Protocol for Carrying Authentication and Network Access (PANA) Threat Analysis and Security Requirements
RFC 4016

Note: This ballot was opened for revision 07 and is now closed.

(Thomas Narten) Yes

(Steven Bellovin) (was Discuss) No Objection

(Bill Fenner) No Objection

(Ted Hardie) No Objection

Comment (2004-06-23 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
No further blocking objections.  Two smaller points:

The draft uses co-located to mean something far beyond "in the same place",
and I'd suggest expanding on the term or looking for another that covers the
ground a bit better.

The "service theft" threat implies a threat to other systems which
is not necessarily present in other threats--someone taking over
another's IP address and MAC may also be authorized by weak
schemes at upper layers that rely on those; further, it opens the
possibility of attempts to take over other existing flows.  This
draft doesn't need to cover that, but some text pointing to the
possibility might be useful

(David Kessens) No Objection

(Jon Peterson) No Objection

(Alex Zinin) No Objection

(Russ Housley) No Record

Comment (2004-06-24 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
  Please update the Abstract so that it starts with the point of
  the document, rather than the point of the working group. I
  propose:

    This document discusses the threats to protocols used to carry
    authentication for IP network access. The security requirements
    arising out of these threats will be used as additional input to
    the PANA (Protocol for Carrying Authentication for Network Access)
    Working Group for designing the IP-based network access
    authentication protocol.