Kathleen Moriarty has entered the following ballot position for draft-ietf-hip-multihoming-11: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-hip-multihoming/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I'm wondering if split-tunneling should be listed as a security consideration. I see the following in section 4.1 that might be used to help prevent split tunneling: In the outbound direction, as a result of SPD processing, when an outbound SA is selected, the correct IP destination address for the peer must also be assigned. Then also the entirety of section 4.3. I read this as split tunneling could be an issue in some circumstances depending on policy and it might be good to mention this in the security considerations section. Or let me know if I am missing some background that would prevent split tunneling so implementers don't need to be made aware of this consideration. Thanks. _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
