[netext] Review of I-D: draft-ietf-netext-radius-pmip6 (Rev 4)
<Basavaraj.Patil@nokia.com> Tue, 06 September 2011 21:32 UTC
Return-Path: <Basavaraj.Patil@nokia.com>
X-Original-To: netext@ietfa.amsl.com
Delivered-To: netext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BE2621F8E62 for <netext@ietfa.amsl.com>; Tue, 6 Sep 2011 14:32:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.109
X-Spam-Level:
X-Spam-Status: No, score=-103.109 tagged_above=-999 required=5 tests=[AWL=0.490, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FdXntjFXoUQi for <netext@ietfa.amsl.com>; Tue, 6 Sep 2011 14:32:45 -0700 (PDT)
Received: from mgw-da01.nokia.com (smtp.nokia.com [147.243.128.24]) by ietfa.amsl.com (Postfix) with ESMTP id D9A6721F8E61 for <netext@ietf.org>; Tue, 6 Sep 2011 14:32:44 -0700 (PDT)
Received: from vaebh102.NOE.Nokia.com (vaebh102.europe.nokia.com [10.160.244.23]) by mgw-da01.nokia.com (Switch-3.4.4/Switch-3.4.3) with ESMTP id p86LYTju024285; Wed, 7 Sep 2011 00:34:31 +0300
Received: from smtp.mgd.nokia.com ([65.54.30.7]) by vaebh102.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Wed, 7 Sep 2011 00:34:21 +0300
Received: from 008-AM1MMR1-003.mgdnok.nokia.com (65.54.30.58) by NOK-AM1MHUB-03.mgdnok.nokia.com (65.54.30.7) with Microsoft SMTP Server (TLS) id 8.2.255.0; Tue, 6 Sep 2011 23:34:21 +0200
Received: from 008-AM1MPN1-051.mgdnok.nokia.com ([169.254.1.86]) by 008-AM1MMR1-003.mgdnok.nokia.com ([65.54.30.58]) with mapi id 14.01.0323.007; Tue, 6 Sep 2011 23:34:20 +0200
From: Basavaraj.Patil@nokia.com
To: draft-ietf-netext-radius-pmip6@tools.ietf.org
Thread-Topic: Review of I-D: draft-ietf-netext-radius-pmip6 (Rev 4)
Thread-Index: AQHMbNy8PJKafFxS906ekAVZzEsk8Q==
Date: Tue, 06 Sep 2011 21:34:19 +0000
Message-ID: <CA8BFC07.1027C%basavaraj.patil@nokia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.12.0.110505
x-originating-ip: [172.19.59.27]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A23827FC5FD4384495B393C4EA09FAD5@nokia.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 06 Sep 2011 21:34:21.0369 (UTC) FILETIME=[BD6F3A90:01CC6CDC]
X-Nokia-AV: Clean
Cc: netext@ietf.org
Subject: [netext] Review of I-D: draft-ietf-netext-radius-pmip6 (Rev 4)
X-BeenThere: netext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Mailing list for discusion of extensions to network mobility protocol, i.e PMIP6. " <netext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netext>, <mailto:netext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netext>
List-Post: <mailto:netext@ietf.org>
List-Help: <mailto:netext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netext>, <mailto:netext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2011 21:32:46 -0000
Hello, A few comments regarding this I-D before it is ready to be sent to the IESG: 1. The abstract is very poorly written. It simply says "This I-D defines X and Y and Z". It would be preferable to have a real abstract which states that the PMIP6 uses Radius based interfaces between: - the MAG and the AAA server - the LMA and the AAA server which are used for authentication, authorization and policy functions. Please update the abstract. In fact part of the 1st paragraph of the Intro section can be used in the abstract. 2. s/In the context of this document, the NAS function is logically coupled with the MAG./This document makes an assumption that the NAS function is co-located with the MAG. s/In deployments where the NAS function and the MAG functions are decoupled, the specific interactions needed for that to work is outside the scope of this document./In scenarios where the NAS function and MAG are decoupled, the messaging interface needed between them for the operation of PMIP6 is beyond the scope of this document. 