[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Minutes for UDLR WG meeting 47th IETF

To: udlr@sophia.inria.fr
Subject: Minutes for UDLR WG meeting 47th IETF
From: Patrick Cipiere <Patrick.Cipiere@sophia.inria.fr>
Date: Wed, 29 Mar 2000 01:41:45 -0800

UDLR WG meeting 47th IETF

Presentation of the agenda by Walid Dabbous.
--------------------------------------------
* Status of the draft
* Security issues section
* Future work items for the WG

Status of the draft
-------------------
* After Oslo meeting
  - editing review (thanks to  Tim Gleeson)
  - technical clarification
    . sent & discussed on the mailing list
  - comments on security section by security Ads
  - a new version of the draft will be sent for a WG
    & IESG last call just after the meeting
  
Security section
----------------
* Ads (initial) comments on security section
  - should identify (known) security  weaknesses of the lltm: done
* Non authorized use of the UDL
* Propagation of wrong routing information
* Meeting with security AD (J. Schiller)
  - new security section

New security section
--------------------
* Routing protocols running on top of udlr MUST use
  authentication mechanisms (when available?) in order to
  avoid propagation of <<fake>> routing information
  on a wide area scale.

* Security holes are not well identified today. However, as
  the lltm uses GRE, it is expected that GRE tunnels authentication
  mechansim combined with a specific link layer mechanism on the
  forward link will help to enhance security in udlr environment.

Future work items
-----------------

* Deployment of the technology
* Security considerations
* Multicast support over <<satellite>> links
* re-charter the group

Comments from the audience:

Brent M Frere <bfrere@ses-astra.com>
 Points out that GRE is usually not supported by NAT translators.

Craig Small <csmall@eye-net.com.au>
 Thinks that the `MUST use authentication mechanisms' is too strong

Dave Oran <oran@cisco.com>
 Explain that the threats are:
 - towards the feed
 - toward nodes on the UDL net
 - towards the whole internet
 The `MUST use authentication menchanisms' is used to prevent the last
 item, and should be set as `MUST use authentication mechanisms when
 available'

Hidetaka Izumiyama <izu@jcsat.co.jp>
 Quick update of the satellite UDLR commercial offer in Japan
 - Manufacturers implementing UDLR: Sony and Hitachi-IT

Patrick Cipiere <Patrick.Cipiere@sophia.inria.fr>
 Quick update of the deployements plans in France
 - Conseil General du Tarn is currently deploying a mesh of one feed
   and several (> 40) receivers
 - Education Nationale finished the experimentation and should deploy
   within the next months a mesh of one (at least) feed and several
   receivers (might be a large number) for multicast in Universities
   and colleges 
 - Ongoing experiments within France Telecom R&D, and CNES (spacial agency)
 - Manufacturers implementing UDLR: Thomcast, Alcaltal, Harmonic Data
   System, Broadlogic

Dave Oran
 Says that this is common practise to put a group to sleep for
 several months. Seems to be the case for the UDLR WG, during the
 standard track and deployment process, in order to wait for new
 work subjects for the group to arise.


Patrick.

Prev by Date: Summary of WG meeting (minutes will follow)
Next by Date: I-Ds/RFCs on UDLR
Prev by thread: Re: I-Ds/RFCs on UDLR
Next by thread: Summary of WG meeting (minutes will follow)
Index(es):
- Date
- Thread