> >>>> > >>>> -- S7.2, paragraph 2: "Since some mobility entities, e.g., local > >>>> mobility anchor and mobile access gateway, are allowed > to receive > >>>> and possibly send a Binding Revocation Indication or Binding > >>>> Revocation Acknowledgement for different cases, > therefore, if IPsec > >>>> is used to secure signaling between the local mobility > anchor and > >>>> mobile access gateway, it prevents any of them from processing a > >>>> Binding Revocation message that was not constructed by an > >>>> authorized party." > >>>> > >>>> I have trouble parsing this sentence. > >> > >> (You did not respond to this one.) > > > > [Ahmad] > > We basically wanted to say that since the MAG and LMA are > both allowed > > to send BRI and receive BRA, IPsec will enable the peer to > detect if a > > man in the middle, for example, reflected a BRI message that it has > > initiated back to the peer and consequently silently drop that BRI > > message. In the broader sense, we wanted to say that IPsec > enables any > > of the peers to detect if the received BRI is coming from an > > unauthorized party and consequently ignore without processing it. > > > > I hope we got it right:) > > I think if you replace the ".. allowed > to receive and possibly send a Binding Revocation Indication > or Binding Revocation Acknowledgement for different cases" > with "...allowed to send BRI and receive BRA", it would be > easier to read. [Ahmad] Sure, makes sense. Thanks again for all the comments. Hopefully will get a new revision before the end of the week. Regards, Ahmad _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf