Re: [secdir] Secdir review of draft-ietf-mext-flow-binding-06
Tina TSOU <tena@huawei.com> Wed, 05 May 2010 09:45 UTC
Return-Path: <tena@huawei.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 15ED528C0F0 for <secdir@core3.amsl.com>; Wed, 5 May 2010 02:45:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -98.074
X-Spam-Level:
X-Spam-Status: No, score=-98.074 tagged_above=-999 required=5 tests=[AWL=-2.192, BAYES_50=0.001, FAKE_REPLY_C=2.012, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4sOUnC8bUSyr for <secdir@core3.amsl.com>; Wed, 5 May 2010 02:45:51 -0700 (PDT)
Received: from szxga03-in.huawei.com (unknown [119.145.14.66]) by core3.amsl.com (Postfix) with ESMTP id BFE333A6BFB for <secdir@ietf.org>; Wed, 5 May 2010 02:45:49 -0700 (PDT)
Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0L1X00KCJXRNVF@szxga03-in.huawei.com> for secdir@ietf.org; Wed, 05 May 2010 17:45:24 +0800 (CST)
Received: from huawei.com ([172.24.2.119]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0L1X0031NXRMU0@szxga03-in.huawei.com> for secdir@ietf.org; Wed, 05 May 2010 17:45:22 +0800 (CST)
Received: from z00147053k ([10.70.39.52]) by szxml06-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0L1X00D44XRL7C@szxml06-in.huawei.com> for secdir@ietf.org; Wed, 05 May 2010 17:45:22 +0800 (CST)
Date: Wed, 05 May 2010 17:45:21 +0800
From: Tina TSOU <tena@huawei.com>
To: secdir@ietf.org, draft-ietf-mext-flow-binding@tools.ietf.org
Message-id: <CBD7F21014FA408DBD0A8BE2E3AB89BB@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
X-Mailer: Microsoft Outlook Express 6.00.2900.5843
Content-type: multipart/alternative; boundary="Boundary_(ID_uDc75l5alLPwpyqJ8Toojg)"
X-Priority: 3
X-MSMail-priority: Normal
Cc: mext-chairs@tools.ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-mext-flow-binding-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 May 2010 09:45:52 -0000
Resending to the correct email addresses of the authors... ----- Original Message ----- From: Tina TSOU To: secdir@ietf.org Cc: draft-ietf-mext-flow-binding-06@tools.ietf.org ; mext-chairs@tools.ietf.org Sent: Wednesday, May 05, 2010 5:05 PM Subject: Secdir review of draft-ietf-mext-flow-binding-06 Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Some of my comments are following. Comment 1: The title of this document focuses on flow binding in Mobile IPv6 and NEMO, However it is not clear how flow binding is supported in the NEMO? Is the mobile router operation in NEMO same as mobile node operation in Mobile IPv6? Comment 2: Is flow summary mobility option is one sub-option of Flow Identification Mobility Option or one independent new mobility option? Comment 3: Should the HA, CN and MAP all support this specification? If HA does not support, how to direct inbound flows to specific addresses since one or more flows may bind to a care-of address? B. R. Tina http://tinatsou.weebly.com/contact.html