Host Identity Protocol (HIP) Immediate Carriage and Conveyance of Upper-Layer Protocol Signaling (HICCUPS)
draft-ietf-hip-hiccups-05
Yes
(Ralph Droms)
No Objection
(Dan Romascanu)
(Jari Arkko)
(Lars Eggert)
(Peter Saint-Andre)
(Robert Sparks)
(Ron Bonica)
(Tim Polk)
Recuse
(Gonzalo Camarillo)
Note: This ballot was opened for revision 05 and is now closed.
Ralph Droms Former IESG member
Yes
Yes
()
Unknown
Adrian Farrel Former IESG member
No Objection
No Objection
(2010-06-17)
Unknown
The Introduction says... The HIP_DATA packet is not aimed to be a replacement for ESP transport instead it SHOULD only be used to exchange few packets between the peers. I find this woolly on three counts. 1. "not aimed" Is it or is it not? 2. "SHOULD only" Feels like you need to flip this to a "SHOULD NOT" For example: "SHOULD NOT be used to exchange more than..." 3. "exchange [a] few packets" Your opinion of "a few" may differ from mine. What is the real 2119 constraint here? --- Would be helpful to explain what a MAC is in section 2. --- Is it the intention that new HIP implementations should include support for the DATA packet? If so, doesn't this I-D update 5201? --- Section 4 appears to use some form of syntax to define the DATA packet. You should probably include a reference to the definition of that syntax.
Alexey Melnikov Former IESG member
(was Discuss)
No Objection
No Objection
(2010-07-11)
Unknown
Thank you for addressing my earlier discusses and comments. One more issue resulting from the most recent change: 5.3.1. Handling of SEQ_DATA in a Received HIP DATA packet The following steps define the conceptual processing rules for handling a SEQ_DATA parameter in a received HIP DATA packet. The system MUST verify the SIGNATURE in the HIP DATA packet. If the verification fail, the packet SHOULD be dropped and an error message logged. If the value in the received SEQ_DATA and MIC value received PAYLOAD_MIC corresponds to a HIP DATA packet that has recently been processed, the packet is treated as a retransmission. The SIGNATURE verification (next step) MUST NOT be skipped. This sentence needs to be deleted, because you've reordered paragraphs as I suggested earlier. (A byte-by-byte comparison of the received and a stored packet would be adequate, though.) It is recommended that a host cache HIP DATA packets sent with ACKs to avoid the cost of generating a new ACK packet to respond to a retransmitted HIP DATA packet. The host MUST acknowledge, again, such (apparent) HIP DATA packet retransmissions but SHOULD also consider rate-limiting such retransmission responses to guard against replay attacks.
Dan Romascanu Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Jari Arkko Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Lars Eggert Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Peter Saint-Andre Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Robert Sparks Former IESG member
No Objection
No Objection
()
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
No Objection
No Objection
(2010-06-17)
Unknown
The Gen-ART Review by Elwyn Davies on 15 June 2010 offers many minor comments and editorial nits. Please consider them. http://www.softarmor.com/rai/temp-gen-art/ draft-ietf-hip-hiccups-02-davies.txt
Sean Turner Former IESG member
(was Discuss)
No Objection
No Objection
(2010-07-12)
Unknown
I support Peter's DISCUSS. I also support Jari's first DISCUSS position.
Tim Polk Former IESG member
(was Discuss)
No Objection
No Objection
(2010-06-17)
Unknown
I support Peter's discuss position.
Gonzalo Camarillo Former IESG member
Recuse
Recuse
()
Unknown