Last Call Review of draft-ietf-conex-mobile-05
review-ietf-conex-mobile-05-secdir-lc-xia-2015-09-17-00

Request Review of draft-ietf-conex-mobile
Requested revision No specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2015-09-29
Requested 2015-08-27
Authors Dirk KUTSCHER , Faisal Mir , Rolf Winter , Suresh Krishnan , Ying Zhang , Carlos J. Bernardos
I-D last updated 2015-09-17
Completed reviews Secdir Last Call review of -05 by Liang Xia (diff)
Opsdir Last Call review of -05 by Tim Wicinski (diff)
Assignment Reviewer Liang Xia
State Completed
Request Last Call review on draft-ietf-conex-mobile by Security Area Directorate Assigned
Reviewed revision 05 (document currently at 06)
Result Has issues
Completed 2015-09-17
review-ietf-conex-mobile-05-secdir-lc-xia-2015-09-17-00

Hi,

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF
 documents being processed by the IESG.  These comments were written primarily
 for the benefit of the security area directors.  Document editors and WG
 chairs should treat these comments just like any other last call comment.



This memo describes a mobile communications use case for congestion exposure
(ConEx) with a particular
 focus on those mobile communication networks that are architecturally similar
 to the 3GPP Evolved Packet System (EPS).



I have the following comments:

l



1. It should be helpful to consider the communication security between the
ConEx senders and receivers such as the Confidentiality, data integrity
 and peer entity authentication in the security considerations part. Because in
 general, the corresponding risks are still possible to exist.

l



2. The authentication mechanism among all the elements of ConEx solution should
also be considered to handle the condition of faked messages or invalid
 peer elements.



Recommendation:  Ready With Issues



B.R.

Frank