Re: [DMM] Stephen Farrell's No Objection ondraft-ietf-dmm-hnprenum-06:(with COMMENT)
" Z.W. Yan " <yan@cnnic.cn> Mon, 06 March 2017 02:31 UTC
Return-Path: <yan@cnnic.cn>
X-Original-To: dmm@ietfa.amsl.com
Delivered-To: dmm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45EC2127ABE; Sun, 5 Mar 2017 18:31:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.923
X-Spam-Level:
X-Spam-Status: No, score=-0.923 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nCYURfTjAGJJ; Sun, 5 Mar 2017 18:31:46 -0800 (PST)
Received: from cnnic.cn (smtp13.cnnic.cn [218.241.118.13]) by ietfa.amsl.com (Postfix) with ESMTP id 6137A126D73; Sun, 5 Mar 2017 18:31:43 -0800 (PST)
Received: from yanzhiwei (unknown [218.241.103.51]) by ocmail02.zx.nicx.cn (Coremail) with SMTP id AQAAf0A5Q7cDyrxYPIOHKg--.2663S2; Mon, 06 Mar 2017 10:31:31 +0800 (CST)
Date: Mon, 06 Mar 2017 10:31:31 +0800
From: "Z.W. Yan" <yan@cnnic.cn>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
References: <201703060934053526919@cnnic.cn>, <d116246b-77ca-6cfc-e137-5d53150a56bf@cs.tcd.ie>
Message-ID: <201703061031310563207@cnnic.cn>
X-mailer: Foxmail 6, 15, 201, 22 [cn]
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="=====003_Dragon625622805781_====="
X-CM-TRANSID: AQAAf0A5Q7cDyrxYPIOHKg--.2663S2
X-Coremail-Antispam: 1UD129KBjvJXoWxZryrur4rKF1xZF48ZFyxKrg_yoW5ur1xpF WayF4fKw4DJr13A3WxAr1UCr1YvFZ5AFWUJFy5tr10yayDZF1qqF1Igrs5Ar9rWr95JF18 Xr1xC3y5XF10yrJanT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUU9Ib7Iv0xC_Kw4lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Ar0_tr1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Cr0_Gr1UM28EF7xvwVC2z280aVAFwI0_Cr1j6rxdM28EF7xvwV C2z280aVCY1x0267AKxVW0oVCq3wAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40E42I2 6xC2a48xMcIj6xIIjxv20xvE14v26r1j6r18McIj6I8E87Iv67AKxVWUJVW8JwAm72CE4I kC6x0Yz7v_Jr0_Gr1lF7xvr2IYc2Ij64vIr41lFcxC0VAYjxAxZF0Ew4CEw7xC0wCY1x02 62kKe7AKxVWUAVWUtwCY02Avz4vE14v_Gr1l42xK82IYc2Ij64vIr41l4I8I3I0E4IkC6x 0Yz7v_Jr0_Gr1lx2IqxVAqx4xG67AKxVWUGVWUWwC20s026x8GjcxK67AKxVWUGVWUWwC2 zVAF1VAY17CE14v26r126r1DMIIYrxkI7VAKI48JMIIF0xvE2Ix0cI8IcVAFwI0_Jr0_JF 4lIxAIcVC0I7IYx2IY6xkF7I0E14v26r1j6r4UMIIF0xvE42xK8VAvwI8IcIk0rVWrJr0_ WFyUJwCI42IY6I8E87Iv67AKxVWUJVW8JwCI42IY6I8E87Iv6xkF7I0E14v26r4j6r4UJb IYCTnIWIevJa73UjIFyTuYvjxUgx9MUUUUU
X-CM-SenderInfo: x1dqqupqqluhdfq/
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmm/dGjhyn_aRgn-6Fj4efC9i9Ebd8I>
Cc: draft-ietf-dmm-hnprenum <draft-ietf-dmm-hnprenum@ietf.org>, dmm-chairs <dmm-chairs@ietf.org>, dmm <dmm@ietf.org>, "max.ldp" <max.ldp@alibaba-inc.com>
Subject: Re: [DMM] Stephen Farrell's No Objection ondraft-ietf-dmm-hnprenum-06:(with COMMENT)
X-BeenThere: dmm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Distributed Mobility Management Working Group <dmm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmm>, <mailto:dmm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmm/>
List-Post: <mailto:dmm@ietf.org>
List-Help: <mailto:dmm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmm>, <mailto:dmm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2017 02:31:47 -0000
OK, Stephen, it will be updated in the revised version~ Thank you again. 2017-03-06 Z.W. Yan 发件人: Stephen Farrell 发送时间: 2017-03-06 10:21:47 收件人: Z.W. Yan; The IESG 抄送: draft-ietf-dmm-hnprenum; dmm-chairs; dmm; max.ldp 主题: Re: [DMM] Stephen Farrell's No Objection ondraft-ietf-dmm-hnprenum-06:(with COMMENT) On 06/03/17 01:34, Z.W. Yan wrote: > Hello, Stephen, > Thank you for your review and comments, please confirm my in-line responses. > > > > 2017-03-06 > > > > Z.W. Yan > > > > 发件人: Stephen Farrell > 发送时间: 2017-03-03 00:48:40 > 收件人: The IESG > 抄送: draft-ietf-dmm-hnprenum; dmm-chairs; dmm; max.ldp > 主题: [DMM] Stephen Farrell's No Objection on draft-ietf-dmm-hnprenum-06:(with COMMENT) > > Stephen Farrell has entered the following ballot position for > draft-ietf-dmm-hnprenum-06: No Objection > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-dmm-hnprenum/ > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > Section 7 says: "The protection of UPN and UPA > messages in this document follows [RFC5213] and > [RFC7077]." I'm not clear if "follows" means the same > as "MUST be protected using end-to-end security > association(s) offering integrity and data origin > authentication" (RFC5213, section 4). I think it ought > really, as otherwise this could subvert the security > of PMIPv6. So wouldn't it make sense to be explicit > that these new messages have the same MUST > requirements as binding updates. Doing that by > repeating the quoted text from 5213 would be a fine > way to do that, but there may be better options. > The above was a discuss ballot. The AD and an > author agreed with the interpretation above that > that adding a clarification might be good so I've > cleared the discuss assuming they'll do that > nicely. (Thanks). > > ***The following two options are aviable as the revision : > 1) This document causes no further security problem for the signaling exchanges. > 2) This document causes no further security problem for the signaling exchanges.The UPN and UPA messages in this document MUST be protected using end-to-end security association(s) offering integrity and data origin > authentication as speficied in [RFC5213] and [RFC7077]. > > Which one do you think better, Stephen? #2 is clearly better IMO, Thanks, S > > > OLD COMMENT below > - It might also be worth saying in section 7 that to > provision a new HNP someone has to have setup all the > IPsec stuff for that. > > ***Does this comment be replaced the above one? Stephen. > _______________________________________________ > dmm mailing list > dmm@ietf.org > https://www.ietf.org/mailman/listinfo/dmm >