Re: [MEXT] draft-arkko-mext-rfc3775-altcoa-check-00.txt

[Sri Gundavelli <sgundave at cisco.com>]

Hi Jari,

For seperating the control and data plane, there are some folks
who are thinking of using Alt-CoA option to carry a different
address than what is in the source address of the field. There
seem to be some proposals in WiMAX, applying PMIP and with the
functional split of MAG, using this option for registering the
tunnel endpoint which is on a different entity. That wont work
with this new restriction. Not sure, if we can control this
enforcement using a config option. Personally, I dont have any
issue with this change.

Regards
Sri


On Mon, 18 Feb 2008, Jari Arkko wrote:

> Hi all,
>
> I have posted a draft that suggests a modification of the rules
> regarding Alternate Care-of Address checking. The rationale for the
> change is in the draft -- it is something that came up during the
> interim; there are closed networks that apply Mobile IPv6 and ingress
> filtering, and it would be useful in those networks to be able to be
> strict about what addresses the option can contain.
>
> The big question is if something today relies on the option value being
> able to differ from the source IP address. The draft talks about this as
> well and preliminarily I do not see a problem. But I would appreciate
> discussion on this.
>
> Jari
>
>> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>>
>> 	Title           : Verifying Correctness of Alternate Care-of Address Option
>> 	Author(s)       : J. Arkko
>> 	Filename        : draft-arkko-mext-rfc3775-altcoa-check-00.txt
>> 	Pages           : 6
>> 	Date            : 2008-02-18
>>
>> This document revises the RFC 3775 rules on how Alternate Care-of
>> Address option is processed.  Alternate Care-of Address option is
>> used to carry the current care-of address inside a Mobility Header
>> message.  This is used in addition to the source address in the
>> packet in order to ensure that the care-of address is protected by
>> IPsec ESP, the security mechanism that protects Mobility Header
>> messages.  Unfortunately, RFC 3775 did not require verification that
>> the source address and care-of address are the same.  This document
>> adds that requirement.
>>
>> A URL for this Internet-Draft is:
>> http://www.ietf.org/internet-drafts/draft-arkko-mext-rfc3775-altcoa-check-00.txt
>>
>
> _______________________________________________
> MEXT mailing list
> MEXT at ietf.org
> http://www.ietf.org/mailman/listinfo/mext
>
_______________________________________________
MEXT mailing list
MEXT at ietf.org
http://www.ietf.org/mailman/listinfo/mext