* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Dime Status Pages

Diameter Maintenance and Extensions (Active WG)
Ops Area: Benoit Claise, Warren Kumari | 2006-Feb-15 —  

IETF-99 dime minutes

Session 2017-07-17 1740-1840: Karlin III - Audio stream - dime chatroom


minutes-99-dime-00 minutes

          Minutes from Jean Mahoney. Thank you very much!
          IETF-99 DIME
          1740-1840  July 17, 2017, Monday Afternoon session III meeting room:
          Karlin III Jabber room: dime at jabber.ietf.org (Please join)
          Chairs:Jouni Korhonen, Lionel Morand
          AD: Ben Campbell
          17:40 - 17:45, Preliminaries, Chairs (5 minutes)
          slide 1: Title
          Lionel Morand: Jouni is not able to make it to the meeting.
          slide 2: Note Well
          slide 3: Agenda
          Note taker/Jabber scribe: Jean Mahoney
          Martin Dolly: when will Diameter security discussion happen?
          Lionel: end of the session.
          17:45 - 17:50, WG Document Status, Chairs (5 minutes)
          *draft-ietf-dime-agent-overload-11    --> RFC Ed Queue
          *draft-ietf-dime-doic-rate-control-06 --> Waiting for Write-Up
          *draft-ietf-dime-group-signaling-08   --> In WG Last Call
          *draft-ietf-dime-load-09              --> RFC Ed Queue
          *draft-ietf-dime-rfc4006bis-03        --> In WG Last Call
          slide 4: WG Status Update
          Lionel: Both overload and load are in the RFC editor queue due to a
          MISREF. I'll take care of it after this meeting.
          Steve Donovan: Just a nit on the slide - I'm the editor on load
          information, I'm not the editor for 4006bis.
          Lionel: Group signaling - the author's think it's ready. We need more
          reviews. Marco?
          Marco Liebsch: we've updated it before Chicago. We've covered all
          comments. Is ready for expert review.
          Lionel: we've received a good technical review from Steve. Needs another
          before WGLC. Rate control is missing its writeup.
          Steve: Has it finished WGLC?
          Lionel: Yes, needs writeup. Rate-control didn't receive a deep technical
          review. Need further review. From SA5 guys in 3GPP, since they are the
          main users.
          slide 5: WG Status update (2/2)
          Lionel: AVP level security (e2e) draft has expired - Jouni is not able to
          support the workload alone. I will go to the SAAG meeting and will ask
          for support from security experts. Solution doesn't have to be Diameter
          Ben Campbell: I would personally like to see this completed. Who will
          deploy it?
          Martin Dolly: next round of FCC sys req, they just finished looking at
          SS7 security vulnerabilities, next 2 years they'll look at Diameter. SA3
          coming up in 3 weeks. I'll give them discussion paper, a status update of
          work here. It gets friendly talk there. It's been discussed with regard to
          5G and security system. It's now or never, forever-hold-your-peace time.
          Lionel: GSMA would like a recommendation. If it's easy to implement,
          we have ongoing deployment.
          Ben: They are welcome to come here and help.
          Eric Guttman: for mission-critical deployments, there are 2 security
          domains - operator domain and mission-critical operator domain. We've
          looked at securing at a message or component to a SIP message
          level. The message has to be e2e secure between client and host at the
          mission-critical ISP. Are there AAA requirements where you can't expose
          certain AVPs to the operator? Need to check.
          Lionel: From the requirements POV, both should be available with the
          solution. Normally you would only be able to secure signaling between
          gateways for instance. You may have e2e secure exchange between any
          Diameter client and any Diameter server.
          Martin: I don't think that's a case. 401 specifies that equipment
          manufacturers must support IPsec for communication within the EPC, but
          says it optional to deploy. No one has deployed. For 5G, the European
          operators are fighting pulling the security into the EPC not at the
          ENodeB. Some of those statements aren't true.
          Lionel: Ben, you see there is some interest. We would like to see this
          work done in IETF.
          Ben: I observe an interest in using the work. I need to observe interest
          in doing the work. Maybe SAAG will help.
          Lionel: It's more a security discussion than a Diameter discussion. Need
          help from security area.
          Eric: There was a mechanism for using an SMIME encapsulation. That became
          Lionel: deprecated. A new mechanism will be defined outside the base
          protocol. All new drafts are based on this.
          17:50 - 18:35 Individual draft discussions (45 minutes)
          17:50 - 18:10 Diameter Policy Groups and Sets, Lyle (20min)
             Draft: https://tools.ietf.org/html/draft-bertz-dime-predictunits-02
             Draft: https://tools.ietf.org/html/draft-bertz-dime-policygroups-04
          slide 1: Title
          slide 2: Predicted Units v02 - Motivation
          Lyle: It takes 3-4 minutes to spin up a VM.
          slide 3: Predicted Units v02 - Update
          Lyle: Have not received any new updates. I would like to ask for
          Lionel: Who has read? I wasn't in the last meeting what was the feeling
          in the room?
          Ben: Besides the chair and the AD?
          Jean: About 7 people total.
          Lionel: I've read it and understood the mechanism, which is good. Check
          on the ML if there is support for adoption. There's not much to do on
          this doc.
          slide 4: Intermission
          slide 5: Purpose
          slide 6: Policy Groups - Update
          slide 7: Relationship Model
          slide 8: Policy Groups Example 1, Overlap Deduplication at Enforcement
          Point - Adding Membership Assignment to Filters
          Lyle: SDN switches have limitations of tables (13 tables in OpenFlow).
          Can concatenate tables. The rules no longer overlap. How to use your
