-Discussion list; Jari Arkko;
marc...@it.uc3m.es; Julien Laganier
Subject: Followup on Gen-ART review of
draft-ietf-mext-binding-revocation (was Re: Gen-ART LC and
Telechat Review of draft-ietf-mext-binding-revocation-10)
Hi,
This is a followup of my Gen-ART review of
draft-ietf-mext
Hi,
This is a followup of my Gen-ART review of draft-ietf-mext-binding-
revocation, updated based on revision 13 of that draft.
This revision addresses all of my substantive issues, and most of the
editorial issues. I had one outstanding minor editorial comment where
the author proposed a
(was Re: Gen-ART LC and
Telechat Review of draft-ietf-mext-binding-revocation-10)
Hi,
This is a followup of my Gen-ART review of
draft-ietf-mext-binding- revocation, updated based on
revision 13 of that draft.
This revision addresses all of my substantive issues, and
most of the editorial issues. I had
:06 PM
To: 'Ben Campbell'
Cc: Khalil, Mohamed (RICH2:2S20); sgund...@cisco.com;
pyeg...@juniper.net; General Area Review Team; ietf@ietf.org;
Jari Arkko; marc...@it.uc3m.es; Laganier, Julien
Subject: RE: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi Ben,
I
)
Cc: Khalil, Mohamed (RICH2:2S20); sgund...@cisco.com;
pyeg...@juniper.net; General Area Review Team; ietf@ietf.org;
Jari Arkko; marc...@it.uc3m.es; Laganier, Julien
Subject: Re: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi Ahmad,
I guess that's okay
, Mohamed (RICH2:2S20); sgund...@cisco.com;
pyeg...@juniper.net; General Area Review Team; ietf@ietf.org;
Jari Arkko; marc...@it.uc3m.es; Laganier, Julien
Subject: RE: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi Ben,
I am fine with your proposed text.
Many thanks for your
...@cisco.com;
pyeg...@juniper.net; General Area Review Team; ietf@ietf.org;
Jari Arkko; marc...@it.uc3m.es; Laganier, Julien
Subject: Re: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi Ahmad,
Please see inline for my suggested text for the
retransmission
Hi Ben,
Hopefully we can close on all of the open issues.
Please see inline.
Regards,
Ahmad
-Original Message-
From: Ben Campbell [mailto:b...@estacado.net]
Subject: Re: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
This is a followup on revision 12
-Original Message-
From: Ben Campbell [mailto:b...@estacado.net]
Subject: Re: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
This is a followup on revision 12, since it came out
before I got to
revision 11:
Overall, I think this revision is much better. Most of my
On Sep 10, 2009, at 5:35 PM, Ahmad Muhanna wrote:
Hi Ben,
Thanks for the follow up. Please see answers inline.
Regards,
Ahmad
-Original Message-
From: Ben Campbell [mailto:b...@estacado.net]
Subject: Re: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi Ben,
Thanks for the follow up. Please see answers inline.
Regards,
Ahmad
-Original Message-
From: Ben Campbell [mailto:b...@estacado.net]
Subject: Re: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
This is a followup on revision 12, since it came
, Mohamed (RICH2:2S20); sgund...@cisco.com;
kchowdh...@starentnetworks.com; pyeg...@juniper.net; General
Area Review Team; ietf@ietf.org; Jari Arkko;
marc...@it.uc3m.es; Laganier, Julien
Subject: RE: [PART-I] Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi, Ben,
-Original
; ietf@ietf.org; Jari Arkko;
marc...@it.uc3m.es; Laganier, Julien
Subject: RE: [PART-I] Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi, Ben,
-Original Message-
Summary: This draft is on the right track, but there are
open issues
-- S7.2, paragraph 2: Since some mobility entities, e.g., local
mobility anchor and mobile access gateway, are allowed
to receive
and possibly send a Binding Revocation Indication or Binding
Revocation Acknowledgement for different cases,
therefore, if IPsec
is used to secure
Hi Ben,
Please see inline.
Regards,
Ahmad
-Original Message-
I still have concerns about the use of IPSec, though, as without
IPSec of some other form of authentication, an attacker could
conceivably impersonate the node that bindings were
associated with.
This is
Hi Ben,
Please see inline.
