--- 1/draft-ietf-v6ops-rfc3316bis-04.txt 2013-09-14 10:14:24.450117878 -0700 +++ 2/draft-ietf-v6ops-rfc3316bis-05.txt 2013-09-14 10:14:24.490118915 -0700 @@ -1,23 +1,23 @@ IPv6 Operations (V6OPS) J. Korhonen, Ed. Internet-Draft Renesas Mobile Obsoletes: 3316 (if approved) J. Arkko, Ed. Intended status: Informational Ericsson -Expires: March 4, 2014 T. Savolainen +Expires: March 18, 2014 T. Savolainen Nokia S. Krishnan Ericsson - August 31, 2013 + September 14, 2013 IPv6 for 3GPP Cellular Hosts - draft-ietf-v6ops-rfc3316bis-04.txt + draft-ietf-v6ops-rfc3316bis-05.txt Abstract As the deployment of third and fourth generation cellular networks progresses, a large number of cellular hosts are being connected to the Internet. Standardization organizations have made Internet Protocol version 6 (IPv6) mandatory in their specifications. However, the concept of IPv6 covers many aspects and numerous specifications. In addition, the characteristics of cellular links in terms of bandwidth, cost and delay put special requirements on how @@ -38,21 +38,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on March 4, 2014. + This Internet-Draft will expire on March 18, 2014. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -83,21 +83,21 @@ 3.1. Extension header considerations . . . . . . . . . . . . . 11 4. Mobility . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12 7. Security Considerations . . . . . . . . . . . . . . . . . . . 12 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 8.1. Normative references . . . . . . . . . . . . . . . . . . . 14 8.2. Informative references . . . . . . . . . . . . . . . . . . 15 Appendix A. Cellular Host IPv6 Addressing in the 3GPP Model . . . 16 Appendix B. Changes to RFC 3316 . . . . . . . . . . . . . . . . . 18 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 1. Introduction Technologies such as GPRS (General Packet Radio Service), UMTS (Universal Mobile Telecommunications System), Evolved Packet System (EPS), CDMA2000 (Code Division Multiple Access 2000) and eHRPD (Enhanced High Rate Packet Data) are making it possible for cellular hosts to have an always-on connection to the Internet. IPv6 [RFC2460] has become essential to such networks as the number of cellular hosts is increasing rapidly. Standardization organizations @@ -373,23 +373,22 @@ and global addresses is not affected by the above procedure. 2.5. Multicast Listener Discovery (MLD) for IPv6 Within 3GPP networks, hosts connect to their default routers (GGSN/ PGW) via point-to-point links. Moreover, there are exactly two IP devices connected to the point-to-point link, and no attempt is made (at the link-layer) to suppress the forwarding of multicast traffic. Consequently, sending MLD reports for link-local addresses in a 3GPP environment is not necessary, although sending those cause no harm or - interoperability issues. - - MLD is needed for multicast group knowledge that is not link-local. + interoperability issues. Refer Section 5.10 of [RFC6434] for MLD + usage for multicast group knowledge that is not link-local. 2.6. Privacy Extensions for Address Configuration in IPv6 Privacy Extensions for Stateless Address Autoconfiguration [RFC4941] or other similar technologies may be supported by a cellular host. Privacy in general, is important for the Internet. In 3GPP networks the lifetime of an address assignment depends on many factors such as radio coverage, device status and user preferences. As a result also the prefix the cellular host uses is a subject to frequent changes. @@ -509,34 +508,40 @@ aspects of the cellular environment that make certain types of vulnerabilities more severe. The following issues are discussed: o The suggested limitations (Section 3.1) in the processing of extension headers limits also exposure to Denial-of-Service (DoS) attacks through cellular hosts. o IPv6 addressing privacy [RFC4941] or similar technology may be used in cellular hosts. However, it should be noted that in the 3GPP model, the network would assign a new prefix, in most cases, to hosts in roaming situations and typically, also when the - cellular hosts activate a PDP Context or a PDN Connection. This - means that 3GPP networks will already provide a limited form of - addressing privacy, and no global tracking of a single host is - possible through its address. On the other hand, since a GGSN/ - PGW's coverage area is expected to be very large when compared to - currently deployed default routers (no handovers between GGSN/PGWs - are possible), a cellular host can keep a prefix for a long time. - Hence, IPv6 addressing privacy can be used for additional privacy - during the time the host is on and in the same area. The privacy - features can also be used to e.g., make different transport - sessions appear to come from different IP addresses. However, it - is not clear that these additional efforts confuse potential - observers any further, as they could monitor only the network - prefix part. + cellular hosts activate a PDP Context or a PDN Connection. 3GPP + devices must not use interface identifiers that are unique to the + device, so the only difference in address between to 3GPP devices + using SLAAC is in the prefix. This means that 3GPP networks will + already provide a limited form of addressing privacy, and no + global tracking of a single host is possible through its address. + On the other hand, since a GGSN/PGW's coverage area is expected to + be very large when compared to currently deployed default routers + (no handovers between GGSN/PGWs are possible), a cellular host can + keep a prefix for a long time. Hence, IPv6 addressing privacy can + be used for additional privacy during the time the host is on and + in the same area. The privacy features can also be used to e.g., + make different transport sessions appear to come from different IP + addresses. However, it is not clear that these additional efforts + confuse potential observers any further, as they could monitor + only the network prefix part. + o The use and recommendations of various security services such as + IPsec or TLS [RFC5246] in the connection of typical applications + that also apply to cellular hosts are discussed in Section 11 of + [RFC6434]. o The use of various security services such as IPsec or TLS in the connection of typical applications in cellular hosts is discussed in Section 3 and further pointer for recommendations are given there. o The airtime used by cellular hosts is expensive. In some cases, users are billed according to the amount of data they transfer to and from their host. It is crucial for both the network and the users that the airtime is used correctly and no extra charges are applied to users due to misbehaving third parties. The cellular links also have a limited capacity, which means that they may not @@ -643,20 +649,23 @@ [RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and More-Specific Routes", RFC 4191, November 2005. [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast Addresses", RFC 4193, October 2005. [RFC5072] Varada, S., Haskins, D., and E. Allen, "IP Version 6 over PPP", RFC 5072, September 2007. + [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security + (TLS) Protocol Version 1.2", RFC 5246, August 2008. + [RFC5555] Soliman, H., "Mobile IPv6 Support for Dual Stack Hosts and Routers", RFC 5555, June 2009. [RFC6106] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli, "IPv6 Router Advertisement Options for DNS Configuration", RFC 6106, November 2010. [RFC6459] Korhonen, J., Soininen, J., Patil, B., Savolainen, T., Bajko, G., and K. Iisakkila, "IPv6 in 3rd Generation Partnership Project (3GPP) Evolved Packet System (EPS)",