3. s/Any time a mobile node attaches to an access network/When a mobile node attaches to an access network 4. In Section 3: Q: The I-D says: "If the network access authentication succeeds, the MN is identified " The MN identity is already known as part of access authentication. The above sentence implies that only of network authentication succeeds, MN identity is known. You may want to rephrase. 5. s/access authentication procedure SHALL provide/access authentication procedure SHOULD provide (In IETF parlance, we use MUST, SHOULD and MAY) 6. "After the successful network access authentication and after obtaining the mobile node's Policy Profile, the MAG sends a PBU to the LMA." Rephrase and avoid using After multiple times in the same sentence. 7. s/needed for authorizing and setting up the mobility service./which is required for authorizing and activating mobility service. 8. In Section 4.2 Q: The I-D states: "If the MAG has not acquired a valid MN-Identifier by other means, it MUST use the received MN-Identifier." How else would the MAG get the MN-ID? 9. In section 4.3: Q: I-D states: "The MAG MUST include the Service-Selection attribute in the Access-Request sent to the AAA if the information was acquired." How does the MAG obtain the service selection attribute? It needs to be explained. Because if the MAG is going to populate this attribute in the Access-Request message, it MUST have obtained that parameter somehow. 10. s/The AAA MAY return the Service-Selection to the MAG even if it was not included in the Access-Request as means to indicate MN's default service to the MAG./ The AAA MAY include the Service-Selection attribute in the Acess-Accept response message to the MAG even if it was not included in the Access-Request as a means of indicating the MN's default service. 11. In sec 4.3 I-D states: "On the LMA-to-AAA interface, the LMA MAY populate the Service- Selection attribute in the Access-Request message using the service information found in the received PBU, if such mobility option was included." In which I-D or RFC is the service-information option that can be carried within a PBU specified? 12. s/Before the MAG can engage in Proxy Mobile IPv6 signaling/Before the MAG can initiate Proxy Mobile IPv6 signaling 13. s/PMIP6-Visited-LMA-IPv6-Address attribute MAY be included by the MAG to VAAA in the RADIUS Access-Request packet as a proposal to allocate the particular LMA to the MN./ PMIP6-Visited-LMA-IPv6-Address attribute MAY be included by the MAG to the VAAA entity in the RADIUS Access-Request message. It enables the MAG to request an LMA in the visited network. Q: How does the MAG decide if it is authorized to request an LMA in the visited network? Needs to be explained. This comment also applies to Sec 4.7 14. Sec 4.10: "For Proxy Mobile IPv6 the Home Network Prefixes assigned to the mobile node have to be maintained on a per-interface basis. When the LMA is located in the home network, PMIP6-Home-Interface-ID attribute conveys 64 bits interface identifier representing a particular MN's interface. The attribute is assigned by the HAAA to the MAG for derivation of the MN-HoA. " Is it the MNs interface ID that is being sent? The description in this section is not clear. 15. Sec 4.18 Which specific attribute defined in RFC5213 are you suggesting as the one to be used for the Calling-station-ID. RFC5213 itself does not mention any such attribute in the nomenclature. 16. Sec 7.1/2 Does this I-D mandate the MAG and LMA entities to do metering of traffic associated with an MN? RFC5213 itself does not require such functionality. You may want to make this clear in these sections. 17. The security section needs to be further improved. What are the types of threats associated with sending MN specific information between the MAG and AAA server; And between the LMA and AAA server. The current security considerations section is lacking in detail. -Basavaraj
- [netext] Review of I-D: draft-ietf-netext-radius-… Basavaraj.Patil
- Re: [netext] Review of I-D: draft-ietf-netext-rad… Behcet Sarikaya
- Re: [netext] Review of I-D: draft-ietf-netext-rad… Basavaraj.Patil