[netext] AD Evaluation: draft-ietf-netext-wifi-epc-eap-attributes
Brian Haberman <brian@innovationslab.net> Wed, 07 May 2014 15:54 UTC
Return-Path: <brian@innovationslab.net>
X-Original-To: netext@ietfa.amsl.com
Delivered-To: netext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDC5D1A0392 for <netext@ietfa.amsl.com>; Wed, 7 May 2014 08:54:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q4XdX5QKTVqJ for <netext@ietfa.amsl.com>; Wed, 7 May 2014 08:54:08 -0700 (PDT)
Received: from uillean.fuaim.com (uillean.fuaim.com [206.197.161.140]) by ietfa.amsl.com (Postfix) with ESMTP id 8FEEF1A0791 for <netext@ietf.org>; Wed, 7 May 2014 08:54:08 -0700 (PDT)
Received: from clairseach.fuaim.com (clairseach-high.fuaim.com [206.197.161.158]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by uillean.fuaim.com (Postfix) with ESMTP id 9F1E1880E7; Wed, 7 May 2014 08:54:04 -0700 (PDT)
Received: from 10252100174.rude2.ra.johnshopkins.edu (addr16212925014.ippl.jhmi.edu [162.129.250.14]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by clairseach.fuaim.com (Postfix) with ESMTP id 35D9671B0001; Wed, 7 May 2014 08:54:04 -0700 (PDT)
Message-ID: <536A5721.8000100@innovationslab.net>
Date: Wed, 07 May 2014 11:54:09 -0400
From: Brian Haberman <brian@innovationslab.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: draft-ietf-netext-wifi-epc-eap-attributes@tools.ietf.org, "netext@ietf.org" <netext@ietf.org>, Basavaraj Patil <bpatil1@gmail.com>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="uNKXKNmkT1TrNQC9ScvPXgIBG8gtm9wAD"
Archived-At: http://mailarchive.ietf.org/arch/msg/netext/W4G2SiiXandf5F3Rte-5Ci5AKOE
Subject: [netext] AD Evaluation: draft-ietf-netext-wifi-epc-eap-attributes
X-BeenThere: netext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list for discusion of extensions to network mobility protocol, i.e PMIP6. " <netext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netext>, <mailto:netext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netext/>
List-Post: <mailto:netext@ietf.org>
List-Help: <mailto:netext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netext>, <mailto:netext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 May 2014 15:54:10 -0000
All,
I have performed my review of
draft-ietf-netext-wifi-epc-eap-attributes as a part of the IETF
publication process. These comments will need to be addressed prior to
IETF Last Call.
1. The draft has several nits that need to be fixed. Please run id-nits
and resolve the warnings generated.
2. The document states that these new EAP attributes can be used in WiFi
networks. Later, it talks about networks that employ 802.1X. Please be
more specific as to what is covered under the generic WiFi in the
context of this specification.
3. Please change all occurrences of EUTRAN to E-UTRAN (per RFC 6459).
4. Given the use of PMIP as an example, please include an informative
reference to the relevant PMIP RFC(s).
5. There is no expansion/definition of P-TMSI or M-TMSI in the draft.
Those terms do not appear in RFC 6459. Please clarify these acronyms on
first use.
6. The document notionally mentions 3GPP and references GPRS. Are those
the target 3G/4G networks? Is this applicable to LTE or other
technologies? More clarity here would be useful.
7. In section 4, it would be beneficial to include forward references to
the actual option specification sections for the AT_* attributes.
8. Several of the attributes include strings in the data. What is the
encoding for these strings?
9. The attributes all contain Length fields with no description of what
fields are included in the length.
10. Are the sub-types and types in 5.2, 5.3, 5.5, & 5.6 set in stone?
Could new ones be defined in the future? If so, you will want to
consider if they should be IANA registries. Otherwise, future RFCs will
need to update this spec to extend the type/sub-type values supported.
11. I am confused by the relationship between the attributes defined in
sections 5.4 and 5.5. Would the AT_HANDOVER_SESSION_ID attribute ever
be used without the AT_HANDOVER_INDICATION? If not, why have the
session id in a separate attribute? It seems straightforward to include
the session id info in the AT_HANDOVER_INDICATION attribute if Type=1.
Am I missing something?
12. The formatting of figure 7 is messed up.
13. I see that there are no normative references. At a minimum, it
seems like the EAP specs should be normative.
14. The Security Considerations section tells me nothing. Are there new
threats with these new pieces of information flowing across the network?
What are the privacy implications of these messages? Can any of the
possible threat vectors be minimized?
Regards,
Brian
- [netext] AD Evaluation: draft-ietf-netext-wifi-ep… Brian Haberman
- Re: [netext] AD Evaluation: draft-ietf-netext-wif… Brian Haberman
- Re: [netext] AD Evaluation: draft-ietf-netext-wif… Rajeev Koodli
- Re: [netext] AD Evaluation: draft-ietf-netext-wif… Brian Haberman
- Re: [netext] AD Evaluation: draft-ietf-netext-wif… Rajeev Koodli
- Re: [netext] AD Evaluation: draft-ietf-netext-wif… Brian Haberman