Last Call Review of draft-ietf-netlmm-lma-discovery-
review-ietf-netlmm-lma-discovery-secdir-lc-kivinen-2010-10-14-00
Request | Review of | draft-ietf-netlmm-lma-discovery |
---|---|---|
Requested revision | No specific revision (document currently at 08) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2010-10-19 | |
Requested | 2010-10-07 | |
Authors | Jouni Korhonen , Vijay Devarapalli | |
I-D last updated | 2010-10-14 | |
Completed reviews |
Secdir Last Call review of -??
by Tero Kivinen
|
|
Assignment | Reviewer | Tero Kivinen |
State | Completed | |
Request | Last Call review on draft-ietf-netlmm-lma-discovery by Security Area Directorate Assigned | |
Completed | 2010-10-14 |
review-ietf-netlmm-lma-discovery-secdir-lc-kivinen-2010-10-14-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes several different ways how Mobile Access Gateway (MAG) can dynamically discover a Local Mobility Anchor (LMA) for Mobile Node (MN) and recommends the AAA based discovery solutions. The security considerations section warns about the risks about using DNS to obtaining the IP address of the mobility agent, but explains that as MAG and LMA needs to authenticate each other (using IPsec) before PMIPv6 signaling messages are exchanged. The security considerations section seems to be adequate. I have no other comments for this draft. -- kivinen at iki.fi