I have one question on sec 5.4 before I enter a comment...
On 09/12/2016 03:28 PM, Mirja Kuehlewind wrote:
5) section 5.4: How long will an address be in UNVERIFIED state in case
the verification is not successful (no reply). Is there a timer? How
often will the peer retry the verification test? How long does the peer
wait until resending the verification packet?
It took me a couple readings of 5.4 to THINK I understand fig 7.
I THINK this occurs after Mobile Host has sent its HIP UPDATE with the
new locator information.
I believe the implication of this figure is that the stationary node
(peer host) sends its address validation HIP UPDATE and instead of
receiving the HIP UPDATE with ACK, it receives actual data which it may
interpret as the ACK.
So I have two points.
First does this only apply when there are new SPI? What about a move
with no SPI changes?
Second, the actual figure should include the original HIP UPDATE from
Mobile Host to make it clear the nature of the mobility.
Sorry for the late review of this draft.
I can submit an official comment if others think my questions raise
clarity issues.
Bob
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
