Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15
Miika Komu <miika.komu@ericsson.com> Tue, 21 March 2017 11:26 UTC
Return-Path: <miika.komu@ericsson.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEC57128CDC for <hipsec@ietfa.amsl.com>; Tue, 21 Mar 2017 04:26:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1AEwt61htw34 for <hipsec@ietfa.amsl.com>; Tue, 21 Mar 2017 04:26:06 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60D611293F9 for <hipsec@ietf.org>; Tue, 21 Mar 2017 04:26:06 -0700 (PDT)
X-AuditID: c1b4fb2d-64c6598000005be8-4b-58d10dcc86dc
Received: from ESESSHC013.ericsson.se (Unknown_Domain [153.88.183.57]) by (Symantec Mail Security) with SMTP id 64.06.23528.CCD01D85; Tue, 21 Mar 2017 12:26:04 +0100 (CET)
Received: from [131.160.51.186] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.59) with Microsoft SMTP Server id 14.3.319.2; Tue, 21 Mar 2017 12:26:03 +0100
To: hipsec@ietf.org
References: <alpine.LRH.2.01.1702190718360.26978@hymn03.u.washington.edu> <b29136ba-093f-15a0-04a5-d090865f6dc5@ericsson.com>
From: Miika Komu <miika.komu@ericsson.com>
Organization: Ericsson AB
Message-ID: <673edf5e-e6b8-39d0-5ee8-1c5ffe500c6d@ericsson.com>
Date: Tue, 21 Mar 2017 13:26:03 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <b29136ba-093f-15a0-04a5-d090865f6dc5@ericsson.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrGLMWRmVeSWpSXmKPExsUyM2K7pe4Z3osRBnMvqllMXTSZ2YHRY8mS n0wBjFFcNimpOZllqUX6dglcGS+nnWAp6GOr2PCtm72B8TlLFyMnh4SAicTS9z9Yuxi5OIQE 1jFKrDw5kR3CWcMocXvLZDaQKmEBJ4k5/e8ZQWwRAVGJKR9OM3cxcgAV1Us0bZYCCbMJaEms unOdGcTmF5CU2NCwG6yEV8Be4swlQ5Awi4CqxJedB8GmiApESMx/uooJxOYVEJQ4OfMJ2D2c Ag4S6643M4G0MgO1PthaBhJmFpCX2P52DtRSFYmLx4InMArMQtI8C6FhFpKGBYzMqxhFi1OL i3PTjYz1Uosyk4uL8/P08lJLNjECQ+/glt+6OxhXv3Y8xCjAwajEw1vw7nyEEGtiWXFl7iFG CQ5mJRFe174LEUK8KYmVValF+fFFpTmpxYcYpTlYlMR5HfYBpQTSE0tSs1NTC1KLYLJMHJxS DYxs+9LeeVvP4H3xsX3bK+4rVTm/mePfc6cvmfmVm6vFKiCFV5PJQrLoydR1Hb9PsvYe3aC9 /POV5L2bNTIkdsr+6A6Yku9y2+pD0xfN3hyJ2LSn7r//VZ95U7331YkjHVl12ceWZssGZ7gH KHpH8ys6T6+s+8T73OmfXouNVP6pKQuZY9Xe5SqxFGckGmoxFxUnAgBtdrr0OQIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/5O2Y7lZFYE4ahIat3BYnGqFhhaY>
Subject: Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 11:26:08 -0000
Hi Tom, On 03/14/2017 11:19 AM, Miika Komu wrote: [..] > A couple of fixes for me to edit: > > * Appendix B: normative vs non-normative terminology > [...] so the appendix was using normative terminology which was a bit strange. As a quick fix, I thought about moving this appendix to the body, but after reading this extension (that was inherited as a legacy from the earlier specification) I decided to remove it. The section basically suggested allowing source routing via HIP relay for the sake of compatibility with RVS servers. I think this could be exploited in a bad way to DoS other hosts. I think it is more secure if the HIP relay only forwards inbound packets, not outbound. If you disagree with this change, please discuss on the list.
- [Hipsec] WGLC: draft-ietf-hip-native-nat-traversa… Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Jeff Ahrenholz
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Jeff Ahrenholz
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Jeff Ahrenholz
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu