Mobile IP Version 6 Route Optimization Security Design Background
draft-ietf-mip6-ro-sec-03
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2005-07-29
|
03 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2005-06-30
|
03 | Amy Vezza | IESG state changed to Approved-announcement sent |
2005-06-30
|
03 | Amy Vezza | IESG has approved the document |
2005-06-30
|
03 | Amy Vezza | Closed "Approve" ballot |
2005-06-30
|
03 | Margaret Cullen | Note field has been cleared by Margaret Wasserman |
2005-06-30
|
03 | Margaret Cullen | State Changes to Approved-announcement to be sent from Approved-announcement to be sent::AD Followup by Margaret Wasserman |
2005-05-27
|
03 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2005-05-27
|
03 | (System) | New version available: draft-ietf-mip6-ro-sec-03.txt |
2005-05-18
|
03 | Margaret Cullen | [Note]: 'Waiting for an update to address comments (see below).' added by Margaret Wasserman |
2005-05-18
|
03 | Margaret Cullen | State Changes to Approved-announcement to be sent::Revised ID Needed from Approved-announcement to be sent::Point Raised - writeup needed by Margaret Wasserman |
2005-05-10
|
03 | Margaret Cullen | Note field has been cleared by Margaret Wasserman |
2005-03-11
|
03 | Mark Townsley | Shepherding AD has been changed to Margaret Wasserman from Thomas Narten |
2005-02-21
|
03 | Amy Vezza | State Changes to Approved-announcement to be sent::Point Raised - writeup needed from Approved-announcement to be sent by Amy Vezza |
2005-02-18
|
03 | (System) | Removed from agenda for telechat - 2005-02-17 |
2005-02-17
|
03 | Amy Vezza | State Changes to Approved-announcement to be sent from IESG Evaluation by Amy Vezza |
2005-02-17
|
03 | Allison Mankin | [Ballot Position Update] New position, No Objection, has been recorded for Allison Mankin by Allison Mankin |
2005-02-17
|
03 | Harald Alvestrand | Review by Elwyn Davies, Gen-ART Summary: Taken in isolation this is a good, if somewhat discursive document. I think it has a number of language … Review by Elwyn Davies, Gen-ART Summary: Taken in isolation this is a good, if somewhat discursive document. I think it has a number of language nits which are rather numerous to list here (I will mail the authors privately with suggestions). That being said, I had expected somewhat more of a 'design diary': in practice the great majority of the document is either about the security threats for MIP(v6) or the actual (RR) solution chosen rather than about other possibilities which were ruled out. There are useful notes on design criteria for avoidance of reflection and amplification attacks, but I felt that much of this document was duplicating RFC3775 (description of RR and security considerations) with some expansion of discussion. Now if the threat analysis is actually duplicating RFC3775, it could probably be omitted: On the other hand this draft is actually referenced in RFC3775 as providing additional detail for certain things. If this is really a more definitive document for the threat analysis there would be something to be said for either retitling the document to reflect this or possibly splitting it into true threat analysis and a much smaller document on the design background. Review (nits): Figures: I would prefer figures to have explicit captions rather than just 'Figure n' Sections 1.1 and 4.2: contain lists which would be more readable if the items had bullets to show the boundaries of the items. Title of Section 2: 'Dimensions of Danger' is a resonant phrase but it didn't quite explain to me what was being considered.. maybe 'Avenues of Attack'? Last sentence of S1.3: the phrase 'to establish an explicit goal in the provided level of protection' is indecipherable to me. Section 3.4: The term 'cookie' is introduced with no explanation here. Section 4: the first sentence contains a reference which has not been resolved to a section: . I have a large number of suggestions of an editorial nature which I am sending directly to the authors and Thomas as a marked up copy. |
2005-02-17
|
03 | Harald Alvestrand | [Ballot comment] Reviewed by Elwyn Davies, Gen-ART He wonders if this is really two documents trying to share one body... complete review in document log. |
2005-02-17
|
03 | Harald Alvestrand | [Ballot Position Update] New position, Undefined, has been recorded for Harald Alvestrand by Harald Alvestrand |
2005-02-17
|
03 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded for Russ Housley by Russ Housley |
2005-02-16
|
03 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner |
2005-02-16
|
03 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded for David Kessens by David Kessens |
2005-02-16
|
03 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
2005-02-16
|
03 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
2005-02-16
|
03 | Sam Hartman | [Ballot Position Update] New position, No Objection, has been recorded for Sam Hartman by Sam Hartman |
2005-02-14
|
03 | Michelle Cotton | IANA Comments: We understand this document to have NO IANA Actions. |
2005-02-09
|
03 | Thomas Narten | Placed on agenda for telechat - 2005-02-17 by Thomas Narten |
2005-02-09
|
03 | Thomas Narten | [Ballot comment] Overall, a very nice document. Well-written, good overview of the security design. It sure would be nice to see more documents like this!!! … [Ballot comment] Overall, a very nice document. Well-written, good overview of the security design. It sure would be nice to see more documents like this!!! Comments/Nits: > To understand Mobile IPv6, it is important to understand the MIPv6 > design view to the base IPv6 protocol and infrastructure. The most sentence could be better worded. > The basic solution requires tunneling through the home agent, thereby > leading to longer paths and degraded performance. This tunneling is > sometimes called triangular routing since it was originally planned > that the packets from the mobile node to its peer could still > traverse directly, bypassing the home agent. perhaps add: (Ingress filtering effectively forces return traffic from the MN to also travel via the HA.) > As a security goal, Mobile IPv6 design aimed to be "as secure as the s/, /, the/ > formation. That is, an attacker has much easier task to fool a s/has/has the/ s/to fool/of fooling/ > messages to be sent by the targets nodes. s/targets/target/?? > (Section 3.4). Finally, we considering the applicability of s/considering/consider/ > Any protocol for authenticating binding update has to consider replay s/update/updates/ also s/binding update/Binding Update/ throughout? I.e,. isn't this a proper name? > discussed in . The goal has been to produce a design whose is supposed to be a reference to a specific document? > the corresponded nodes is deliberately restricted to a few minutes, s/corresponded/correspondent/ > Return Routability (RR) is the name of the basic mechanism deployed > by Mobile IPv6 route optimization security design. Basically, it "deployed" is not really the right work. selected? chosen? also s/by/by the/ > neighboring node. To launch this attack, the mobile nodes s/nodes/node/ Authors section doens't include full contact info for all info (e.g., email addresses). |
2005-02-09
|
03 | Thomas Narten | [Ballot Position Update] New position, Yes, has been recorded for Thomas Narten |
2005-02-09
|
03 | Thomas Narten | Ballot has been issued by Thomas Narten |
2005-02-09
|
03 | Thomas Narten | Created "Approve" ballot |
2005-02-09
|
03 | (System) | Ballot writeup text was added |
2005-02-09
|
03 | (System) | Last call text was added |
2005-02-09
|
03 | (System) | Ballot approval text was added |
2005-02-09
|
03 | Thomas Narten | State Changes to IESG Evaluation from Publication Requested by Thomas Narten |
2005-02-09
|
03 | Thomas Narten | [Note]: '2005-02-08: ready for full IESG review' added by Thomas Narten |
2005-02-09
|
03 | Thomas Narten | State Change Notice email list have been change to basavaraj.patil@nokia.com, gdommety@cisco.com, gab@sun.com, pekka.nikander@nomadiclab.com, erik.nordmark@sun.com, jari.arkko@piuha.net, tuomaura@microsoft.com from basavaraj.patil@nokia.com, … State Change Notice email list have been change to basavaraj.patil@nokia.com, gdommety@cisco.com, gab@sun.com, pekka.nikander@nomadiclab.com, erik.nordmark@sun.com, jari.arkko@piuha.net, tuomaura@microsoft.com from basavaraj.patil@nokia.com, gdommety@cisco.com |
2004-10-28
|
03 | Dinara Suleymanova | Draft Added by Dinara Suleymanova in state Publication Requested |
2004-10-18
|
02 | (System) | New version available: draft-ietf-mip6-ro-sec-02.txt |
2004-07-22
|
01 | (System) | New version available: draft-ietf-mip6-ro-sec-01.txt |
2004-04-26
|
00 | (System) | New version available: draft-ietf-mip6-ro-sec-00.txt |