2.4.15 Resource Allocation Protocol (rap)

NOTE: This charter is a snapshot of the 51st IETF Meeting in London, England. It may now be out-of-date. Last Modified: 31-Jul-01

Chair(s):

Scott Hahn <scott.hahn@intel.com>
Mark Stevens <mstevens@ellacoya.com>

Operations and Management Area Director(s):

Randy Bush <randy@psg.com>
Bert Wijnen <bwijnen@lucent.com>

Operations and Management Area Advisor:

Bert Wijnen <bwijnen@lucent.com>

Mailing Lists:

General Discussion:rap@ops.ietf.org
To Subscribe: rap-request@ops.ietf.org
In Body: subscribe
Archive: ftp://ops.ietf.org/pub/lists/rap.*

Description of Working Group:

Recent work in the IETF have led to the development and standardization of enhanced network services such as QoS and traffic engineering. The complexity of these services and the variations in the capabilities of the devices implementing these services provide a challenge to anyone trying to configure services within medium- and large-scale networks.

The working group will define general-purpose objects that facilitate the manipulation of policies and provisioned objects available through COPS and COPS-PR. Where appropriate, these will include frameworks clarifying the applicability of COPS objects and the best practices for the definition of additional objects defined in other working groups.

In particular, the group will address the following work items:

- A standards track framework document describing the usage of COPS in carrying usage reporting and unsolicited state change information between a PDP and a PEP [FEEDBACKFRWK].

- A standards track document describing a feedback PIB to be used to carry usage/feedback information from the PEP to the PDP [FEEDBACKPIB].

- Complete work on the standards track documents for (a) the data definition language for COPS-PR [SPPI] and (b) the set of core data definitions for QoS provisioning [FRWKPIB].

- A standards track document describing a modular architecture for a COPS based Management Framework. The document will address the COPS message processing, security and access control and may specify examples of how the framework may be implemented. [COPSFRWK]

- A standards track document describing a framework or PIB to enable the explicit binding of QoS to to authenticated agents, such as corporate entities or individual users. The purpose of this document is to define a set of data structures that represent subscriber identity, subscriber credentials, and provide support for proxing various authentication strategies. This document will describe the client-server interactions necessary to install identities, bind identities to other provisioning components and the credentials necessary to complete authentication. Identities may be represented in the data structures defined by this document and may take one of many forms. Examples include none (open) partial (snooped by the network device), and full (provided by an existing authentication protocol). Examples of existing protocols include 802.1x, PAP, CHAP, EAP, Kerberos, HTTP, TLS, SSL, and SRP. [BINDFRWK].

- An informational document describing the use of COPS over TLS. [COPSTLS]

The working group will continue to document changes to COPS objects needed to support any extensions to RSVP and extensions to RVSP directly related to usage control. Specifically the working group will pursue:

- A version of draft-ietf-rap-rsvp-newidentity that addresses security shortcomings with the current document [NEWIDENTITY].

- A standards track document defining new ErrorValues for the RSVP Policy Error Object [RSVPERRVAL].

- A standards track document defining the framework and mechanism for authorizing of RSVP sessions [SESSIONAUTH].

- A standards track document defining an RSVP Local Policy Control Criteria PIB [RSVPPIB].

Documents produced by the working group must fully address all the security aspects of this type of protocol. In particular, theft and denial of service threats must be minimized.

The Working Group will not define semantics of objects for any specific protocol or technology. Such work will be done (if done at all) in protocol or technology specific WGs.

For the work on the [FEEDBACKFWRK] and [FEEDBACKPIB], the WG will work with other WGs (like AAA WG) to prevent duplication and overlapping solutions.

Goals and Milestones:

Done

  

Submit I-D framework document for policy control for RSVP to IESG for publication as a RFC.

Done

  

Submit I-D defining any necessary extensions to RSVP to support policy control to IESG for publication as a RFC

Done

  

Submit I-D defining a standard protocol for the exchange of policy information between RSVP-capable network nodes and policy servers to IESG for publication as a RFC.

Done

  

Submit Initial draft of document that specifies COPS usage for policy provisioning transactions

Sep 99

  

Submit initial ID on object syntax for carrying QoS policy provisioning information (dependent on progress in DiffServ and ISSLL working groups)

Done

  

Working Group last call on revised version of COPS Usage document incorporating mailing list discussions

Done

  

Submit COPS Usage document to IESG for publication as an RFC

Done

  

Submit object syntax transport protocol ID

Done

  

Submit object syntax transport protocol to IESG for consideration as a RFC.

