Erik Kline has entered the following ballot position for draft-ietf-homenet-front-end-naming-delegation-25: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-homenet-front-end-naming-delegation/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # Internet AD comments for draft-ietf-homenet-front-end-naming-delegation-25 CC @ekline Re-pasting my previous comments, as the previous ballots were cleared. ## Comments ### S6.3 * Consider adding a forward reference to S6.6 at the of the last paragraph, just to say that the DM authenticates the HNA using a mechanism that has nothing to do with its (continuously changing) IP address(es). ### S6.5 * This says the authentication of the control channel SHOULD be based on certificates, but S6.6 seems to be saying that certificates are a MUST. Perhaps I'm just misunderstanding something. The language in S6.6 seems much more preferable. ### S10 * A weakness of this IPv6 ACL scheme would seem to be that it can be very hard for the ISP to know precisely *which* device within the access link address space (or delegated prefix address space) should be trusted to act as the HNA. Can any device in the home, or with access to the GUAs on the access link (assuming it's numbered), start being an HNA? The dhc-options draft seems to suggest that the HNA needs to have the requisite credentials for mutual TLS. If that's actually REQUIRED then that seems strong enough, and also worth mentioning here. ## Nits ### S6.1 * "The HNA then perhaps and DNS Update operation to the DOI" -> "The HNA then performs a DNS Update operation to the DOI" ### S9 * "differs the regular" -> "differs from the regular" _______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
