Generic Raw Public-Key Support for IKEv2
draft-kivinen-ipsecme-oob-pubkey-14

Note: This ballot was opened for revision 12 and is now closed.

Alvaro Retana No Objection

(Kathleen Moriarty; former steering group member) Yes

Yes ( for -12)
No email
send info

(Stephen Farrell; former steering group member) Yes

Yes (2015-10-12 for -13)
No email
send info
- Good stuff, we must remember to define this for eddsa.

- intro and security considerations: "Secure DNS" might be 
better as DNSSEC (Sorry if this is the reverse of some comment
you've previously processed.)

(Alia Atlas; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Barry Leiba; former steering group member) No Objection

No Objection (2015-10-13 for -13)
No email
send info
In addition to Spencer's comment, which I agree with, I have some minor editorial comments about the abstract:

   The Internet Key Exchange Version 2 (IKEv2) protocol only supports
   RSA for raw public keys.

As written, this sounds like it means that the only time IKEv2 supports RSA is when you're using raw public keys.  What you actually mean is that when you're using raw public keys, only RSA is supported.  You should re-word it, perhaps like this:

NEW
   When using raw public keys in the Internet Key Exchange Version 2
   (IKEv2) protocol, only RSA keys are supported.
END

   This document updates RFC 7296

You're missing a "." here, but I suggest that you just roll this into the last sentence of the first paragraph instead:

NEW
   This document updates RFC 7296, adding support for other
   types of raw public keys to IKEv2.
END

(Ben Campbell; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Benoît Claise; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Brian Haberman; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Deborah Brungard; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Jari Arkko; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Joel Jaeggli; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Martin Stiemerling; former steering group member) No Objection

No Objection ( for -13)
No email
send info

(Spencer Dawkins; former steering group member) No Objection

No Objection (2015-10-13 for -13)
No email
send info
A minimal-value-added comment follows, so I apologize in advance ...

Would a better title for this document be "Algorithm-agnostic Raw Public Keys for IKEv2"?

At a minimum, "More *Types of* Raw Public Keys for IKEv2" seems more accurate. I'm not a SEC guy, but I'm reading "more keys" as "more key values", and I'm pretty sure that's wrong.

(Terry Manderson; former steering group member) No Objection

No Objection ( for -13)
No email
send info