[Mip6-firewall] update firewall drafts

Suresh Krishnan suresh.krishnan at ericsson.com
Thu Apr 17 08:26:49 EDT 2008 

Hi Qiu,
  I had already updated the drafts and sent them to the firewall design
team list yesterday for review before submission. I am not sure why you
are sending this mail to the mext list since this is what the firewall
team list is for? Take a look at the drafts that I send out and let me
know what you think.

Thanks
Suresh 

-----Original Message-----
From: QIU Ying [mailto:qiuying at i2r.a-star.edu.sg] 
Sent: April-17-08 7:26 AM
To: Suresh Krishnan; marcelo bagnulo; Julien Laganier; mext
Subject: update firewall drafts

Hi, folks

It seems it is time to update the firewall drafts. My suggestions is
below:

Regarding vendor draft:
I agree with Henrik comments: the time out of 420 seconds (7 minutes) is
too long for the binging update signal processing. The pinholes for the
mobility head type 1~6 (HoTI/HoT, CoTI/CoT, BU/BA) are no longer
necessary when they get the return messages (HoT, CoT, BA),
respectively. So 30 seconds should be enough. But as for the pinhole for
data packets, it is necessary to associate its lifetime to the ones of a
binding cache entry.  Hence, the last sentence in section 4 could move
to the end of section 5.

Regarding admin draft:
The section 4.2 and 6.3 are talking about IKE negotiation. It is the
generic security issue. So these sections could be removed from the
document.

Section 5.5 deals with the tunneled issue between 2 fixed IP addresses
(HA and CN). So it should be removed, too.

There are some minor editor errors in the draft:
In section 6.2, please change the sentence "described in section 5.1" to
"described in section 4.1"
In Figure 1, please change "Home Agent of A" to "Home Agent".
In figure 2, please change "CN C" to "CN".

Regards
Qiu Ying


------------ Institute For Infocomm Research - Disclaimer
-------------This email is confidential and may be privileged.  If you
are not the intended recipient, please delete it and notify us
immediately. Please do not copy or use it for any purpose, or disclose
its contents to any other person. Thank
you.--------------------------------------------------------

More information about the Mip6-firewall mailing list