In your previous mail you wrote:
unless you bind the IPsec security association to the home address, an
attacker could send a Binding Update message with a spoofed home address
using its own IPsec SA. The correspondent node's IPsec instance would
accept that message and hand it
Updating my Gen-ART Last Call review:
My comment #2 is addressed by the RFC Editor note currently
in the tracker; and comment #3 has been taken care of as well.
Comment #1 could be addressed by RFC Editor note, too,
as suggested by the authors (email from Jean-Louis Le Roux
on May 30th):
So
Hi Miguel.
Thanks for your comments.
Miguel Garcia [EMAIL PROTECTED] writes:
Thomas, Harald:
I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please