Last Call Review of draft-ietf-hip-rfc5202-bis-05
review-ietf-hip-rfc5202-bis-05-secdir-lc-emery-2014-06-26-00

Request Review of draft-ietf-hip-rfc5202-bis
Requested revision No specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-06-24
Requested 2014-05-30
Authors Petri Jokela , Robert Moskowitz , Jan Melen
I-D last updated 2014-06-26
Completed reviews Genart Last Call review of -05 by Vijay K. Gurbani (diff)
Secdir Last Call review of -05 by Shawn M Emery (diff)
Assignment Reviewer Shawn M Emery
State Completed
Request Last Call review on draft-ietf-hip-rfc5202-bis by Security Area Directorate Assigned
Reviewed revision 05 (document currently at 07)
Result Ready
Completed 2014-06-26
review-ietf-hip-rfc5202-bis-05-secdir-lc-emery-2014-06-26-00











I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This standards track draft is intended to obsolete RFC 5202.  5202-bis
describes Host Identity Protocol (HIP) extensions which uses the Encapsulated
Security Payload (ESP) mechanism for the exchange of user data.

The security considerations section does exist and defers to ESP's (RFC 4303)
security considerations.  The section goes on to describe the security features
of the draft, but does not provide insight to what attacks are possible and how
the protocol extensions does or does not mitigate against said attacks.

General comments:

It would be easier to discern differences between the original RFC and bis
update if there was a section that described these changes.  This would be
beneficial to reviewers, such as myself, and implementers alike.

Editorial comments:

None.

Shawn.
--