Re: [Mipshop] Re: AD review of draft-ietf-mipshop-handover-key
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Mipshop] Re: AD review of draft-ietf-mipshop-handover-key

James Kempf wrote: 
Yes, that's fine.

I'll have the revisions completed by Fri. Do you want me to resubmit through the RFC Editor in the usual way, 

You mean the IETF secretariat. :)

and bump the version number up? 

Yes.

Vijay


           jak

----- Original Message ----- From: "Jari Arkko" <jari.arkko at piuha.net>
To: "James Kempf" <kempf at docomolabs-usa.com>
Cc: <draft-ietf-mipshop-handover-key at tools.ietf.org>; "Mipshop" <mipshop at ietf.org>
Sent: Monday, October 29, 2007 1:48 PM
Subject: Re: AD review of draft-ietf-mipshop-handover-key


James,

jak>> If this is not clear from the current text, then perhaps you can
suggest a place where some additional text could be added to clarify?


Ok, I was merely confused about this. Let me go read the text again,
moment...

OLD:
    The mechanism utilizes SEND [SEND] and a public/private
    key pair, generated on the MN using the same public key algorithm
    as SEND, to encrypt/decrypt a shared handover key sent from the AR
    to the MN.
NEW:
    The mechanism utilizes SEND [SEND] and an additional public/private
    key pair, generated on the MN using the same public key algorithm
    as SEND, to encrypt/decrypt a shared handover key sent from the AR
    to the MN.

OLD:
   The message exchange between the MN and AR
    to provision the handover key is required to be protected by SEND;
    that is, the source address for the key provisioning messages must
    be a CGA and the messages must be signed with the CGA private key.
    This allows the AR to establish the MN's authorization to operate
    on the CGA. The AR uses the CGA to name the handover key.
NEW:
   The message exchange between the MN and AR
    to provision the handover key is required to be protected by SEND;
    that is, the source address for the key provisioning messages must
    be a CGA and the messages must be signed with the CGA private key.
    This allows the AR to establish the MN's authorization to operate
    on the CGA. The AR uses the CGA to name the handover key.
    The SEND key pair is, however, independent from the handover
    encryption/decryption key pair and the actual handover key.

OLD:
 The MN
 generates a public/private key pair for encrypting/decrypting the
 shared handover key, using the same public key algorithm as SEND.
NEW:
 First, the MN generates the necessary key pair and associated CGA
 addresses so that the MN can employ SEND. Then the MN
 generates a public/private key pair for encrypting/decrypting the
 shared handover key, using the same public key algorithm as was
 used for SEND.

Finally, I noticed that the acronym CGA needs expansion in the
the abstract.

Is this enough for you to work for a new draft revision? How soon
can you get it submitted?

Jari





_______________________________________________
Mipshop mailing list
Mipshop at ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop




_______________________________________________
Mipshop mailing list
Mipshop at ietf.org
https://www1.ietf.org/mailman/listinfo/mipshop



Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.