Document: draft-leung-cisco-mip4-host-config-03.txt  
Reviewer: Elwyn Davies [elwynd@dial.pipex.com]
Review Date:  Tuesday 9/13/2005 12:05 PM CST
Telechat Date:  Thursday 9/15/2005

Summary:  This document needs some additional clarifications as regards association of extensions with registration requests and replies and some stronger security statements as regards data origin authentication.

Review:
--------
I understand that this document is being put forward (with the mipv4 wg's 
blessing) to document existing implementations pending a wg sponsored 
standardisation based on draft-bharatia-mip4-gen-ext-00.txt and this work.

Review:
This document is intended to document a pre-standard vendor implementation of some work which will be shortly be standardized by the mipv4 wg.

The document is generally in good shape but needs a small number of clarifications:
- It should be made explicit which extensions are allowed in registration 
requests and which in registration replies.
- The sub-type fields in s3 should be explicitly stated to contain an 
integer from 0 to 255.
- The Home Network Prefix extension would be better named Home Network 
Prefix Length extension.
- In s3.1: It would be worth stating that other values of the selector are 
reserved... presumably some form of flag word was intended originally but
this is now presumably moot.

Questions about the DHCP Client ID Extension:
- Regarding the summary in s2: If the Client ID is *really* used to obtain the IP address for the mobile node, this can only be done while the node is at home. 
  If the mobile node is booting up on a foreign network it needs to find its IP address by some other means than DHCP.  What is actually implemented here?  Is the home agent to query the DHCP server and obtain the client ID and pass it on? 
  Is the mobile node supposed to know what its Client ID is and pass it through the Home Agent which can use it on behalf of the mobile node?

- In s3.5, it should be made clear if this is expected to be in a registration request or a registration reply (or either).

- [Aside] There has been some discussion in the wg as to what information should be obtained through this sort of request.  Much of it could be obtained through DHCP once the mobile node is told the address of the DHCP server.  And there is no particular need for the home agent to know the DHCP Client ID as far as I can see.

Security: Russ Housely has already commented that stronger words are needed 
regarding data origin authentication.

Editorial:
s3.8: s/atmost/at most/
s5: s/information/informational/