Last Call Review of draft-ietf-hip-rfc5202-bis-05
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.
This standards track draft is intended to obsolete RFC 5202. 5202-bis
describes Host Identity Protocol (HIP) extensions which uses the Encapsulated
Security Payload (ESP) mechanism for the exchange of user data.
The security considerations section does exist and defers to ESP's (RFC 4303)
security considerations. The section goes on to describe the security features
of the draft, but does not provide insight to what attacks are possible and how
the protocol extensions does or does not mitigate against said attacks.
It would be easier to discern differences between the original RFC and bis
update if there was a section that described these changes. This would be
beneficial to reviewers, such as myself, and implementers alike.