          metadata field and tie it back to a customer?
          slide 9: Policy Groups Example 2, Application at the Decision Point
          Lyle: We don't change the user's relationship to their services
          mid-session. Usually reauthorize them before doing that.
          slide 10: Applications
          slide 11: Next Steps
          Lyle: Would like to hear more from the group before asking for adoption.
          Lionel: who has read?
          Lionel: Go back to the Purpose slide.
          Lyle: didn't want to confuse people but wanted a similar aggregation
          concept with backwards compatibility. It's similar to ... It's a
          membership domain.
          Lionel: I need to review it again. It would be useful to have more
          Lyle: I'm not happy with the examples, I'd like them to be consistent
          through the doc.
          Lionel: the draft needs to clearly identify why you can't do this with
          existing mechanisms.
          Lyle: all of our filters are based on time and what's in the packets.
          When the time is the same and the rule is a default rule, that's the
          most overlap in the system.
          Lionel: It's not that clear from the creation of AVP, be good to
          describe it.
          18:10 - 18:35 Diameter Specification Recommendations, Lyle (25min)
             Draft: https://tools.ietf.org/html/draft-bertz-dime-diamimpr-00
          slide 1: Title
          slide 2: Motivation
          Lyle: 85% of the time, errors due to ambiguity.
          slide 3: Findings
          Eric Guttman: send this to SA5 charging if you have a delegate.
          Lyle: we don't, but wanted to get it out.
          slide 4: Methodology
          slide 5: Unexpected Use Cases
          slide 6: We are not immune
          slide 7: Enumerations
          slide 8: Recommendations
          slide 9: Defined AVP Recommendations
          slide 10: Defined AVPs Recommended Formats
          slide 11: Imported AVP Recommendations
          slide 12: Grouped AVP / Command Refinement
          slide 13: Example Refinement
          slide 14: Command Recommendations
          slide 15: Enumeration Recommendations
          slide 16: GAPs for Automated Validation
          slide 17: Example to Close Gaps
          slide 18: Enumeration Example Format
          slide 19: Open Questions
          slide 20: Summary
          slide 21:  Next steps
          Lionel: who has read? (Three people raised hands)
          Lyle: Dave Dolson and Jouni read it.
          Lionel: in 3GPP it's not really refinement, because in 3GPP just
          highlight the AVPs they use. We you take a specification and not reading
          anything -
          Lyle: they want to just write the code and be done.
          Lionel: For new drafts, it should be taken into consideration. For
          existing RFCs, these are documentation errors. When it's clarification,
          it needs to go through the errata process. For the 3GPP specs, CRs need
          to be opened.
          Lyle: This has a lot of errors documented. Would this be informational?
          How would it progress?
          Lionel: It can be informational, and can be referenced by other docs. No
          guideline here. Just highlight what could go wrong.
          Lyle: I would change the style. Make it more of a report.
          Lionel: It's not unusual for the IETF to explain issues with
          18:35 - 18:40 Wrap-up and Next, Chairs/AD (5 minutes)
          WG Goals/Milestones status - skipped
          Next steps/Action Points - Future of the WG
          Lionel: We have 3 remaining documents.
          Ben: And two that you are thinking of adopting.
          Lionel: few people in room, not much activity on the list. I won't be
          able to continue with the chair position - too much work in the 3GPP.
          Same with Jouni - he changed companies, won't be able to continue. What
          is the next step except closing the group?
          Ben: The existing documents are post or near WGLC. Those can be in the
          hands of the ADs before long. What's you're time frame for needing to
          step down?
          Lionel: I need to know when to stop adopting new documents. Even for
          Ben: Of the 2 drafts for the adoption - the predictive units can be AD
          sponsored. The group one is on the border, a little more complex. I
          don't have to be the AD that sponsors it.
          Lionel: For the group one, I need to see more interest.
          Ben: even if I AD sponsor, I want someone to review them.
          Lionel: E2E security needs to be done. If we get volunteers from SAAG.
          Ben: lets see what happens in SAAG. If there's interest - maybe we can
          spin up some mini-group. Or just speculating here - recharter dime with
          new chairs to just do that.
          Lionel: If it is only to go with existing drafts, I think it can be done
          in short timeframe. Need to confirm with Jouni. Defining new charter
          with new chairs may not be useful.
          Ben: E2E security may go into the security area.
          Lionel: Are there any other comments? (none from the room). To summarize
          - existing WG documents will be pushed forward. For predictive units,
          confirm on ML that it's a WG doc, for the group one, we'll check. After
          those documents, we'll close the WG.
          Ben: Those 2 new drafts - predictive definitely and maybe group - can be
          AD sponsored. They can still change to AD sponsorship if we need to
          close the working group sooner. I'm skeptical of bringing new work into
          the group, unless we see interest.
          Lionel: Thank you.
          ACTION: Chairs to push existing WG documents forward.
          ACTION: Lionel to bring the e2e security draft to the SAAG session this
          week to ask for support in finishing it.
          ACTION: Confirm interest on mailing list for adopting
          ACTION: Confirm interest on mailing list for adopting
          ACTION: Ben to look more closely at draft-bertz-dime-policygroups as a
          candidate for AD sponsorship.

Generated from PyHt script /wg/dime/minutes.pyht Latest update: 24 Oct 2012 16:51 GMT -