Jul 01

  

Submit I-D defining framework of COPS-PR PIB for feedback usage

Jul 01

  

Submit FRWKPIB to IESG for consideration as a Proposed Standard

Jul 01

  

Submit COPSTLS as informational draft

Jul 01

  

Submit First draft RSVPPIB

Jul 01

  

Submit Update draft FEEDBACKPIB

Jul 01

  

Submit First draft SESSIONAUTH

Jul 01

  

Submit First draft RSVPERRVAL

Jul 01

  

Submit First draft COPSFRWK

Jul 01

  

Submit First draft of FEEDBACKFRWK

Jul 01

  

Submit Update draft RSVPPIB

Jul 01

  

Submit First draft NEWIDENTITY

Jul 01

  

Submit Update draft RSVPERRVAL

Jul 01

  

Submit Update draft SESSIONAUTH

Jul 01

  

Submit First draft BINDFRWK

Sep 01

  

Submit Update draft NEWIDENTITY

Oct 01

  

Submit Update draft FEEDBACKFRWK

Oct 01

  

Submit Update draft COPSFRWK

Jan 02

  

FEEDBACKFRWK Draft to to AD/IESG for consideration as Proposed Standard

Jan 02

  

FEEDBACKPIB Draft to to AD/IESG for consideration as Proposed Standard

Jan 02

  

RSVPPIB Draft to AD/IESG for consideration as Proposed Standard

Jan 02

  

NEWIDENTITY Draft to to AD/IESG for consideration as Proposed Standard

Jan 02

  

RSVPERRVAL Draft to to AD/IESG for consideration as Proposed Standard

Jan 02

  

SESSIONAUTH Draft to to AD/IESG for consideration as Proposed Standard

Jan 02

  

COPSFRWK Draft to to AD/IESG for consideration as Proposed Standard

Jan 02

  

COPSFRWK Draft to to AD/IESG for consideration as Proposed Standard

Internet-Drafts:
Request For Comments:

RFC

Status

Title

RFC2751

PS

Signaled Preemption Priority Policy Element

RFC2752

PS

Identity Representation for RSVP

RFC2753

 

A Framework for Policy-based Admission Control

RFC2748

PS

The COPS (Common Open Policy Service) Protocol

RFC2749

PS

COPS usage for RSVP

RFC2750

PS

RSVP Extensions for Policy Control

RFC2872

PS

Application and Sub Application Identity Policy Element for Use with RSVP

RFC2940

PS

Definitions of Managed Objects for Common Open Policy Service (COPS) Protocol Clients

RFC3084

PS

COPS Usage for Policy Provisioning

Current Meeting Report

Title: 51st IETF at London RAP WG Sessions' Minutes
Session Dates: Monday Aug 6, 2001 and Tuesday Aug 7, 2001
Co-Chairs: Mark Stevens, Scott Hahn
Temporary Co-Chair: Kwok Ho Chan
Minutes Takers: Rodney Hess, Al Grimstad

Walter Weiss - Discussion of draft-ietf-rap-access-bind-00.txt Discussion began with an overview of a new draft aiming at handling the complexity of provisioning devices at the network edge. One area of this complexity deals with the many sorts of authentication and authorization that must be supported. Briefly, the idea of the draft is to add a new element to the DiffServ informal model, the "Accessor", to handle the control of access to network resources by traffic entering a network region at an edge device. Accessors may be installed in various places in the data path, e.g., after a classifier and meter. The draft presents a PIB for the Accessor, thus enabling its provisioning according to the COPS-PR framework. Aside from provisioning the Accessor's local traffic handling behavior, an Accessor may also be provisioned to outsource authentication and authorization processing to an external PDP. The initial draft PIB provides provisioning support for EAP, PAP and CHAP. It was observed that the framework is sufficiently flexible to encompass RSVP outsourcing at some point.

Received supportive comments that this is the correct direction to proceed on this chartered work item.

Scaling issues raised because the application of the technology is for access edge of a network (an administrative domain). Walter's response indicates the scaling will depend on how people use the technology and how the environment is set up.

Issues with Classifier and Accessor being integrated. The notion of dynamic classifier and how it is modified. Suggestions of reusing existing classifier definition.

Question on how generic is the technology in the draft, how may it be applied to other usages. Walter's responded that the technology is based on building on the data path model done in DiffServ WG, and this can be applied to other usage, e.g. RSVP, MPLS, etc.

The authors will be revising the draft in the interim and would like to have feedback as soon as possible.

Kwok Ho Chan - Discussion of the draft-ietf-rap-frameworkpib-05.txt
Discussion centered on changes to the Framework PIB for replacement of draft-ietf-rap-pol-aux-mib-00.txt.

Questions raised on how RoleCombo and ifIndex are tied together. Issue raised on capability and support table need to handle the indication of more than one legal next data path element.

Active Context and clarification on how its done was raised.
Kwok indicated change was made in -05 to clarify this.

