[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: draft-ietf-ccamp-lmp

To: "Ccamp-wg (E-mail)" <ccamp@ops.ietf.org>
Subject: FW: draft-ietf-ccamp-lmp
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Tue, 30 Sep 2003 11:01:12 +0200
Cc: "Steve Bellovin (E-mail)" <smb@research.att.com>

I think it is important that the whole ccamp list sees this.
If there are people who want to help Jonathan formulating an
answer and possible updates to the draft, please do so!

Thanks,
Bert 

-----Original Message-----
From: Steven M. Bellovin [mailto:smb@research.att.com]
Sent: maandag 29 september 2003 20:26
To: Wijnen, Bert (Bert)
Cc: 'Jonathan Lang'
Subject: Re: draft-ietf-ccamp-lmp 

In message <7D5D48D2CAA3D84C813F5B154F43B15502331618@nl0006exch001u.nl.lucent.c
om>, "Wijnen, Bert (Bert)" writes:
>> >Steve, to be fair to Jonathan and the WG, I do think that
>> >this is taking too long now. PLEASE ?
>> >
>> 
>> Sorry, I'd meant to send you this on Friday.
>> 
>> I've been unable to get much input from the security directorate on my 
>> main complaint, but that's a problem I'll have to deal with. I did get 
>> a few comparatively minor issues, which I'll write up and forward to 
>> you in the next day or two.  They'll likely require a new I-D to 
>> clarify a few points, but (I believe) nothing substantive; it's just 
>> that there are too many to make an RFC Editor's note practical.
>> 
>Steve, pls make sure your comment are against the latest revision,
>draft-ietf-ccamp-lmp-09.txt

After checking the comments I received against the latest version, I'm  
more confused than ever, since some of them don't seem to apply to any 
version of the document...  That said, there are two comments that do 
seem to apply:

   The document does not spell out the foundation for trust, and this
   makes it difficult to understand what problem is being solved.  Why
   does one need authentication of the IP address?  Why would one use
   identity protection in this scenario?  And why not simply use one IKE
   pathway as a MUST and be done with it (e.g. aggressive mode digital
   signature)?  IKE's flexibility is there to support various usage
   scenarios, and this seems like an ideal situation to say, "we know the
   scenario and we don't need flexibility."  Nail it down.

and

   I admit the following completely defeats me:

      All LMP messages are expected to be sent over the IPsec tunnel.
      However, all LMP messages should be sent through the IPsec tunnel,
      which will have been established earlier or on an as-needed basis.

   "over" vs. "through"?  "However" as opposed to what?

I'm still unhappy about using port number zero, but I'll let that pass.

		--Steve Bellovin, http://www.research.att.com/~smb

Prev by Date: Upgrade of a classical Transport network to a GMPLS one
Next by Date: RE: FW: draft-ietf-ccamp-lmp
Previous by thread: Upgrade of a classical Transport network to a GMPLS one
Next by thread: RE: FW: draft-ietf-ccamp-lmp
Index(es):
- Date
- Thread