Schu0201_IETF
Download
Report
Transcript Schu0201_IETF
IETF 52 – Salt Lake City
December 2001
Henning Schulzrinne
Columbia University
Siemens, Jan. 2002
Overview
General remarks about IETF 52
WG-oriented, but talk about technology
directions
Areas:
User services
Applications
Transport
Operations and Management
Security
Routing
Internet
Sub-IP
IAB and IESG plenary
General remarks
1804 attendees (San Diego: 2801,
Minneapolis: 2080)
no major issues, but some are coming
up on the horizon:
IDNS getting close (to failure?)
new routing architecture
content and copyright protection
resource reservation (for mobile?)
replacement for IKE (IPsec key exchange)
User Services
RUN (responsible Internet use)
USWG (user services)
Applications Area
ACAP
APEX
BEEP
CALSCH
DELTAV
EDIINT
FAX
FTPEXT
GEOPRIV
IMAPEXT
IMPP
IPP
LDAPBIS
LDAPEXT
LDUP
MSGTRK
NNTPext
PRIM
PROVREG
RESCAP
SIMPLE
TN3270E
TRADE
URN
USEFOR (news article format)
VPIM
WEBDAV
WEBI
Geopriv
User location and location privacy
Privacy by hiding and fuzziness
Mainly geographic (long/lat) location,
but civil (street) also important
Model not clear – who controls, who
provides locations
Other bodies (Location Interop Forum)
active
CNRSS BoF
DNS being overloaded as a search service
Particularly bad for non-roman languages –
many ways to describe same service
Return URIs of services, not domain names of
hosts
Facets (Properties)
Related to name retrieval services like CNRP,
Real Names
Transport
AVT
DIFFSERV
ENUM
IPPM (performance metrics)
IPS (IP storage)
IPTEL (IP telephony)
ISSLL (intserv)
MALLOC (mcast addr. alloc.)
MEGACO (H.248)
MIDCOM (NATs & FWs)
NAT
NSFv4
NSIS (next steps in signaling)
PILC (TCP for special links)
PWE3 (pseudo-wire)
RMT (reliable multicast)
ROHC (robust header compr.)
RSERPOOL (server pools)
SEAMOBY (context, handoff, alerting)
SIGTRAN (sign. transport)
SIP, SIPPING
SPIRITS (Internet call waiting)
TSVWG
AVT (Audio-Video Transport)
Around since 1992…
RTP to Draft Standard
MPEG4 over RTP
New RTCP scalable feedback mechanism
Retransmission requests
Secure RTP
AMR, AC-3, EFR, MIDI and other codecs over
RTP
IPtel (IP telephony)
TRIP (interdomain routing) finished
TRIP MIB
Intradomain gateways
liveness
current capacity
capabilities (carriers, routes)
Two proposals:
TRIPlite
SLP
MMUSIC
SDP and RTSP to Draft Standard
Key management for SDP
Offer-answer model for unicast
SDPng
XML-based
improved negotiation
MIDCOM
“Middleboxes”
firewalls
NATs
Control protocol to open up ports and
set up paths
Pre-MIDCOM: Shipworm, STUN, TURN
find out global address
open up path by sending outbound packets
SIP
SIP revision (“RFC2543bis”) almost done:
semantically-oriented rewrite
layers: message, transport, transaction, transaction user
SDP extracted into separate draft
UA and proxy have the same state machinery
better Route/Record-Route spec for loose routing
no more Basic authentication
few optional headers (In-Reply-To, Call-Info,
Alert-Info, …)
Integration of reliable provisional responses and
server features
DNS SRV modifications
SIP
SIP revision backwards compatible
“new” messages work with RFC 2543
implementations
some odd allowed RFC 2543 behavior no
longer allowed
CPL almost finished – merger with iCal
sip-cgi published
IM & presence mostly done, except for
IM sessions (over TCP) – IMTP, BEEP
SIP, SIPPING
Work continues on staples:
early media (announcements)
resource reservation (COMET)
SIP security
SIP events
User identification
Call transfer and call control
Now three SIP working groups:
SIP for protocol definition and extensions
SIPPING for applications and “vetting”
SIMPLE for IM & presence
IEPS (Internet Emergency Preparedness)
BoF
Emergency communication for civil authorities
resource scarcity due to overload
network under attack
PSTN has multi-layer priority (MLPP, GETS)
Conclusion: not much new needed; document
existing tools (DiffServ, admission control)
SIP Resource-Priority header
NSIS: Next Steps in Signaling
Early WG to look at resource
reservation (requirements) again
particularly with mobility?
