<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE></TITLE>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3199" name=GENERATOR></HEAD>
<BODY text=#000000 bgColor=#ffffff>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2>So what about a phone conference sometime around November
26-30? And a f2f either Sunday evening or on Monday.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2>Please propose topics for the conf call. My proposal would
be to talk about solutions which enable MIP usage with the current
firewalls. Hannes and myself wrote two drafts on the topic:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2><A
href="http://www.ietf.org/internet-drafts/draft-bajko-mip6-rrtfw-02.txt">http://www.ietf.org/internet-drafts/draft-bajko-mip6-rrtfw-02.txt</A>,
which describes a method to exchange addresses the peers own,
and</FONT></SPAN></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2><A
href="http://www.ietf.org/internet-drafts/draft-tschofenig-mip6-ice-01.txt">http://www.ietf.org/internet-drafts/draft-tschofenig-mip6-ice-01.txt</A>,
which describes how to check connectivity between address pairs of two nodes (it
is based on <A
href="http://ietf.org/internet-drafts/draft-ietf-mmusic-ice-19.txt">http://ietf.org/internet-drafts/draft-ietf-mmusic-ice-19.txt</A>).</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2>It would be nice if you could read these documents and post
your opinions about them.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2>thanks,</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2>-gabor</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=664590918-06112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> mip6-firewall-bounces@zeke.ecotroph.net
[mailto:mip6-firewall-bounces@zeke.ecotroph.net] <B>On Behalf Of </B>ext Yaron
Sheffer<BR><B>Sent:</B> Tuesday, November 06, 2007 9:09 AM<BR><B>To:</B> Suresh
Krishnan<BR><B>Cc:</B> Roberto Baldessari;
mip6-firewall@zeke.ecotroph.net<BR><B>Subject:</B> Re: [Mip6-firewall] Next
Steps<BR></FONT><BR></DIV>
<DIV></DIV>I'm probably coming in Sunday evening, unfortunately after the
reception.<BR><BR> Yaron<BR><BR>Suresh Krishnan wrote:
<BLOCKQUOTE cite=mid:473085DF.2010906@ericsson.com type="cite"><PRE wrap="">Hi Hannes,
I may arrive on Saturday, but I am not sure. I would prefer a phone
conference after the deadlines and a face2face probably before/after the
welcome reception.
Thanks
Suresh
Hannes Tschofenig wrote:
</PRE>
<BLOCKQUOTE type="cite"><PRE wrap="">Hi Qiu
Hi all,
we should
* update draft-krishnan-mip6-firewall
* arrange a phone conference before the IETF meeting
* arrange a face-to-face meeting at IETF#70.
I wonder whether someone of you is already arriving on Saturday before
the meeting.
Gabor volunteered to setup a phone conf. call (ideally after the
submission deadlines).
Ciao
Hannes
QIU Ying wrote:
</PRE>
<BLOCKQUOTE type="cite"><PRE wrap="">Hi, Firewall Folks:
Should we update our draft "draft-krishnan-mip6-firewall-01" according to
the feedback getting at IETF69?
My comments are below"
</PRE>
<BLOCKQUOTE type="cite"><PRE wrap="">6. Firewall Recommendations for MIPv6
I-D: draft-krishnan-mip6-firewall-01 15 min
Suresh Krishnan
--------------------------------------
* presentation:
- different scenario: firewall protecting HA, MN, CN, respectively
- recommends which kind of traffic should not be blocked by firewalls
- Adopt as WG draft?
* discussion
- hesham: just to clarify, only some firewalls in enterprise networks
block ipsec. Not in public networks
- frank: your solution makes network less safe (let all IPsec traffic
to HA through).
- Suresh: but this is the HA service, you have to let this
traffic through
</PRE></BLOCKQUOTE><PRE wrap="">Frankly, in practice realm, home agents are very special nodes: 1) only few
nodes are charged as home agents within a networks. 2) Home agent is
normally functioned as a server or a stationary machine at least, so it is
strong enough to protect itself (e.g. Jari mentioned access mechanisms) and
not have to rely on the protection of firewall.