Regards,
Ahmad
-Original Message-
From: Ben Campbell [mailto:b...@estacado.net]
Subject: Re: [PART-I] Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
On Sep 1, 2009, at 3:35 PM, Ahmad Muhanna wrote:
[...]
So is it true
HI--I think we're almost closed on this Part II --remaining comments
below:
On Aug 29, 2009, at 2:14 AM, Ahmad Muhanna wrote:
[...]
Does the potential guess-ability of a sequence number have
security implications?
[Ahmad]
Not at all. Packet must pass IPsec authentication first.
But
Hi Ahmad,
Comments inline. I deleted items I think we can consider closed.
On Aug 29, 2009, at 3:21 AM, Ahmad Muhanna wrote:
[...]
I still have concerns about the use of IPSec, though, as
without IPSec of some other form of authentication, an
attacker could conceivably impersonate the
On Sep 1, 2009, at 3:35 PM, Ahmad Muhanna wrote:
[...]
So is it true that using bulk revocation without IPSec could make it
possible for an attacker to masquerade as an authorized party, and
delete large numbers of bindings with a single BRI?
[Ahmad]
Well, we need to be a little careful
and Telechat Review of
draft-ietf-mext-binding-revocation-10
On Sep 1, 2009, at 3:35 PM, Ahmad Muhanna wrote:
[...]
So is it true that using bulk revocation without IPSec
could make it
possible for an attacker to masquerade as an authorized party, and
delete large numbers of bindings
Hi, Ben,
Sorry for the late reply, hope to close on all comments; please see
inline.
-Original Message-
[...]
[PART-II]
Nits/editorial comments:
-- General:
I understand that, and I hope I didn't come off too critical.
I know that it is very hard to make a draft that
Hi Ben,
Will address and comment on open ones. Please see inline.
Regards,
Ahmad
-Original Message-
Subject: Re: [PART-I] Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
Hi Ahmad,
Let me comment on the security issues at a high level up
front, since I
Hi Ahmad,
Let me comment on the security issues at a high level up front, since
I think I can tie together responses to several of your comments
below. More specific comments imbedded:
I think the email from Jari helped clarify things for me to a point
that I can make my concerns a
Hi Ben,
Thanks for the detailed review and comments.
Please allow me to address your comments in two parts.
1. PART-I: Major and technical issues.
2. PART-II: remaining comments.
Please see answers inline for PART-I.
Regards,
Ahmad
-Original Message-
Summary: This draft is on the
Hi Ben,
Please see answers in line for PART-II.
-Original Message-
From: Ben Campbell [mailto:b...@estacado.net]
Subject: Gen-ART LC and Telechat Review of
draft-ietf-mext-binding-revocation-10
I have been selected as the General Area Review Team
(Gen-ART) reviewer for this draft
Hi, Ben,
-Original Message-
Summary: This draft is on the right track, but there are
open issues.
Additionally, I have a number of editorial comments.
Major issues:
-- I think the security considerations need quite a bit of
work. In
particular, there is very
I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please wait for direction from your document shepherd
or AD before posting a new version of the draft.
Document:
Note that the address listed in the draft tracker for Julien bounces--
trying again with the address on the MEXT wg page:
On Aug 25, 2009, at 9:56 PM, Ben Campbell wrote:
I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please
On Aug 26, 2009, at 3:58 AM, Ahmad Muhanna wrote:
Hi Ben,
Thanks for the detailed review and comments.
Please allow me to address your comments in two parts.
1. PART-I: Major and technical issues.
2. PART-II: remaining comments.
Please see answers inline for PART-I.
Regards,
Ahmad
Hi Jari--comments inline:
On Aug 26, 2009, at 5:05 AM, Jari Arkko wrote:
Ben,
Thanks for your review!
Wrt. authorization, the document does make it clear that bulk
revocation requires explicit authorization (search for
authorization). The document does not say how to achieve this, but
and Telechat Review of
draft-ietf-mext-binding-revocation-10
[...]
[PART-II]
Nits/editorial comments:
-- General:
This draft has some significant organization issues that make
it harder to read than it needs to be. In particular, the
sections that discuss protocol details keep repeating
Ben,
Thanks for your review!
Wrt. authorization, the document does make it clear that bulk revocation
requires explicit authorization (search for authorization). The
document does not say how to achieve this, but I would assume a global
configuration flag or a list of authorized peers. We
32 matches
Mail list logo
