Last Call Review of draft-ietf-netlmm-lma-discovery-
review-ietf-netlmm-lma-discovery-secdir-lc-kivinen-2010-10-14-00

Request Review of draft-ietf-netlmm-lma-discovery
Requested rev. no specific revision (document currently at 08)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-10-19
Requested 2010-10-07
Other Reviews
Review State Completed
Reviewer Tero Kivinen
Review review-ietf-netlmm-lma-discovery-secdir-lc-kivinen-2010-10-14
Posted at http://www.ietf.org/mail-archive/web/secdir/current/msg02093.html
Draft last updated 2010-10-14
Review completed: 2010-10-14

Review
review-ietf-netlmm-lma-discovery-secdir-lc-kivinen-2010-10-14

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This document describes several different ways how Mobile Access
Gateway (MAG) can dynamically discover a Local Mobility Anchor (LMA)
for Mobile Node (MN) and recommends the AAA based discovery solutions.

The security considerations section warns about the risks about using
DNS to obtaining the IP address of the mobility agent, but explains
that as MAG and LMA needs to authenticate each other (using IPsec)
before PMIPv6 signaling messages are exchanged.

The security considerations section seems to be adequate. I have no
other comments for this draft.
-- 
kivinen at iki.fi