Excellent thanks for confirming. I'll clear the discuss and leave it to you/Suresh to add the pointer or whatever,
Thanks, S. On 02/03/17 16:43, Sri Gundavelli (sgundave) wrote: > > The trigger for Prefix Renumbering is through the use of RFC7077 UPN/UPA > message with the Notification Reason code of 2 (defined in RFC7077). > Technically, the spec is not defining any new messages, or mobility > options; its just using what is defined in RFC7077 and with a new behavior > on the protocol peer. This automatically enforces RFC5213/RFC7077 security > considerations and I do not see a way around. But, for highlighting those > rules, either duplicating the text from 5213/7077, or pointing to those > sections is fine. > > > Sri > > > > > On 3/2/17, 7:02 AM, "Suresh Krishnan" <[email protected]> wrote: > >> Hi Stephen, >> >>> On Feb 28, 2017, at 4:47 AM, Stephen Farrell >>> <[email protected]> wrote: >>> >>> Stephen Farrell has entered the following ballot position for >>> draft-ietf-dmm-hnprenum-06: Discuss >>> >>> When responding, please keep the subject line intact and reply to all >>> email addresses included in the To and CC lines. (Feel free to cut this >>> introductory paragraph, however.) >>> >>> >>> Please refer to >>> https://www.ietf.org/iesg/statement/discuss-criteria.html >>> for more information about IESG DISCUSS and COMMENT positions. >>> >>> >>> The document, along with other ballot positions, can be found here: >>> https://datatracker.ietf.org/doc/draft-ietf-dmm-hnprenum/ >>> >>> >>> >>> ---------------------------------------------------------------------- >>> DISCUSS: >>> ---------------------------------------------------------------------- >>> >>> >>> I think this should be an easy one to resolve: >>> >>> Section 7 says: "The protection of UPN and UPA >>> messages in this document follows [RFC5213] and >>> [RFC7077]." I'm not clear if "follows" means the same >>> as "MUST be protected using end-to-end security >>> association(s) offering integrity and data origin >>> authentication" (RFC5213, section 4). I think it ought >>> really, as otherwise this could subvert the security >>> of PMIPv6. So wouldn't it make sense to be explicit >>> that these new messages have the same MUST >>> requirements as binding updates. Doing that by >>> repeating the quoted text from 5213 would be a fine >>> way to do that, but there may be better options. >> >> I had already read the text as requiring the same requirements as PBUs. I >> do not have any objections to adding further clarity. Authors, any >> opinions? >> >> Thanks >> Suresh >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