A firewall that opens few channels for some specified robust nodes do not
means to weaken the strength of network security.
But in order to prevent the flood attacks, the firewall can constrain the
throughput of these channels.
</PRE>
<BLOCKQUOTE type="cite"><PRE wrap="">- Alex: some operators don't want to allow RO due to security weaknessses
- Suresh: that's why we separated rules for RO and for non-RO
</PRE></BLOCKQUOTE><PRE wrap="">No matter RO or non RO, the issue of IPsec packets through a firewall can
not avoid due to home binding update.
Any more comments?
Regards
Qiu Ying
----- Original Message -----
From: "Roberto Baldessari" <A class=moz-txt-link-rfc2396E href="mailto:Roberto.Baldessari@nw.neclab.eu"><Roberto.Baldessari@nw.neclab.eu></A>
To: <A class=moz-txt-link-rfc2396E href="mailto:nemo@ietf.org"><nemo@ietf.org></A>; <A class=moz-txt-link-rfc2396E href="mailto:mext@ietf.org"><mext@ietf.org></A>
Sent: Tuesday, November 06, 2007 5:18 PM
Subject: [MEXT] Nemo/Mext meeting at IETF-70?
Hi all,
According to the IETF draft agenda, no NEMO nor MEXT WG meeting has been
scheduled yet. Are there plans to have one at IETF-70?
Concerning the activity on automotive requirements for NEMO RO, we are in
the process to update the doc according to the feedback we got at IETF-69
and preparing it to include/unify requirements from both C2C-CC and ISO
CALM.
Anyway, as (I guess) the contributions from CALM won't be ready in time for
IETF-70, I don't have anything against waiting until IETF-71 to present a
more complete document. Also, I hope that by then MEXT WG will be actually
in place.
Best regards,
Roberto
================================================
Roberto Baldessari
Research Scientist
NEC Laboratories, Network Division, NEC Europe Ltd.
Kurfuerstenanlage 36, D-69115 Heidelberg
Tel. +49 (0)6221 4342-167
Fax: +49 (0)6221 4342-55
e-mail: <A class=moz-txt-link-abbreviated href="mailto:roberto.baldessari@nw.neclab.eu">roberto.baldessari@nw.neclab.eu</A>
web: <A class=moz-txt-link-freetext href="http://www.netlab.nec.de/">http://www.netlab.nec.de/</A>
NEC Europe Limited | Registered Office:
NEC House, 1 Victoria Road, London W3 6BL
Registered in England 2832014
================================================
_______________________________________________
MEXT mailing list
<A class=moz-txt-link-abbreviated href="mailto:MEXT@ietf.org">MEXT@ietf.org</A>
<A class=moz-txt-link-freetext href="https://www1.ietf.org/mailman/listinfo/mext">https://www1.ietf.org/mailman/listinfo/mext</A>
------------ Institute For Infocomm Research - Disclaimer -------------This email is confidential and may be privileged. If you are not the intended recipient, please delete it and notify us immediately. Please do not copy or use it for any purpose, or disclose its contents to any other person. Thank you.--------------------------------------------------------
_______________________________________________
Mip6-firewall mailing list
<A class=moz-txt-link-abbreviated href="mailto:Mip6-firewall@zeke.ecotroph.net">Mip6-firewall@zeke.ecotroph.net</A>
<A class=moz-txt-link-freetext href="https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall">https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall</A>
</PRE></BLOCKQUOTE><PRE wrap="">_______________________________________________
Mip6-firewall mailing list
<A class=moz-txt-link-abbreviated href="mailto:Mip6-firewall@zeke.ecotroph.net">Mip6-firewall@zeke.ecotroph.net</A>
<A class=moz-txt-link-freetext href="https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall">https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall</A>
</PRE></BLOCKQUOTE><PRE wrap=""><!---->
_______________________________________________
Mip6-firewall mailing list
<A class=moz-txt-link-abbreviated href="mailto:Mip6-firewall@zeke.ecotroph.net">Mip6-firewall@zeke.ecotroph.net</A>
<A class=moz-txt-link-freetext href="https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall">https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall</A>
</PRE></BLOCKQUOTE></BODY></HTML>