[Mip4] Re: draft-vaarala-mip4-optudp-00

[sami.vaarala at iki.fi]

Hi, 
> In section 2.3, Optimized UDP Tunnel Reply Extension, I think it would
> be good to have an explicit flag to indicate acceptance or rejection of
> [...]
> optimization possibilities, it would be nice if a HA could indicate that
> Yes, it understands optimization, but No, it won't accept the particular
> one proposed in the RRQ.
I agree.  So we'd either need to have (a) a flags field (perhaps in
both RRQ and RRP extensions) or (b) a reply code field.  We added a
reply code in the NAT reply, but only needed a single error code after
all.  Which do you prefer?  (I'd rather go with the flag.) 
> In section 5, Security Considerations, it is not immediately obvious to
> me what you mean when you say the "inner" IPv4 header can be easily
> tampered with - in the optimized case there is no inner IPv4 header, no?
Right, that's just bad wording.  The intent is to say that in normal
MIPv4 one can easily tamper with the inner header, i.e. the one which
results after decapsulation.  Similarly here, by tampering with the
"outer" (the only) IP header, you can tamper with the "inner" header,
i.e. the one resulting after decapsulation. 
Best, 
-Sami 
--
Mip4 mailing list
Mip4@ietf.org
https://www.ietf.org/mailman/listinfo/mip4