On Mon, 26 Feb 2007, [EMAIL PROTECTED] wrote:
        Title           : Principles of Internet Host Configuration
        Author(s)       : B. Aboba, D. Thaler
        Filename        : draft-aboba-ip-config-00.txt
        Pages           : 16
        Date            : 2007-2-26

  This document describes basic principles of Internet host
  configuration.  It covers issues relating to configuration of
  parameters that affect the Internet layer, as well as parameters
  affecting higher layer protocols.

A good draft which I agree with.

In general, some specific examples would help but as this is a 'principles' document, maybe its role doesn't include including examples :-).

The draft states in section 4.1 that boot config in particular needs to be secured. As stated in many places elsewhere in the draft, this is particularly difficult to achieve given that at that stage there is usually no support for much of anything relating to security.

As such the draft left me wondering a bit about this in more general (not just related to boot config but otherwise as well), "so.. are there any solutions or guidelines how to go about solving these difficult bootstrap problems?"

Similarly, the draft brings up service discovery protocols and their role, but it wasn't very obvious to me what the actual bottomline was. Maybe the text was written in this way because the service discovery protocols discussed there haven't been very widely used or implemented so in practice you probably couldn't have strong statements on this.

As editorial nits, in IP address terminology (section 1.1), instead of:

    As a result, the host
     can now receive unicast IP packets, rather requiring that IP
     packets be sent to the broadcast or multicast address.

you likely mean:

    As a result, the host
     can now receive unicast IP packets, rather than requiring that IP
     packets be sent to the broadcast or a multicast address.

(assuming 'the broadcast' means 255.255.255.255 and 'multicast' one or more IP-address independent group addresses.)

Also, in:

Subnet prefix(es)
     Once a subnet prefix is configured, hosts with an IP address can
     now send and receive unicast IP packets from on-link hosts.

Default gateway(s)
     Once a default gateway is configured, hosts with an IP address can
     now send and receive unicast IP packets from off-link hosts.

.. it's actually subtler than that (though it's not clear whether this has impact on this draft), as the host should be able to _receive_ unicast IP packets even when these would not be configured, shouldn't it? (After all, ARP doesn't case about IP subnet masks..)

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area

Reply via email to