1 / 7

More TWAMP – Mixed Security Mode Extension

More TWAMP – Mixed Security Mode Extension. Al Morton, Kaynam Hedayat June 30, 2008. Security Modes MUST Match. RFC4656 OWAMP requires TEST to match the CONTROL protocol. “All OWAMP-Test sessions that are spawned by an OWAMP-Control session inherit its mode.”

reagan-lucas
Télécharger la présentation

More TWAMP – Mixed Security Mode Extension

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. More TWAMP – Mixed Security Mode Extension Al Morton, Kaynam Hedayat June 30, 2008

  2. Security Modes MUST Match • RFC4656 OWAMP requires TEST to match the CONTROL protocol. • “All OWAMP-Test sessions that are spawned by an OWAMP-Control session inherit its mode.” • Maybe clarify with a MUST in Errata…

  3. Security Modes: Mandatory to Implement • Secure modes may see more widespread use on the Control Protocol IF • Test protocol can run Unauthenticated • ALL resources on accuracy and scale when limitations are reached

  4. Mixed Mode Field Extension (new registry needed) Value Description Reference/Explanation 0 Reserved 1 Unauthenticated RFC4656, Section 3.1 2 Authenticated RFC4656, Section 3.1 4 Encrypted RFC4656, Section 3.1 8 Unauth. TEST protocol, new bit position (3) Encrypted CONTROL NOTE: only ONE new mode is needed!

  5. Mode Field Extension ---------------------------------------------------- Protocol | Permissible Mode Combinations ---------------------------------------------------- Control | Unauth. | Auth. <=|=> Encrypted ---------------------------------------------------- | Unauth. | | Unauth. ------------------------------------------- Test | | Auth. | ------------------------------------------- | | | Encrypted ----------------------------------------------------

  6. Mode Field Extension Compatibility (easy!) C S |---------->| TCP SYN |<----------| SYN-ACK |---------->| ACK |<----------| Server Greeting Current TWAMP sets bits 0-2 Mixed-Mode Extension, bit 3 |---------->| Set-Up-Response

  7. Proposal for IPPM WG • This is very simple extension • Adds one new communication mode, using existing features • Creates a Mode Registry needed for any future features PROPOSAL – Move this forward as a stand-alone WG draft.

More Related