| Main Archive Page > Month Archives > ipsec archives |
Re: [IPsec] WG last call: draft-ietf-ipsecme-esp-null-heuristics-01
From: Tero Kivinen <kivinen_at_nospam>Date: Tue Sep 22 2009 - 10:47:03 GMT
To: Scott C Moonen <smoonen@us.ibm.com>
Scott C Moonen writes:
> - Is Section 1.2 necessary? None of these terms are used in this fashion
> in this document.
True. Removed.
> - page 8, "sees an new" => "sees a new"
> - page 8, "in the Section 8" => "in Section 8"
Fixed.
> - page 12, excessive space in "i.e. UDP encapsulated"; perhaps replace
> with comma.
xml2rfc seems to want to put it there, but that is something that can be fixed in the final RFC editing phase.
> - page 16, "with a new SA which needs heuristics" => "produces a new SA
> which needs heuristics and will benefit from the existing flows".
Fixed.
> - page 21, "things what needs" => "things that need"
> - page 21, suggest "optimize things" => "optimize steps", just to reduce
> repetition
> - page 21, "For example implementation" => "For example, implementations"
Fixed.
> - page 25, I believe that DES-MAC has a 64-bit ICV (FIPS 113) and KPDK has
> a 128-bit ICV (RFC 1828).
RFC4306 does not give reference to AUTH_DES_MAC, and the AUTH_KPDK_MD5 reference is to RFC1826 whic does not define it. I do not want to put those there as both of them are actually quite unsecure and should not be used anyways.
Changed to: // AUTH_DES_MAC and AUTH_KPDK_MD5 are left out from // this document.
> - page 30, for tunnel mode checks it might be worth just mentioning that
> tunnel mode is inferred by protocol 4 for IPv4 and protocol 41 for IPv6.
Changed it to be: // Tunnel mode checks (protocol 4 for IPv4 and protocol 41 for // IPv6) is also left out from here to make the document shorter. -- kivinen@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec