Re: [hiprg] draft-irtf-hip-experiment-10 review
"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Tue, 01 March 2011 05:31 UTC
Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hiprg@core3.amsl.com
Delivered-To: hiprg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5D4CF3A6B12 for <hiprg@core3.amsl.com>; Mon, 28 Feb 2011 21:31:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.2
X-Spam-Level:
X-Spam-Status: No, score=-106.2 tagged_above=-999 required=5 tests=[AWL=-0.400, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ED33DAvaNJgP for <hiprg@core3.amsl.com>; Mon, 28 Feb 2011 21:31:47 -0800 (PST)
Received: from stl-smtpout-01.boeing.com (stl-smtpout-01.boeing.com [130.76.96.56]) by core3.amsl.com (Postfix) with ESMTP id 3D8A73A6A5A for <hiprg@irtf.org>; Mon, 28 Feb 2011 21:31:47 -0800 (PST)
Received: from stl-av-01.boeing.com (stl-av-01.boeing.com [192.76.190.6]) by stl-smtpout-01.ns.cs.boeing.com (8.14.4/8.14.4/8.14.4/SMTPOUT) with ESMTP id p215Wbem020333 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 28 Feb 2011 23:32:37 -0600 (CST)
Received: from stl-av-01.boeing.com (localhost [127.0.0.1]) by stl-av-01.boeing.com (8.14.4/8.14.4/DOWNSTREAM_RELAY) with ESMTP id p215Wbc7012890; Mon, 28 Feb 2011 23:32:37 -0600 (CST)
Received: from XCH-NWHT-07.nw.nos.boeing.com (xch-nwht-07.nw.nos.boeing.com [130.247.25.111]) by stl-av-01.boeing.com (8.14.4/8.14.4/UPSTREAM_RELAY) with ESMTP id p215WaOD012878 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Mon, 28 Feb 2011 23:32:36 -0600 (CST)
Received: from XCH-NW-10V.nw.nos.boeing.com ([130.247.25.85]) by XCH-NWHT-07.nw.nos.boeing.com ([130.247.25.111]) with mapi; Mon, 28 Feb 2011 21:32:36 -0800
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: 'Ari Keranen' <ari.keranen@nomadiclab.com>, "hiprg@irtf.org" <hiprg@irtf.org>
Date: Mon, 28 Feb 2011 21:32:34 -0800
Thread-Topic: draft-irtf-hip-experiment-10 review
Thread-Index: AcvXaFzAs+hKfgHVT2qVZEy2nKWmvwAZsR1g
Message-ID: <7CC566635CFE364D87DC5803D4712A6C4CED25AF20@XCH-NW-10V.nw.nos.boeing.com>
References: <A7C7A8B4-FE51-4471-9674-0A5AC54CCC6B@nomadiclab.com>
In-Reply-To: <A7C7A8B4-FE51-4471-9674-0A5AC54CCC6B@nomadiclab.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [hiprg] draft-irtf-hip-experiment-10 review
X-BeenThere: hiprg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Host Identity Protocol \(HIP\) Research Group" <hiprg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/hiprg>
List-Post: <mailto:hiprg@irtf.org>
List-Help: <mailto:hiprg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2011 05:31:48 -0000
> -----Original Message----- > From: Ari Keranen [mailto:ari.keranen@nomadiclab.com] > Sent: Monday, February 28, 2011 8:56 AM > To: hiprg@irtf.org > Cc: Henderson, Thomas R > Subject: draft-irtf-hip-experiment-10 review > > Hi, > > I finally managed to have look at the experiment report doc. Here's > some comments and nits: > > > 1.1. What is HIP? > > Could mention that Standards Track work has been started (in the end of > the section). > > > 1.2. Scope > > During the timeframe of this report (2004-09), > > s/09/2011/ > > > 2.3.8. Interactions with host firewalls > > When using HIP over UDP, the host needs to open > just port 10500 in practice. > > This seems to imply that inbound unsolicited packets to 10500 would be > needed, which is not the case as long as ICE is used (except for the > HIP relay server). I'd rather say something like "the firewall needs to > allow outbound UDP packets and responses to them". > > Ari, thanks for the review. The reason that the document still says 2009 is that it mainly stopped receiving substantial inputs since that time, so to avoid confusion, I propose to rephrase: "During the period of time in which the bulk of this report was drafted (2004-2009), ..." I'll make the other two changes suggested above in the next revision (-11), and I have a few more changes to add that Miika suggested. I am waiting to receive inputs on the question I posed recently about privacy and identity theft vulnerability of the DH exchange, before revising that section and publishing the -11 version. Yesterday I posed a question on the crypto-forum research group list (http://www.ietf.org/mail-archive/web/cfrg/current/msg02919.html) and I've received some feedback there. Pekka also pointed me to the 2004 paper on BLIND, which I'll review again. - Tom
- [hiprg] draft-irtf-hip-experiment-10 review Ari Keranen
- Re: [hiprg] draft-irtf-hip-experiment-10 review Henderson, Thomas R
- Re: [hiprg] draft-irtf-hip-experiment-10 review Ari Keranen