Document: draft-ietf-mip6-auth-protocol-04.txt
Reviewer: Joel M. Halpern
Date: 27 februari 2005 

This draft is basically ready for publication, but has nits that
should be fixed before publication. 

At least, I think they are merely nits in need of explanation. 

1) The document describes two authentication options, one for use
   between the MN and the HA, and one for use between the MN and the
   home AAA.  (Presumably, the later is for situations where the HA
   assignment is more dynamic.)  The text explicitly states that even
   if just the MN-AAAH option is used in the binding update, the
   acknowledgement must use the MN-HA option.  The text then indicates
   that AaA-HA interactions are out of scope.  However, there are
   clearly some requirements that must be met by the AAA
   infrastructure and the HA-AAA interaction in order to support this
   option.  It seem to me that these requirements / expectations (I am
   guessing that AAAH hands the HA the key to use) ought to be spelled
   out. 

2) There is an inconsistency in algorithm selection.  The MN-HA
   authentication option specifically says that HMAC-SHA1 shall be
   used, with no provision for alternatives.  That would be fine on
   its own.  However, the MN-AAAH authentication option states that
   HMAC-SHA1 is only mandated for one specific SPI and states that
   other hash algorithms may be used.  There may be a good reason for
   this inconsistency.  But if so it should be stated.