Hi all,
We've updated the HMIPsec draft according to comments
we've received last week.
Main changes include authentication of the DH exchange,
clarification of the
assumptions behind the proposal and the security
considerations section.
Note that many comments claimed that a compromised AR can
break the security
in the suggested proposal. We'd like to mention *again*
that such scenario
has worse consequences which go far beyond this proposal.
The draft assumes
that the routing infrastructure is secure and can be
trusted.
The new version has been submitted to the IETF and is also
available on:
http://www.employees.org/~su
reshk/drafts/draft-haddad-mipshop-hmipv6-security-06.txt
Your comments are highly appreciated to make sure that
remaining issues
and concerns have been addressed.
Regards,
Wassim H.
_______________________________________________
Mipshop mailing list
Mipshop ietf.org
https:
//www1.ietf.org/mailman/listinfo/mipshop
|