[Mipshop] Re: AD review of draft-ietf-mipshop-handover-key
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Mipshop] Re: AD review of draft-ietf-mipshop-handover-key

James,

> jak>> If this is not clear from the current text, then perhaps you can
> suggest a place where some additional text could be added to clarify?

Ok, I was merely confused about this. Let me go read the text again,
moment...

OLD:
     The mechanism utilizes SEND [SEND] and a public/private
     key pair, generated on the MN using the same public key algorithm
     as SEND, to encrypt/decrypt a shared handover key sent from the AR
     to the MN.
NEW:
     The mechanism utilizes SEND [SEND] and an additional public/private
     key pair, generated on the MN using the same public key algorithm
     as SEND, to encrypt/decrypt a shared handover key sent from the AR
     to the MN.

OLD:
    The message exchange between the MN and AR
     to provision the handover key is required to be protected by SEND;
     that is, the source address for the key provisioning messages must
     be a CGA and the messages must be signed with the CGA private key.
     This allows the AR to establish the MN's authorization to operate
     on the CGA. The AR uses the CGA to name the handover key.
NEW:
    The message exchange between the MN and AR
     to provision the handover key is required to be protected by SEND;
     that is, the source address for the key provisioning messages must
     be a CGA and the messages must be signed with the CGA private key.
     This allows the AR to establish the MN's authorization to operate
     on the CGA. The AR uses the CGA to name the handover key.
     The SEND key pair is, however, independent from the handover
     encryption/decryption key pair and the actual handover key.

OLD:
  The MN
  generates a public/private key pair for encrypting/decrypting the
  shared handover key, using the same public key algorithm as SEND.
NEW:
  First, the MN generates the necessary key pair and associated CGA
  addresses so that the MN can employ SEND. Then the MN
  generates a public/private key pair for encrypting/decrypting the
  shared handover key, using the same public key algorithm as was
  used for SEND.

Finally, I noticed that the acronym CGA needs expansion in the
the abstract.

Is this enough for you to work for a new draft revision? How soon
can you get it submitted?

Jari



_______________________________________________
Mipshop mailing list
Mipshop at ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.