tue 23th).

    c) iFCP MIB update

    KG briefed the iFCP co-authors on the status of the iFCP MIB draft. The next revision of the draft will take the official IETF name and will restart with -00. As such, it must be turned in by the IETF 52 deadline set for rookie drafts. Since Irvine,     Keith McCloghrie <kzm@cisco.com> has been very helpful. The MIB draft is known to compile without errors. The new draft will correctly cite rfc2837 for any Fibre Channel definition. In the new draft, there will also be a compliance section, and the gateway denominations will be removed from tables.

    -franco


    Franco Travostino, Director Content Internetworking Lab
    Advanced Technology Investments
    Nortel Networks, Inc.
    600 Technology Park
    Billerica, MA 01821 USA
    Tel: 978 288 7708 Fax: 978 288 4690
    email: travos@nortelnetworks.com

Home

Last updated: Fri Oct 19 17:17:27 2001
7302 messages in chronological order