[secdir] draft-ietf-mext-nemo-pd-06

Donald Eastlake <d3e3e3@gmail.com> Mon, 20 September 2010 03:42 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B3C4D3A6900; Sun, 19 Sep 2010 20:42:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.293
X-Spam-Level:
X-Spam-Status: No, score=-102.293 tagged_above=-999 required=5 tests=[AWL=0.306, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JjAPfgVfZD2E; Sun, 19 Sep 2010 20:42:23 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by core3.amsl.com (Postfix) with ESMTP id 18AA23A686D; Sun, 19 Sep 2010 20:42:23 -0700 (PDT)
Received: by gwb20 with SMTP id 20so1685558gwb.31 for <multiple recipients>; Sun, 19 Sep 2010 20:42:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=kboJrnpN2+iJ5QpLojJi1iMHlCXZa7cMELLSVviAdZU=; b=VrrP39s0iohjLt3WBs8xeg5NuTBgtDbxlCJPS/aNQi/d7sqw4jGWwNPrwzixFu0Jib DsEPFAZvUP3vl0Xwcw9+Y4TVM6pEHJy80ykoGdLe2Sj6GixtRWj0NW1PHMqVaEPpFp4j k6clNySaex+Jk/f2Hj73COmiuy1q40xW1coNg=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=wt2TwxQg6uDIMB7Tase1jOFNqIIZNQfTgr/SZ0oV9UvrD0cAoEgNMnRZACEQsl9341 nUW4MxkmQEo2sLHbpRzz81NqyOho5bvdl7WIXn5TXfptzmDGjAAJ3bVgTau//l6bnFzq 4pnPE1lMOrlQKitSQJe1YThOmF+uxsEDOeQ2A=
MIME-Version: 1.0
Received: by 10.90.120.17 with SMTP id s17mr4932755agc.98.1284954164628; Sun, 19 Sep 2010 20:42:44 -0700 (PDT)
Received: by 10.90.117.20 with HTTP; Sun, 19 Sep 2010 20:42:44 -0700 (PDT)
Date: Sun, 19 Sep 2010 23:42:44 -0400
Message-ID: <AANLkTinLLzOOJb8+wSQifZop=gkN0fg4nvK4=7A=5j4y@mail.gmail.com>
From: Donald Eastlake <d3e3e3@gmail.com>
To: secdir@ietf.org, iesg@ietf.org, Ralph Droms <rdroms@cisco.com>, pthubert@cisco.com, Francis Dupont <Francis.Dupont@fdupont.fr>, Wassim.Haddad@ericsson.com, cjbc@it.uc3m.es, julienl@qualcomm.com, marcelo@it.uc3m.es
Content-Type: text/plain; charset=ISO-8859-1
Subject: [secdir] draft-ietf-mext-nemo-pd-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Sep 2010 03:42:24 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document specifies how to delegate IPv6 prefixes to a Mobile
Router in a Mobile Network.

It has a reasonably extensive Security Considerations section and
appears to appropriately specify protective measures against plausible
threats. In particular, when the Mobile Router is away from home, it
mandates the use of IPsec a la MIPv6. Possibly someone more familiar
with IPsec should look at the specified Security Policy Database and
Security Association Database.

Trivia:

Section 3.1, page 5, "...currently used by the is about to expire..."
? perhaps "...by the Mobile Node..."

"an Mobile" -> "a Mobile"

Various acronyms, such as BU, HoA, while usually explained when first
used, are missing from Section 2. HoA is not explained at all. Even
better would be to vastly reduce the overuse of acronyms throughout
this document.

Thanks,
Donald