[secdir] secdir review of draft-ietf-netlmm-pmipv6-heartbeat-05

Nicolas Williams <Nicolas.Williams@sun.com> Wed, 11 March 2009 17:32 UTC

Return-Path: <Nicolas.Williams@sun.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 731E928C115 for <secdir@core3.amsl.com>; Wed, 11 Mar 2009 10:32:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.725
X-Spam-Level:
X-Spam-Status: No, score=-5.725 tagged_above=-999 required=5 tests=[AWL=0.321, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 95iHdh10Kc8A for <secdir@core3.amsl.com>; Wed, 11 Mar 2009 10:32:12 -0700 (PDT)
Received: from brmea-mail-2.sun.com (brmea-mail-2.Sun.COM [192.18.98.43]) by core3.amsl.com (Postfix) with ESMTP id E2BA028C11A for <secdir@ietf.org>; Wed, 11 Mar 2009 10:32:10 -0700 (PDT)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by brmea-mail-2.sun.com (8.13.6+Sun/8.12.9) with ESMTP id n2BHWkgj009543 for <secdir@ietf.org>; Wed, 11 Mar 2009 17:32:46 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id n2BHWjgW041782 for <secdir@ietf.org>; Wed, 11 Mar 2009 11:32:45 -0600 (MDT)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3) with ESMTP id n2BHG5Pq021375; Wed, 11 Mar 2009 12:16:05 -0500 (CDT)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3/Submit) id n2BHG0FO021374; Wed, 11 Mar 2009 12:16:00 -0500 (CDT)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Wed, 11 Mar 2009 12:16:00 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: secdir@ietf.org
Message-ID: <20090311171600.GE9992@Sun.COM>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.7i
Cc: vijay@wichorus.com, tim.polk@nist.gov, Pasi.Eronen@nokia.com, suresh.krishnan@ericsson.com, nishi@stoke.com, rkoodli@starentnetworks.com, julien.IETF@laposte.net
Subject: [secdir] secdir review of draft-ietf-netlmm-pmipv6-heartbeat-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2009 17:32:13 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

Sorry I'm late with this review.

This document defines a heartbeat protocol for Proxy Mobile IPv6
"anchors" (LMA -- Local Mobility Anchor) and "gateways" (MAG -- Mobility
Access Gateway).

These heartbeat messages carry no information that is useful to
eavesdroppers, and are sent relatively infrequently (no more often than
every 30 seconds).  Heartbeats are used to detect dead/restarted
LMAs/MAGs.

I have found no security issues with this document.

Nico
--