[secdir] secdir re-review of draft-ietf-dime-pmip6-03
Tom Yu <tlyu@MIT.EDU> Wed, 09 September 2009 00:46 UTC
Return-Path: <tlyu@MIT.EDU>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A1F93A6B51; Tue, 8 Sep 2009 17:46:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.235
X-Spam-Level:
X-Spam-Status: No, score=-6.235 tagged_above=-999 required=5 tests=[AWL=0.364, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eBkzSwDe7bs2; Tue, 8 Sep 2009 17:46:24 -0700 (PDT)
Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by core3.amsl.com (Postfix) with ESMTP id 3C7F53A6B4F; Tue, 8 Sep 2009 17:46:23 -0700 (PDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id n890kiRj005230; Tue, 8 Sep 2009 20:46:48 -0400 (EDT)
Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id n890kgsW010460 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 8 Sep 2009 20:46:43 -0400 (EDT)
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id n890kgGs002993; Tue, 8 Sep 2009 20:46:42 -0400 (EDT)
To: secdir@ietf.org
References: <ldvtz0cy2a8.fsf@cathode-dark-space.mit.edu>
From: Tom Yu <tlyu@MIT.EDU>
Date: Tue, 08 Sep 2009 20:46:42 -0400
In-Reply-To: <ldvtz0cy2a8.fsf@cathode-dark-space.mit.edu> (Tom Yu's message of "Wed, 12 Aug 2009 20:40:15 -0400")
Message-ID: <ldvy6opc5cd.fsf@cathode-dark-space.mit.edu>
Lines: 54
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Scanned-By: MIMEDefang 2.42
Cc: kchowdhury@starentnetworks.com, dime-chairs@tools.ietf.org, julien.bournelle@orange-ftgroup.com, meyer@umic.rwth-aachen.de, iesg@ietf.org, jouni@gmail.com, amuhanna@nortel.com
Subject: [secdir] secdir re-review of draft-ietf-dime-pmip6-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2009 00:46:25 -0000
This is a re-review of this document. The document incorporates some of my suggestions from the previous round. Tom Yu <tlyu@MIT.EDU> writes: > The Security Considerations section states: > > The security considerations of the Diameter Base protocol [RFC3588], > Diameter EAP application [RFC4072], Diameter NASREQ application > [RFC4005] and Diameter Mobile IPv6 integrated scenario bootstrapping > [RFC5447] are applicable to this document. > > Should a reference to RFC 4832 (Security Threats to NETLMM) be > included here? There appear to be no obvious additional security > considerations beyond those mentioned in the above documents. (if > including the suggested additional citation) There has been no change in this area. Do the authors feel that the additional reference to "Security Threats to NETLMM" is not necessary? > In general, the Diameter messages may be transported between the HA > and the Diameter server via one or more AAA brokers or Diameter > agents. In this case the HA to the Diameter server AAA communication > rely on the security properties of the intermediate AAA brokers and > Diameter agents (such as proxies). > > "HA" as used above is not defined in the document, and is used nowhere > else in the document. Is it a Home Agent? (which is not really > otherwise mentioned in this document) This is also unchanged. It would be useful to clarify if the HA is a Home Agent, Home AAA Server, etc. > Editorial: > > "DER" and "DEA" are not defined. I am fairly sure that "DER" does not > mean "Distinguished Encoding Rules" in this document. This has not been fixed. After further investigation, it seems that these mean "Diameter EAP Request" and "Diameter EAP Answer" as defined in RFC 4072. Although the acronyms are defined in a normative reference, and may be obvious to readers already knowledgeable about the subject, please consider expanding them in this document at least once. > The caption for Figure 4 crosses a page break, making it appear > truncated. This appears to have been fixed. > draft-ietf-netlmm-pmip6-ipv4-support is now on revision #14, but is > cited as "-11". This appears to have been fixed.
- [secdir] secdir review of draft-ietf-dime-pmip6-02 Tom Yu
- [secdir] secdir re-review of draft-ietf-dime-pmip… Tom Yu
- Re: [secdir] secdir re-review of draft-ietf-dime-… Romascanu, Dan (Dan)
- Re: [secdir] secdir re-review of draft-ietf-dime-… Ahmad Muhanna