Stephen Farrell has entered the following ballot position for draft-ietf-dmm-hnprenum-06: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dmm-hnprenum/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I think this should be an easy one to resolve: Section 7 says: "The protection of UPN and UPA messages in this document follows [RFC5213] and [RFC7077]." I'm not clear if "follows" means the same as "MUST be protected using end-to-end security association(s) offering integrity and data origin authentication" (RFC5213, section 4). I think it ought really, as otherwise this could subvert the security of PMIPv6. So wouldn't it make sense to be explicit that these new messages have the same MUST requirements as binding updates. Doing that by repeating the quoted text from 5213 would be a fine way to do that, but there may be better options. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- - It might also be worth saying in section 7 that to provision a new HNP someone has to have setup all the IPsec stuff for that. _______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
