Document: draft-ietf-mipshop-hmipv6-02.txt
Reviewer: John Loughney
Date: 14 september 2004


I would be tempted to place a discuss on this draft, see the Major comments section.
However, this is an experimental protocol, so I'm not sure how strict we should be
on it.  I think this is a useful protocol for the Internet, but it should be experimental.
I think I am most concerned about the security point below.

Major comments:

1) Lots of claims in this document, location privacy, benefits of reduced signaling,
   improvements in performance, etc. - are these really appropriate for an experimental
   draft? I'd probably prefer to see this kind of text softened.
2) I have concerns about the scalability of security arrangements between the MN & MAP.
   How many potential MAPs might a MN need to have a relationship with.
3) How does the MN know that MAP is trustworthy?  What if a MAP is being run by a really
   bad guy, isn't this a new potential man-in-the-middle attack?

General comments:

1) Abstract should say what benefit HMIP brings.  Reading the abstract, I don't
   get any the purpose of HMIP.
2) Should put MN in the terminology section
3) MAP is alternatively called a Node and a Function - which is it?
4) HMIP claims: "Furthermore, HMIPv6 allows mobile nodes to hide their
   location from correspondent nodes and Home Agents while using Mobile
   IPv6 route optimisation." Does it really? I assume that the MN is behind
   the MAP, so the MN is really hidden, but more likely obscured ...
5) Probably want to define MAP domain.
6) Section 3.1. HMIPv6 Operation - might want to put forward section references
   to thinks like MAP discovery, etc.
7) Security Considerations might want to point out that HMIP would suffer if a MAP
   is compromised.  I guess the threat might be more common than if a Home Agent
   is compromised, as there is not a pre-existing relationship 

Nits

1) Some formatting problems in 11. IANA Considerations