[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-mobileip-reg-revok - Registration Revocation in Mobile IPv4 to Proposed Standard
- To: IESG Secretary <iesg-secretary@ietf.org>
- Subject: Re: Evaluation: draft-ietf-mobileip-reg-revok - Registration Revocation in Mobile IPv4 to Proposed Standard
- From: "Steven M. Bellovin" <smb@research.att.com>
- Date: Wed, 02 Apr 2003 23:02:40 -0500
- Cc: Internet Engineering Steering Group <iesg@ietf.org>
In message <200303290212.VAA28931@ietf.org>, IESG Secretary writes:
>
>Last Call to expire on: 2003-3-7
>
> Please return the full line with your position.
>
> Yes No-Objection Discuss * Abstain
>
>
>Steve Bellovin [ ] [ ] [ x ] [ ]
3.2: Is there some reason why the "I|M|Reserved" field doesn't come
before the timestamp? That would permit the timestamp to be aligned.
(Or is that not helpful for this sort of TLV?)
3.5: Delete the phrase "man-in-the-middle" attack -- these aren't.
They're "active attacks".
7.2 is not clear enough on what the mandatory-to-implement security is.
It says
Revocation messages
defined in this document which are passed between home and foreign
agents in the revocation process MUST be protected by either the same
foreign-home authenticators defined in [1], or another authentication
mechanism at least as secure and agreed upon by the end agents, e.g.,
IPSec and IKE.
That's not acceptable. Apart from the question of how a home and a
foreign agent "agree" upon another mechanism, it doesn't mandate
support for [1]'s mechanism (or some other strong-enough mechanism).
(Earlier comments about MITM attacks apply here, too.)
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)