[IPsec] Gen-ART review of draft-ietf-ipsecme-traffic-visibility-09

From: McCann Peter-A001034 <pete.mccann_at_nospam>
Date: Thu Oct 29 2009 - 18:53:10 GMT
To: <gen-art@ietf.org>, <draft-ietf-ipsecme-traffic-visibility.all@tools.ietf.org>

I have been selected as the General Area Review Team (Gen-ART) reviewer for this draft (for background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html <http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html> ).

Please resolve these comments along with any other Last Call comments you may receive.

Document: draft-ietf-ipsecme-traffic-visibility-09 Reviewer: Pete McCann
Review Date: 2009-10-29
IETF LC End Date: 2009-10-28
IESG Telechat date: unknown

Summary: One minor issue to discuss

Major issues: none

Minor issues:

Section 2:

As can be seen, the WESP format extends the standard ESP header by the first 4 octets for IPv4 and by 8 octets for IPv6. The WESP header is integrity protected, along with all the fields specified for ESP in RFC 4303.
Normally ESP wouldn't need to process encapsulation headers that appear prior to the SPI. Won't this require modification of the ESP implementation, possibly breaking its modularity? Would it be problematic for certain algorithms to include this data? It might be good to state that.

Nits/editorial comments: none

IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

This message: [ Message body ]
Next message: Russ Housley: "Re: [IPsec] #118: Reference for PKCS #7"
Previous message: Tero Kivinen: "[IPsec] #120: CA indication with cert req - allowed types"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]