Hi Jari, Patrick,
Jari Arkko wrote:
Thanks for your review, Patrick!
Comments inline:
I expect that the biggest risk of telling a mobile agent to use a new home
agent
is the threat of impersonation, i.e., moving home agents so as to insert a
woman-in-the-middle.
The document doesn't talk about this at all, only mentioning in the security
considerations that
a change agent command should be authenticated.
Yes. But the protocols used between mobile nodes and home agents
require authentication and authorization of both sides to act in their
roles. This applies even with the new home agent.
Perhaps a statement about this for the security considerations
section would be appropriate.
Sections 4.1 (sending) and 5.1 (receiving) do say that IPsec ESP is a
MUST, is that not enough? Maybe there's some confusion over whether
this is the same SA used for Binding Updates/Acks?
General Comments:
- There are a bunch of places where something is defined/identified with no
obvious explanation.
For example, "section 7. Protocol Considerations", defines two timeout
values. I wonder how they
came up with the values?
Good question -- though I would expect any number to be
merely guidance that may get changed with implementation
and usage experience.
James Kempf originally came up with those values, but it was back in
2005, so I'm not sure of the reasoning. I think the goal was to just
allow for 3 retries.
-Brian
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf