[secdir] Secdir review of draft-ietf-mipshop-pfmipv6-09

Brian Weis <bew@cisco.com> Fri, 02 October 2009 22:25 UTC

Return-Path: <bew@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 4A3B33A6861; Fri, 2 Oct 2009 15:25:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id bwz1Z6mWn8Lr; Fri, 2 Oct 2009 15:25:51 -0700 (PDT)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com []) by core3.amsl.com (Postfix) with ESMTP id 433973A682E; Fri, 2 Oct 2009 15:25:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=bew@cisco.com; l=1924; q=dns/txt; s=sjiport06001; t=1254522440; x=1255732040; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Brian=20Weis=20<bew@cisco.com>|Subject:=20Secdir =20review=20of=20draft-ietf-mipshop-pfmipv6-09|Date:=20Fr i,=202=20Oct=202009=2015:27:17=20-0700|Message-Id:=20<49F 4ED8C-6275-433E-9B57-36FD713BD7B8@cisco.com>|To:=20secdir @ietf.org,=20iesg@ietf.org|Cc:=20draft-ietf-mipshop-pfmip v6@tools.ietf.org,=20mipshop-chairs@tools.ietf.org |Mime-Version:=201.0=20(Apple=20Message=20framework=20v93 6)|Content-Transfer-Encoding:=207bit; bh=GW607npw6m2u4eTTVAzY7sdoA2CQ4zz26KwO61UZFIg=; b=cbndWVsLgczPY8AnkMqfPPES3/OqJF05aJ6rloxPRQjKjhxUbsh5Dw3l EXHQxizKhQWD7H1PZyZ7KBzeQPAAboQesS+dIfo3QlCjTn0VbsP1+flRy i2fkXKxBr/mXuJnTicFkc9zBBw/vD5BP95Hyp+c0Fp/9w61cmNEG52wR3 A=;
Authentication-Results: sj-iport-6.cisco.com; dkim=pass (signature verified [TEST]) header.i=bew@cisco.com
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApoEAJsaxkqrR7O6/2dsb2JhbAC+E4hbATIJjmsGgkuBYYFW
X-IronPort-AV: E=Sophos;i="4.44,497,1249257600"; d="scan'208";a="401088810"
Received: from sj-dkim-2.cisco.com ([]) by sj-iport-6.cisco.com with ESMTP; 02 Oct 2009 22:27:19 +0000
Received: from sj-core-2.cisco.com (sj-core-2.cisco.com []) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id n92MRJOn003395; Fri, 2 Oct 2009 15:27:19 -0700
Received: from dhcp-128-107-163-96.cisco.com (dhcp-128-107-163-96.cisco.com []) by sj-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id n92MRJ8s006549; Fri, 2 Oct 2009 22:27:19 GMT
Message-Id: <49F4ED8C-6275-433E-9B57-36FD713BD7B8@cisco.com>
From: Brian Weis <bew@cisco.com>
To: secdir@ietf.org, iesg@ietf.org
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Fri, 2 Oct 2009 15:27:17 -0700
X-Mailer: Apple Mail (2.936)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1924; t=1254522439; x=1255386439; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=bew@cisco.com; z=From:=20Brian=20Weis=20<bew@cisco.com> |Subject:=20Secdir=20review=20of=20draft-ietf-mipshop-pfmip v6-09 |Sender:=20; bh=GW607npw6m2u4eTTVAzY7sdoA2CQ4zz26KwO61UZFIg=; b=1QxSvdmvDY6YEex2Q1VwHVy38HcQglakyh1RN3JGz/AxZUtCIHMfkpm48e XCmYw3pEQCHtl1vLnk+Jk75a87d1rWcta5L9oh/rHbt2v4i8IWghJ7k05Dbm F/zG9NqM4z;
Cc: mipshop-chairs@tools.ietf.org, draft-ietf-mipshop-pfmipv6@tools.ietf.org
Subject: [secdir] Secdir review of draft-ietf-mipshop-pfmipv6-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2009 22:25:52 -0000

I have reviewed this document as part of the security directorate's  
ongoing effort to review all IETF documents being processed by the  
IESG. These comments were written primarily for the benefit of the  
security area directors. Document editors and WG chairs should treat  
these comments just like any other last call comments.

This document adds Proxy-based Fast Handover to Mobile IPv6 (MIPv6).  
It allows fast handover of a mobile device between mobile access  
gateway's without the mobile node itself being involved.

The document primarily reuses messages flows from a previously defined  
handover method (RFC 5568), and Proxy Mobile IPv6 (RFC 5213). It also  
depends on the Security Considerations from RFC 5213 and RFC 5568,  
which seems appropriate given that the same message flows are used  
between the same network entities. These existing RFCs describe IPsec  
ESP as the method for protecting messages, and include details in  
setting up the SPD and PAD. I believe pointing to those documents for  
security consideration guidance is generally acceptable.

There is one new message flow, which is the forwarding of data packet  
from the previous mobile access gateway (PMAG) to the next mobile  
access gateway (NMAG) during transition. The last paragraph in the  
security considerations section notes that these packets MAY be  
encrypted with IPsec "if protection of data traffic is required". A  
better statement might be that they SHOULD be encrypted if the link  
between the PMAG and NMAG exposes the MN packets to more threats than  
if they had followed their normal routed path.

(One miscellaneous comment: It would be helpful to readers if you  
added a definition of "Local Mobility Anchor" to the Terminology  


Brian Weis
Router/Switch Security Group, ARTG, Cisco Systems
Telephone: +1 408 526 4796
Email: bew@cisco.com