Generic Raw Public-Key Support for IKEv2
draft-kivinen-ipsecme-oob-pubkey-14
Yes
(Kathleen Moriarty)
No Objection
(Alia Atlas)
(Alvaro Retana)
(Ben Campbell)
(Benoît Claise)
(Brian Haberman)
(Deborah Brungard)
(Jari Arkko)
(Joel Jaeggli)
(Martin Stiemerling)
(Terry Manderson)
Note: This ballot was opened for revision 12 and is now closed.
Kathleen Moriarty Former IESG member
Yes
Yes
(for -12)
Unknown
Stephen Farrell Former IESG member
Yes
Yes
(2015-10-12 for -13)
Unknown
- Good stuff, we must remember to define this for eddsa. - intro and security considerations: "Secure DNS" might be better as DNSSEC (Sorry if this is the reverse of some comment you've previously processed.)
Alia Atlas Former IESG member
No Objection
No Objection
(for -13)
Unknown
Alvaro Retana Former IESG member
No Objection
No Objection
(for -13)
Unknown
Barry Leiba Former IESG member
No Objection
No Objection
(2015-10-13 for -13)
Unknown
In addition to Spencer's comment, which I agree with, I have some minor editorial comments about the abstract: The Internet Key Exchange Version 2 (IKEv2) protocol only supports RSA for raw public keys. As written, this sounds like it means that the only time IKEv2 supports RSA is when you're using raw public keys. What you actually mean is that when you're using raw public keys, only RSA is supported. You should re-word it, perhaps like this: NEW When using raw public keys in the Internet Key Exchange Version 2 (IKEv2) protocol, only RSA keys are supported. END This document updates RFC 7296 You're missing a "." here, but I suggest that you just roll this into the last sentence of the first paragraph instead: NEW This document updates RFC 7296, adding support for other types of raw public keys to IKEv2. END
Ben Campbell Former IESG member
No Objection
No Objection
(for -13)
Unknown
Benoît Claise Former IESG member
No Objection
No Objection
(for -13)
Unknown
Brian Haberman Former IESG member
No Objection
No Objection
(for -13)
Unknown
Deborah Brungard Former IESG member
No Objection
No Objection
(for -13)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -13)
Unknown
Joel Jaeggli Former IESG member
No Objection
No Objection
(for -13)
Unknown
Martin Stiemerling Former IESG member
No Objection
No Objection
(for -13)
Unknown
Spencer Dawkins Former IESG member
No Objection
No Objection
(2015-10-13 for -13)
Unknown
A minimal-value-added comment follows, so I apologize in advance ... Would a better title for this document be "Algorithm-agnostic Raw Public Keys for IKEv2"? At a minimum, "More *Types of* Raw Public Keys for IKEv2" seems more accurate. I'm not a SEC guy, but I'm reading "more keys" as "more key values", and I'm pretty sure that's wrong.
Terry Manderson Former IESG member
No Objection
No Objection
(for -13)
Unknown