Kwok Ho Chan - Discussion of draft-ietf-diffserv-pib-04.txt
Discussion indicates changes for alignment with the DiffServ MIB, except for the Classifier data path element. The DiffServ PIB will continue to use the Classifer Table independent of how the DiffServ MIB will proceed (possibly not using the Classifer Table). This turns out to be the correct decision as the DiffServ MIB will also continue to use the Classfier Table (this decision was made after this presentation before the DiffServ WG session on Thur).

Kwok Ho Chan - Discussion of draft-ietf-rap-cops-frwk-00.txt
Discussion indicates this draft is still in its infancy and seeking collaborators.

Kwok Ho Chan - Discussion of draft-ietf-rap-session-auth-01.txt and draft-ietf-rap-rsvp-authsession-00.txt
Presentation indicates the current status and related work in 3GPP Authors seeking collaborators.

Kwok Ho Chan - Discussion of draft-ietf-rap-modify-sender-behavior-00.txt. Discussion indicates this draft was renamed from draft-santitoro-rap-rsvp-errorcodes-01.txt. Anticipating to do WG Last Call pending response to concerns raised.

Issue was raised concerning the method proposed does not follow the RSVP Model and violates the RSVP end-to-end model. Issues on how to fix RSVP to allow re-negotiation using error values and End-To-End signaling issues was raised. Kwok, draft authors will be addressing these issues and post results on the list for discussion.

Question raised about multiple PDP usage in a single administrative domain, the answer is yes (for COPS in general). Additional questions on policy between administrative domains and what protocol may be used. Kwok indicated this is not in the RAP WG Charter currently and will need to finish current WG work items first. Mark indicates whoever wants to solve the problem can do it as individual submission first.

Diana Rawlins - Discussion of draft-ietf-rap-feedback-frwk-00.txt and draft-ietf-rap-feedback-fr-pib-00.txt

Question raised concerning report's periodic interval and the notion of not needing to send report because there was no increment since previous report. Diana indicated currently there is no text indicating this.

Issue raised concerning missing linkage to rmon and diffserv. Indicating this can be basis for these other work.

Comment on the framework is capable to handle linkage with diffserv counters. Diana confirmed and Kwok indicated the Feedback PIB allows the indication of where in hardware the PEP supports what counters, providing a general feedback PIB and does not need specialized MIBs with hard coded locations of counters. Agreeing on this is a good feature and correct approach.

Rodney Hess - Discussion of
draft-ietf-rap-rsvp-better-identity-01.txt
draft-ietf-rap-new-rsvp-ext-00.txt
and draft-ietf-rap-auth-policy-data-00.txt

Discussion indicates that these drafts are based on concerns by the Security ADs that RSVP's AUTH_DATA object may be subject to replay attack. And updates RFC 2750 and 2752 are needed

Discussion indicates there is no demonstrated replay attack and there are no security problems found with the original RFCs, and only clarification of the original text is needed.

Authors to discuss offline and report to the RAP wg co-chairs at the earliest.

Christian Jacquenet - Discussion of draft-jacquenet-ip-te-cops-02.txt and draft-jacquenet-ip-te-pib-00.txt

Comment from Bert that this work needs to be done in the traffic engineering group, and not in RAP. Other comments indicating a BOF for this may be worthwhile and this work may leverage work done in the DiffServ Informal Model.

Thi Mai Trang Nguyen - Discussion of draft-nguyen-rap-cops-sls-00.txt

Discussion of COPS-SLS used between 2 PDPs in 2 separate domains. Comments concerning SLS Configuration and SLS Negotiation should be 2 separate mechanisms. SLS Configuration could be done with some other mechanism.

Diana Rawlins - Discussion of draft-rawlins-rsvppcc-pib-02.txt

Presentation indicates DSCP Marker Table added to provide IntServ to DiffServ translation. No comments.

Dave Durham - Brief mention of work relevant to RAP working group efforts in the following individual submission: draft-hegde-mpls-setup-pib-00.txt

No comments.

Working group last-call will begin of ~August 20, 2001 for informational draft: draft-ietf-rap-cops-tls-00.txt.

Slides

IP Traffic Engineering Policy Enforcement
Session set-up with media authorization
RSVP ErrorValues Used to Modify Sender Behavior
DiffServ PIB-04 and COPS Framework drafts
'draft-ietf-rap-frameworkpib-05' changes for 51st IETF
'draft-ietf-rap-feedback-frwk-pib-00'
'draft-ietf-rap-feedback-frwk-00'
What’s Changed with Policy over RSVP
Framework for Binding Access Control to COPS Provisioning
MPLS Setup PIB
RSVP Policy Control Criteria PIB
COPS Usage for SLS Negotiation (COPS-SLS)