Secure Connectivity and Mobility Using Mobile IPv4 and IKEv2 Mobility and Multihoming (MOBIKE)
draft-ietf-mip4-mobike-connectivity-03
Yes
(Jari Arkko)
No Objection
(Bill Fenner)
(Cullen Jennings)
(Dan Romascanu)
(David Kessens)
(David Ward)
(Jon Peterson)
(Lars Eggert)
(Lisa Dusseault)
(Magnus Westerlund)
(Mark Townsley)
(Ron Bonica)
(Ross Callon)
(Sam Hartman)
(Ted Hardie)
(Tim Polk)
Note: This ballot was opened for revision 03 and is now closed.
Jari Arkko Former IESG member
Yes
Yes
()
Unknown
Bill Fenner Former IESG member
No Objection
No Objection
()
Unknown
Brian Carpenter Former IESG member
No Objection
No Objection
(2007-02-02)
Unknown
Based on Gen-Art review by Miguel Garcia: Third header line should start Intended Status: Best Current Practice Section 2: the first and the last paragraphs in this section are the same. One of them should be deleted.
Chris Newman Former IESG member
No Objection
No Objection
(2007-11-29)
Unknown
Carrying forward Ted's no objection position. I did not re-review the document.
Cullen Jennings Former IESG member
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
No Objection
No Objection
()
Unknown
David Kessens Former IESG member
No Objection
No Objection
()
Unknown
David Ward Former IESG member
No Objection
No Objection
()
Unknown
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Lars Eggert Former IESG member
No Objection
No Objection
()
Unknown
Lisa Dusseault Former IESG member
No Objection
No Objection
()
Unknown
Magnus Westerlund Former IESG member
No Objection
No Objection
()
Unknown
Mark Townsley Former IESG member
No Objection
No Objection
()
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Ross Callon Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
(was Discuss)
No Objection
No Objection
(2007-02-06)
Unknown
From the SecDir Review by Eric Rescorla: Eric found Section 3 fairly hard to read because the diagram is so dense and all the different cases are run together. Eric suggests breaking out all the cases into separate diagrams with explanation for each. At minimum, each case should be labelled clearly and covered in a separate section in the accompanying text. Section 3.4.1 says: > > 1a. Initiate an IKE mobility exchange to update the VPN gateway with > the current address. If the new network is also untrusted, this > will be enough for setting up the connectivity. If the new > network is trusted, and if the VPN gateway is reachable, this > exchange will allow the mobile node to keep the VPN state alive > while on the trusted side. If the VPN gateway is not reachable > from inside, then this exchange will fail. > When should we expect this to fail? Section 3.4.1 also says: > > 2. If the mobile node receives a Registration Reply to the request > sent in step 2, then the current subnet is a trusted subnet, and > the mobile node can communicate without VPN tunneling. The mobile > node MAY tear down the VPN tunnel. > This should say "step 1b", right?
Sam Hartman Former IESG member
(was Discuss, No Objection, Discuss)
No Objection
No Objection
()
Unknown
Ted Hardie Former IESG member
No Objection
No Objection
()
Unknown
Tim Polk Former IESG member
(was No Record, Discuss)
No Objection
No Objection
()
Unknown