Last Call Review of draft-ietf-dmm-best-practices-gap-analysis-07
review-ietf-dmm-best-practices-gap-analysis-07-genart-lc-davies-2014-10-21-00

    I am the assigned Gen-ART reviewer for this draft. For background on

    Gen-ART, please see the FAQ at

<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>

.

    Please resolve these comments along with any other Last Call
    comments

    you may receive.

    Document:
    draft-ietf-dmm-best-practices-gap-analysis-07.txt

    Reviewer:
    Elwyn Davies

    Review Date:
    2014-09-18

    IETF LC End Date:
    2014-09-25

    IESG Telechat date: (if known)
    -

    Summary:
    Almost ready.  A couple of minor issues (one almost editorial and
    one may be due to my lack of knowledge of the current state of
    Mobile IPv6 security) and mostly a lot of minor language nits.  I
    think there might be some point in numbering the identified gaps to
    facilitate future discussion.

    Major issues:

    None

    Minor issues:

    Applicability to Mobile IPv4?  It appears from the early sections
    that this draft is pretty much concentrated on Mobile IPv6 (see the
    first para of s3 which mentions v6 RFCs exclusively and IPv4 seems
    to be mentioned in only a very limited way later) although this is
    not stated.  To avoid wasting people's time, it would be useful to
    put a few words about the relevance or otherwise of this draft to
    Mobile IPv4 work in the introduction (and maybe the title?) before
    we get to s5.3 where there is more clarity.

    s6:  I don't know if there is any extra security risk in adding
    extra MAs etc that might allow a malicious party to offer spurious
    MA and so to redirect traffic inappropriately.  I don't know enough
    about this problem space to know how well this is mitigated
    already.  Might be worth a mention? (maybe would affect s5.8 if so).


    Nits/editorial comments:

    s1: For the uninitiated, a explanation of what a mobility anchor is
    would be helpful.  Quoting some (or even all) of the first para of
    RFC 7333 would do the trick nicely.

    s1, para 1: s/pose several problems/poses several problems/

    s2, last para: s/without the reliance on centrally deployed/without
    reliance on centrally deployed/

    s3, para 1:

Although these two are centralized approaches,

    Two? Three items are mentioned in the previous sentence, but maybe
    the Host approach and Proxy extension is supposed to be considered
    as a single scheme.  Maybe something like:

          "Although these approaches are centralized,.."

    would avoid the confusion.

    s3, two instances paras after bullet #3:

    OLD

   the
   forwarding management (FM)function is both ends of tunneling at the
   HA and the MN. [MAG in second case]
NEW:
   the forwarding management (FM) function involves both ends of the tunnel
   between the HA and the MN.  [MAG in second case]

s3, last para: s/MAP also has FM function/MAP also provides the FM function/

s4.2, para after Figure 1: Probably best to s/In the figure/In Figure 1/ just
to be totally clear.

s4.2, 2nd para after Figure 1:

   IP mobility protocols can be used to provide inter-access mobility
   support to users

I don't know if 'inter-access mobility' is acceptable jargon but I would suggest
adding 'mode', 'method' or 'technology' -- thus

IP mobility protocols can be used to provide inter-access mode mobility
   support to users

s4.2.1, para 2:

Note
   that some of these mechanisms [

SDO-3GPP.23.402

] have been defined in
   other standards organizations.

It is not clear what 'some' refers to here:  It could refer to the mechanisms
that are noted as not specified [implied, by the IETF?] or someting earlier in
the paragraph or stuff in Figure 2 (BT/RO modes?).  Please clarify.

Figure 2:  I like the 'zzzz' :-) I guess this is supposed to signify a tunnel
but it would be appropriate to have a key for '(o)' and 'zzzz'!  I take it
CN1/CN2 are 'Correspondent Nodes' (per section 2) but it might be useful to
reinforce this in the key also.

s4.2.1, para after bullets: Please expand acronym CoA on first use.

s4.2.1, para before Fig 3: s/It allows reducing the amount/It allows the
reduction of the amount/

Figure 4: Oh, dear! Boring old 'xxx' for tunnels. :-(  But I guess it should
have a key again.

s4.2.2, para after Fig 4: s/Similar to/In a similar way to/

s4.2.2, 2nd para after Fig 4: s/the LMA runtime assignment [RFC6463]/the support
the LMA runtime assignment described in [

RFC6463

]/; s/is mainly aimed for/is mainly aimed at/

s4.3, para 1: Is there a suitable overview reference for the EPS architecture? 
Might be useful here.

s4.3, para before Fig 6:

... or at the macro, ...

I have no idea what this means.

Figures 6 and 7:  Something has gone wrong with the layout here.  (Non-ASCII
characters?)

s4.3, Figure 7 and para before it (and earlier): I think PGW and P-GW, also SGW
and S-GW, are supposed to be acronyms for the same thing. Please make this
consistent. (PGW is used elsewhere as well).

s4.3, para after Fig 7: I think eNB needs expansion [Thank you 3GPP for the
heavy duty acronym soup!]