Options:
RSVP enhancements or profile
new light-weight protocol
MobileIP enhancements
DCP: Datagram Control
Protocol
Proposal for modular protocol
Like TCP or SCTP:
anti-DOS (require echo)
congestion control – but negotiable type
rate-based?
TCP-like
Unlike TCP/SCTP:
unreliable
non necessarily in-order
datagrams, not byte stream
Operations and Management
AAA
ADSLMIB
AGENTX
BMWG (SNMP agent ext.)
BRIDGE
DISMAN
DNSOP
ENTMIB
EOS (Evol. of SNMP)
HUBMIB
IPFIX
MBONED (mcast. deploy.)
MULTI6 (IPv6 multihoming)
NASreq (NAS req.)
NGTRANS (IPv6 trans.)
POLICY
PTOMAINE (BGP meas.)
RAP (COPS resource alloc.)
RMONMIB
SMING
SNMPCONF
SNMPv3
Security
AFT (auth. firewall trav.)
CAT (common auth.)
IDWG (intrusion detection)
IPsec
IPSP (security policy)
IPSRA (remote access)
KINK (Kerberos interdomain)
KRB-WG (Kerberos)
MSEC (multicast)
OPENPGP
OTP (one-time pw.)
PKIX (public key infrastruct.)
SACRED (secure cred.)
SECSH (ssh)
SMIME
STIME (secure time)
SYSLOG (logging)
TLS
XMLDSIG (XML sigs)
IPsec
IPsec stable – but just packet format,
not key exchange
IKE considered to have problems:
hard to implement (badly written spec)
subtle crypto problems
too many options
New proposals, e.g., JFK (just fast
keying)
Routing
BGMP (BG mcast)
FORCES (forward./control)
IDMR (interdomain mcast)
IDR (interdomain rtg.)
ISIS
MANET
OSPF
PIM
RIP
SSM
UDLR (unidir. link routing)
VRRP (virt. router redund.)
Internet Area
ATOMMIB (ATM MIB)
DHC (DHCP)
DNSext
IDN (int. DNS)
IFMIB
IPCDN (IP o. cable data)
IPFC (IP over fibre channel)
IPOIB (InfiniBand)
IPV6
ITRACE
L2TPext
MAGMA (mcast)
MOBILEIP
PANA (NA auth.)
PPPEXT
PANA: Protocol for carrying
Authentication for Network Access
Currently, use PPP for authentication,
even where not needed (PPPoE)
Or use L2-specific protocols, such as for
802.11 (e.g., EAP for 802)
Goal: design common IP-layer protocol
that talks to AAA device (PAA)
Particularly for IPv6 mobile devices
IDN: Internationalized domain
names
Keep DNS content to A-Z, 0-9, —
Transformation of input characters
map: lowercase, hyphens
normalize (Unicode)
look for prohibited input
transform to ASCII subset (e.g., Punycode)
add prefix (jk--) and use normal DNS
Applications may still have difficulties with
host names
May not work with CJK characters – equality
may be language-dependent
Mobile IP
IPv6 security
securing MIPv6 binding updates
home address option vs. tunnelling
piggybacking of binding updates
Low-latency (v4) and fast (v6) handoffs
Localized mobility management
Sub-IP
CCAMP (common control and measurement)
GSMP (general switch management)
IPO (IP over optical)
IPORPR (IP over resilient packet rings)
MPLS
PPVPN (provider-provisioned VPNs)
TEWG (traffic engineering)
IETF BoFs
CDI
DCP
content distribution (web caching)
interworking
datagram control protocol
IEPREP
Internet emergency preparedness
INCH
exchange of security incident information
INTLOC
Internationalization of Internet protocols
(other than DNS and similar)
IP path tracing via sampling (DOS attacks)
IPPT
IRNSS
Internet resource name search
(directory system for lookups)
IETF BoFs
MPLSOAM
OAM for MPLS (“ping”, “traceroute”, …)
NDMP
tape backup and recovery
NMSEC
security requirements for SNMP and
COPS
content-delivery modification services
(“callout” protocols)
Operator requirements for network
management (incl. configuration)
remote direct memory access
OPES
OPS-NM
ROI
IAB and IESG
Efficiency and openness of IESG
processes
IAB:
Does DCMA affect IETF security work?
I18N?