Hi Zaifeng Reading your draft, I'm trying to understand the problem you are solving. It is about the FAP being compromised and sending false information through the tunnel.
What is the malicious FAP lying about? How does sending some information (does "notarized" mean "signed"?) from the SeGW to the (compromised) FAP help? One general comment: "notarized" is a legal term, similar to "signature". Although there is some analogy between the legal concept of signature and the digital signatures, such analogies only go so far. Using such a borrowed term has IMHO led to more confusion than clarity. I would rather not use legal terms in protocols (although "protocol" is also a borrowed term) Thanks, Yoav On Jan 20, 2012, at 8:40 AM, <[email protected]> <[email protected]> wrote: > > Hi Folks: > > There is a new draft available that some of you may be interested > in looking at. > > The draft is available via the following link: > http://www.ietf.org/id/draft-zong-ipsecme-ikev2-cpext4femto-00.txt > > Please send your comments to the list. Thanks! > > > BR > Zaifeng _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