Figure 8: Is "H(e)NB" the same as "HeNB"? Be good to be consistent if so; If
not what is the difference?

s4.3, last para: s/specially/especially/

s5, general: Indexing the gaps:  For the purposes of clarity, future discussion
and possible solutions, it would probably be worth assigning serial numbers to
the identified gaps  in the same way as the requirements are indexed (maybe
even linking them to the relevant req by calling gaps related to REQ#0
something like GAP#0-1, GAP#0-2 etc.)  There are also a couple of places,
notably the end of s5.2, where it is not quite clear whether items (like the
last para of s5.2) are separate gaps or part of the previous one.  Numbering
the gaps might help to concentrate the text on linking together (or separating)
problems into well-defined sets.

s5.1, para 1: s/enable/make it possible for/; s/single/a single/

s5.1, first bullet: s/this may also require to transfer/this may also require
the transfer of/

s5.1, para after 2nd bullet: s/therefore providing/thereby providing/

s5.1, 2nd para after 2nd bullet:
OLD:
   where the mobility
   client natively knows each anchor associated to each mobility
   sessions.
NEW:
   where the mobility
   client natively knows the anchor associated with each of its mobility
   sessions.

s5.1, 3rd para after 2nd bullet: s/to allow dynamically discovering the
presence of nodes/to allow
   the dynamic discovery of the presence of nodes/;
   s/to allow selecting a node/to allow the selection of a node/
 and...
OLD:
   There are though some mechanisms
   that could help discovering anchors, such as the Dynamic Home Agent
   Address Discovery (DHAAD)
NEW:
   However, there are some mechanisms
   that could help to discover anchors, such as the Dynamic Home Agent
   Address Discovery (DHAAD)
Additionally: Does DHAAD deserve a reference?

s5.1, last para:  I have suggested some changes to make this clearer (I hope):
OLD:
   Also note that REQ1 is such that the data plane traffic can avoid
   suboptimal route.  Distributed processing of the traffic is then
   needed only in the data plane.  The needed capability in distributed
   processing therefore should not contradict with centralized control
   plane.  Other control plane solutions such as charging, lawful
   interception, etc. should not be limited.  Yet combining the control
   plane and data plane forwarding management (FM) function may limit
   the choice to distributing both data plane and control plane
   together.  In order to enable distributing only the data plane
   without distributing the control plane, a gap is to split the
   forwarding management function into the control plane (FM-CP) and
   data plane (FM-DP).
NEW:
   Also note that REQ1 is intended to prevent the data plane traffic taking a
   suboptimal route.  Distributed processing of the traffic is then, hopefully,
   needed only in the data plane.  Provision of this capability for distributed
   processing should not conflict with the use of a centralized control
   plane.  Other control plane solutions such as charging, lawful
   interception, etc. should not be constrained by the DMM solution.  On the
   other hand combining the control plane and data plane forwarding management
   (FM) function may limit the choice of solutions to those that distribute
   both data plane and control plane together.  In order to enable distribution
   of only the data plane without distributing the control plane,it would be
   necessary to split the forwarding management function into control plane
   (FM-CP) and data plane (FM-DP) components; there is currently a gap here.

s5.2, para 1: s/flexibility on determining/flexibility in determining/;
s/whether or not use/whether or not to use/

s5.2, para 1:

 It only enables the two following functions:

I am not sure what 'it' refers to here.  Is this the functionality that is
needed to implement REQ1? Or what?

s5.2, 1st bullet: s/which uses/which use/

s5,2, 1st para after bullets: s/to indicate the IP stack/to indicate to the IP
stack/

s5,2, 1st para after bullets:

mobility support is required or not in.

Either the 'in' is redundant or there is a phrase missing at the end.

s5.2, next to last para:
s/there exist these individual efforts that/these individual efforts and they/

s5.4, para 2: s/nothing prevent/nothing prevents/; s/functions with in IP
mobility/functions within IP mobility/

s5.4, last para: s/going into the direction/going in the direction/

s5.5: s/the needed mobility management/the necessary mobility management/

s5.6, bullet 6: s/of forwarding path/of the forwarding path/

s5.6, para after bullets: s/the above list of operation/how, or whether, they
support the above list of operation/

s5.7: Everything after the first sentence is either 'motherhood and apple pie'
or statements
 of things that allegedly work.  No gaps are identified - so everything except
 the first sentence
could probably be replaced with:
   Any solutions that are intended to fill in gaps identified in this document
   need to meet this requirement.  At present, it does not appear that using
   existing solutions to support DMM has introduced any new security issues.

s5.8, para 1: s/to enable multicast solutions to be developed/to allow the
development of multicast solutions/

s5.8, para 2: s/insta ces/instances/

s5.9, bullet 1: s/to very narrow use case./to a very narrow use case./

s5.9, bullet 2: s/requires to expose/requires the exposure of/

s5.9, bullet 3: s/allows to dynamically discover/allows the dynamic discovery
of/

s5.9, bullet 5: s/may allow to deploy/may allow the deployment of/

s6: s/encounter same security/encounter the same security/