Re: [secdir] secdir re-review of draft-ietf-dime-pmip6-03
"Romascanu, Dan (Dan)" <dromasca@avaya.com> Wed, 09 September 2009 10:14 UTC
Return-Path: <dromasca@avaya.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EEBB83A67D3; Wed, 9 Sep 2009 03:14:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.439
X-Spam-Level:
X-Spam-Status: No, score=-2.439 tagged_above=-999 required=5 tests=[AWL=0.160, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HPLTPshpiSu8; Wed, 9 Sep 2009 03:14:05 -0700 (PDT)
Received: from nj300815-nj-outbound.net.avaya.com (nj300815-nj-outbound.net.avaya.com [198.152.12.100]) by core3.amsl.com (Postfix) with ESMTP id B92803A676A; Wed, 9 Sep 2009 03:14:04 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.44,357,1249272000"; d="scan'208";a="172771812"
Received: from unknown (HELO co300216-co-erhwest.avaya.com) ([198.152.7.5]) by nj300815-nj-outbound.net.avaya.com with ESMTP; 09 Sep 2009 06:14:36 -0400
Received: from unknown (HELO 307622ANEX5.global.avaya.com) ([135.64.140.16]) by co300216-co-erhwest-out.avaya.com with ESMTP; 09 Sep 2009 06:14:34 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 09 Sep 2009 12:14:23 +0200
Message-ID: <EDC652A26FB23C4EB6384A4584434A0401A0BEF1@307622ANEX5.global.avaya.com>
In-Reply-To: <ldvy6opc5cd.fsf@cathode-dark-space.mit.edu>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: secdir re-review of draft-ietf-dime-pmip6-03
thread-index: Acow5wu4eCFPZDJkQNyN6AHXJqcOcQATnvPQ
References: <ldvtz0cy2a8.fsf@cathode-dark-space.mit.edu> <ldvy6opc5cd.fsf@cathode-dark-space.mit.edu>
From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>
To: Tom Yu <tlyu@MIT.EDU>, secdir@ietf.org
Cc: kchowdhury@starentnetworks.com, dime-chairs@tools.ietf.org, julien.bournelle@orange-ftgroup.com, meyer@umic.rwth-aachen.de, iesg@ietf.org, jouni@gmail.com, amuhanna@nortel.com
Subject: Re: [secdir] secdir re-review of draft-ietf-dime-pmip6-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2009 10:14:06 -0000
Will the authors respond to the issues raised by Tom and not addressed in the revised I-D, please. Thanks and Regards, Dan > -----Original Message----- > From: iesg-bounces@ietf.org [mailto:iesg-bounces@ietf.org] On > Behalf Of Tom Yu > Sent: Wednesday, September 09, 2009 3:47 AM > To: secdir@ietf.org > Cc: kchowdhury@starentnetworks.com; > dime-chairs@tools.ietf.org; > julien.bournelle@orange-ftgroup.com; > meyer@umic.rwth-aachen.de; iesg@ietf.org; jouni@gmail.com; > amuhanna@nortel.com > Subject: secdir re-review of draft-ietf-dime-pmip6-03 > > This is a re-review of this document. The document > incorporates some of my suggestions from the previous round. > > Tom Yu <tlyu@MIT.EDU> writes: > > > The Security Considerations section states: > > > > The security considerations of the Diameter Base > protocol [RFC3588], > > Diameter EAP application [RFC4072], Diameter NASREQ application > > [RFC4005] and Diameter Mobile IPv6 integrated scenario > bootstrapping > > [RFC5447] are applicable to this document. > > > > Should a reference to RFC 4832 (Security Threats to NETLMM) be > > included here? There appear to be no obvious additional security > > considerations beyond those mentioned in the above documents. (if > > including the suggested additional citation) > > There has been no change in this area. Do the authors feel > that the additional reference to "Security Threats to NETLMM" > is not necessary? > > > In general, the Diameter messages may be transported > between the HA > > and the Diameter server via one or more AAA brokers or Diameter > > agents. In this case the HA to the Diameter server AAA > communication > > rely on the security properties of the intermediate AAA > brokers and > > Diameter agents (such as proxies). > > > > "HA" as used above is not defined in the document, and is > used nowhere > > else in the document. Is it a Home Agent? (which is not really > > otherwise mentioned in this document) > > This is also unchanged. It would be useful to clarify if the > HA is a Home Agent, Home AAA Server, etc. > > > Editorial: > > > > "DER" and "DEA" are not defined. I am fairly sure that > "DER" does not > > mean "Distinguished Encoding Rules" in this document. > > This has not been fixed. After further investigation, it > seems that these mean "Diameter EAP Request" and "Diameter > EAP Answer" as defined in RFC 4072. Although the acronyms > are defined in a normative reference, and may be obvious to > readers already knowledgeable about the subject, please > consider expanding them in this document at least once. > > > The caption for Figure 4 crosses a page break, making it appear > > truncated. > > This appears to have been fixed. > > > draft-ietf-netlmm-pmip6-ipv4-support is now on revision #14, but is > > cited as "-11". > > This appears to have been fixed. >
- [secdir] secdir review of draft-ietf-dime-pmip6-02 Tom Yu
- [secdir] secdir re-review of draft-ietf-dime-pmip… Tom Yu
- Re: [secdir] secdir re-review of draft-ietf-dime-… Romascanu, Dan (Dan)
- Re: [secdir] secdir re-review of draft-ietf-dime-… Ahmad Muhanna