Last Call Review of draft-ietf-hip-rfc5202-bis-05
review-ietf-hip-rfc5202-bis-05-secdir-lc-emery-2014-06-26-00

Request Review of draft-ietf-hip-rfc5202-bis
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-06-24
Requested 2014-05-30
Other Reviews Genart Last Call review of -05 by Vijay Gurbani (diff)
Review State Completed
Reviewer Shawn Emery
Review review-ietf-hip-rfc5202-bis-05-secdir-lc-emery-2014-06-26
Posted at https://www.ietf.org/mail-archive/web/secdir/current/msg04863.html
Reviewed rev. 05 (document currently at 07)
Review result Ready
Draft last updated 2014-06-26
Review completed: 2014-06-26

Review
review-ietf-hip-rfc5202-bis-05-secdir-lc-emery-2014-06-26












I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This standards track draft is intended to obsolete RFC 5202.  5202-bis
describes Host Identity Protocol (HIP) extensions which uses the Encapsulated
Security Payload (ESP) mechanism for the exchange of user data.

The security considerations section does exist and defers to ESP's (RFC 4303)
security considerations.  The section goes on to describe the security features
of the draft, but does not provide insight to what attacks are possible and how
the protocol extensions does or does not mitigate against said attacks.

General comments:

It would be easier to discern differences between the original RFC and bis
update if there was a section that described these changes.  This would be
beneficial to reviewers, such as myself, and implementers alike.

Editorial comments:

None.

Shawn.
--