IETF Logo Mail Archive

[Mipshop] Re: AD review of draft-ietf-mipshop-handover-key

"James Kempf" <kempf@docomolabs-usa.com> Wed, 31 October 2007 21:06 UTC

Return-path: <mipshop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1InKm8-0005C4-9Y; Wed, 31 Oct 2007 17:06:56 -0400
Received: from mipshop by megatron.ietf.org with local (Exim 4.43) id 1InKm6-0005Bo-UE for mipshop-confirm+ok@megatron.ietf.org; Wed, 31 Oct 2007 17:06:54 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1InKm6-0004wX-Kn for mipshop@ietf.org; Wed, 31 Oct 2007 17:06:54 -0400
Received: from key1.docomolabs-usa.com ([216.98.102.225] helo=fridge.docomolabs-usa.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1InKlr-0004fT-MK for mipshop@ietf.org; Wed, 31 Oct 2007 17:06:49 -0400
Message-ID: <e72901c81c01$e3ce43f0$576115ac@dcml.docomolabsusa.com>
From: James Kempf <kempf@docomolabs-usa.com>
To: Jari Arkko <jari.arkko@piuha.net>, draft-ietf-mipshop-handover-key@tools.ietf.org
References: <47260A0A.8030005@piuha.net> <4728E8DB.9010500@piuha.net>
Date: Wed, 31 Oct 2007 14:06:21 -0700
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Spam-Score: -97.2 (---------------------------------------------------)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Cc: Mipshop <mipshop@ietf.org>
Subject: [Mipshop] Re: AD review of draft-ietf-mipshop-handover-key
X-BeenThere: mipshop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mipshop.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mipshop@ietf.org>
List-Help: <mailto:mipshop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mipshop>, <mailto:mipshop-request@ietf.org?subject=subscribe>
Errors-To: mipshop-bounces@ietf.org

Sure.

            jak

----- Original Message ----- 
From: "Jari Arkko" <jari.arkko@piuha.net>
To: <draft-ietf-mipshop-handover-key@tools.ietf.org>
Cc: "Mipshop" <mipshop@ietf.org>
Sent: Wednesday, October 31, 2007 1:43 PM
Subject: Re: AD review of draft-ietf-mipshop-handover-key


Thanks for the update.

The new draft solves my AD review issues, almost.
The one issue that still remains is that the explanation
on the use of SEND for securing AR's messages claims
that the AR must use a CGA. I believe this is incorrect,
and it is sufficient for the certified public key to be
used as a source address, as it is in SEND. I entered
the following edit to the tracker:

OLD:
     The AR MUST use the CGA constructed from its
     certified key as the source address for the PrRtAdv and include a
     SEND  CGA  Option  and  a  SEND  Signature  Option  with  the  SEND
     signature of the message.
NEW:
     The AR MUST have a certificate suitable for a SEND-capable router,
     support SEND certificate discovery, and include a SEND  CGA
     Option  and  a  SEND  Signature  Option  in the PrRtAdv messages
     it sends. Similarly, the mobile nodes MUST be configured with
     one or more SEND trust anchors so that they can verify these
     messages.

In any case, I'm sending the draft forward. If you can, update
the draft with this change so that other readers get it as well.
If not, the change will be retained as an RFC Editor note in
the tracker.

Jari





_______________________________________________
Mipshop mailing list
Mipshop@ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop

v2.23.0 | Report a Bug | By Email