RE: [Mip4] Working Group Last Call fordraft-ietf-mip4-mobike-connectivity-00

["Yaron Sheffer" <yaronf at checkpoint.com>]

Dear WG participants,

I support the advancement of this document, with the following comments:

- Bottom of Sec. 1: Passing large amounts of enterprise traffic through the
DMZ should be avoided, not just from traffic engineering and performance
reasons but also from security reasons.

- Address allocation is somewhat unclear. At the top of Sec. 3, "the mobile
node is configured with a home address". While in Sec. 3.2 it is allocated
an address an uses it as a CCoA (which is also more likely).

- 3.3: Why should the MN send a RR when it changes its VPN gateway, if the
TIA is unchanged? There's no way the HA can use this information.

- Sec. 3.4 should point out explicitly that normal traffic MUST NOT be sent
out when moving into a new subnet until the process of determining
location/security is complete.

- Please mention that a customized integrated IPsec+MIP implementation is
required, e.g. so that the MN can force-send RR in the clear, bypassing the
usual IPsec processing.

- I would like to reiterate my conviction that having 3 different ways (or 3
drafts and maybe 4 ways) of mixing IPsec and MIP is anything but a clear
direction for the market. 

Thanks,
	Yaron

-----Original Message-----
From: Pete McCann [mailto:mccap at lucent.com] 
Sent: Friday, April 14, 2006 20:25
To: Mobile IPv4 Mailing List
Subject: [Mip4] Working Group Last Call
fordraft-ietf-mip4-mobike-connectivity-00

This message announces a WG last call on:

  "Secure Connectivity and Mobility using Mobile IPv4 and MOBIKE"
  - draft-ietf-mip4-mobike-connectivity-00

The last call will conclude at 24:00 UTC on Friday, 28 April 2006.

draft-ietf-mip4-mobike-connectivity-00 describes the use of IKEv2 and 
MOBIKE in conjunction with Mobile IPv4 to offer secure connectivity to a 
protected network along with mobility.

A URL for this Internet-Draft is:

<http://www.ietf.org/internet-drafts/draft-ietf-mip4-mobike-connectivity-00.
txt>


Please respond to this WG last call:

* If you have no comments on the draft, and support its advancement,
   simply respond with a line containing something like

    "I support the advancement of this document to the IESG with a
     request for publication as proposed standard."

   If you have comments, please use a line similar to the one above, and
   supplement this with your comments.


* If you *don't* support its advancement, respond with a line containing
   something like the following, supplemented by your comments -

    "I don't support the advancement of this document to the IESG with
     a request for publication as proposed standard, for the following
     reasons:"
    ...


     Pete & Henrik




-- 
Mip4 mailing list: Mip4 at ietf.org
    Web interface: https://www1.ietf.org/mailman/listinfo/mip4
     Charter page: http://www.ietf.org/html.charters/mip4-charter.html
Supplemental site: http://www.mip4.org/