Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4
draft-ietf-mip4-aaa-key-06
Yes
(Thomas Narten)
No Objection
(Alex Zinin)
(Allison Mankin)
(Bert Wijnen)
(David Kessens)
(Harald Alvestrand)
(Jon Peterson)
(Margaret Cullen)
(Scott Hollenbeck)
(Steven Bellovin)
Note: This ballot was opened for revision 06 and is now closed.
Thomas Narten Former IESG member
Yes
Yes
()
Unknown
Alex Zinin Former IESG member
No Objection
No Objection
()
Unknown
Allison Mankin Former IESG member
No Objection
No Objection
()
Unknown
Bert Wijnen Former IESG member
No Objection
No Objection
()
Unknown
David Kessens Former IESG member
No Objection
No Objection
()
Unknown
Harald Alvestrand Former IESG member
No Objection
No Objection
()
Unknown
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Margaret Cullen Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
(was Discuss)
No Objection
No Objection
(2004-04-27)
Unknown
Section 4: s/supported replay methods/supported replay detection methods/ Section 5 title: s/and Derivation/and Key Derivation/ Section 5: s/The example that follows makes use of/The following example uses/
Scott Hollenbeck Former IESG member
No Objection
No Objection
()
Unknown
Steven Bellovin Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Ted Hardie Former IESG member
No Objection
No Objection
(2004-04-27)
Unknown
In the introduction, the 3rd paragraph says: It is assumed that the AAA Security Association between the MN and its HAAA has been appropriately configured so that the AAA server has the authorization to provide key material to be used as the basis for the necessary Mobility Security Assocation between the MN and its prospective mobility agents. The 4th paragraph says: It is assumed that the security association between the mobile node and its AAA server has been appropriately configured so that the AAA server has authorization to provide key material to be used as the basis for the necessary Mobility Security Association(s) between the mobile node and its prospective mobility agents. Is this redundant, or meant to be introducing a different assumption (related to the AAA server versus the HAAA server)? If the latter, some further text clarifying it would be useful. If the first one is retained "Assocation" is missing an "i". The document is very clear that: The provisioning and refreshing of the AAA key in the MN and AAA server is outside the scope of this document. Is there is a pointer to a document or set of documents that describe the provisioning and refreshing practices in use or a perceived set of best practices for this? If such a pointer or pointers were available, they would be welcome additions as informative references; there does seem to be a risk here that folks will pre-provision essentially static AAA keys, and though this document is quite clear that it is not its task to clear that up, any available pointers would be welcome.