Why the Authentication Data Suboption is Needed for Mobile IPv6 (MIPv6)
RFC 5419

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    mip6 mailing list <mip6@ietf.org>, 
    mip6 chair <mip6-chairs@tools.ietf.org>
Subject: Document Action: 'Why Authentication Data suboption is 
         needed for MIP6' to Informational RFC 

The IESG has approved the following document:

- 'Why Authentication Data suboption is needed for MIP6 '
   <draft-ietf-mip6-whyauthdataoption-08.txt> as an Informational RFC

This document is the product of the Mobility for IPv6 Working Group. 

The IESG contact persons are Jari Arkko and Mark Townsley.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-mip6-whyauthdataoption-08.txt

Technical Summary

   This draft documents the original thinking behind the
   development of the authentication protocol for Mobile IPv6,
   in addition to the IPsec-based security already provided in
   the base Mobile IPv6 RFC.

Working Group Summary

   This is a product of the MIP6 WG.

Document Quality

   Extensive discussion of this draft has gone on the list and
   with the AD. Significant revision of the document was done
   based on the dicussion.

Personnel

   There is no shepherd. MEXT chairs are looking after this,
   if there is any need for WG action. The responsible AD is
   Jari Arkko.

RFC Editor Note

  In the abstract, change:
  OLD:
   binding update and binding acknowledgement
  NEW:
   Binding Update and Binding Acknowledgement

  In Section 2, change:
  OLD:
  integrate will
  NEW:
  integrate well

  In Section 3, change:
  OLD:
   o  The Binding update/Binding ACK
  NEW:
   o  The Binding Update/Binding Acknowledgment

  In Section 3, change:
  OLD:
    HoTI/Hot
  NEW:
    HoTI/HoT

  In Section 4, change:
  OLD:
   minmize
  NEW:
   minimize

  Change item 3 from Section 4 as follows:
  OLD:
   3.  In many deployments the authentication credentials already exist
       in a AAA server.  These credentials are used for authenticating a
       user and authorizing network access.  The same credentials and
       security parameters can be reused for MIP6 security as well.
  NEW:
   3.  In many deployments the authentication credentials already exist
       in a AAA server.  These credentials are used for authenticating a
       user and authorizing network access.  The same credentials and
       security parameters cannot be reused for MIP6 security as well,
       if IKEv1 is used.

  In Section 4, change:
  OLD:
   One such example of networks that have such characteristics are cdma
   networks as defined in the 3GPP2 X.S0011-002-D [3GPP2 X.S0011-002-D]
   specification.
  NEW:
   One such example of networks that have such characteristics are cdma
   networks as defined in the 3GPP2 [3GPP2 X.S0011-002-D] specification.

  In Section 5.1, change:
  OLD:
   3GPP2 has specified Mobile IPv6 in Revision D of the
   3GPP2 X.S0011-002-D [3GPP2 X.S0011-002-D] specification (which
   specifies the packet data architecture).
  NEW:
   3GPP2 has specified Mobile IPv6 operation in the
   [3GPP2 X.S0011-002-D] specification.

  Also in Section 5.1, change "IKEV2" to "IKEv2" and change "a a" to "a".



  And in Section 5.1, change:
  OLD:
   This is explained in detail in the 3GPP2 X.S0011-002-D
   [3GPP2 X.S0011-002-D] specification.
  NEW:
   This is explained in detail in [3GPP2 X.S0011-002-D].

  In Section 5.2, change "net- works" to "networks"

  In Section 5.2, change "is an integral" to "is viewed as an integral"

  In Section 5.2, change:
  OLD:
   binding updates and binding acknowledgements
  NEW:
   Binding Updates and Binding Acknowledgments

  Change in Section 5.2:
OLD:
  There is no practical mechanism to
  use IPsec directly with the AAA infrastructure with out the use of
  IKE or some other mechanism that enables the establishment of the
  IPsec SA between the MN and HA.
NEW:
  There is no practical mechanism to
  use IPsec directly with the AAA infrastructure with out the use of
  IKEv2 or some other mechanism that enables the establishment of the
  IPsec SA between the MN and HA.

  Add a "." to the end of the fourth paragraph of Section 5.2.

  In Section 8, change "howver" to "however".

  Use the following as the new contents of the [WiMAX-NWG] reference:

              "WiMAX Network Architecture "WiMAX End-to-End Network
              Systems Architecture;   http://www.wimaxforum.org/
              documents/documents/
              WiMAX_Forum_Network_Architecture_Stage_2-
              3_Rel_1v1.2.zip"", May 2008.