Telechat Review of draft-ietf-tcpinc-tcpcrypt-10

Request Review of draft-ietf-tcpinc-tcpcrypt
Requested rev. no specific revision (document currently at 15)
Type Telechat Review
Team Ops Directorate (opsdir)
Deadline 2017-11-28
Requested 2017-10-25
Authors Andrea Bittau, Daniel Giffin, Mark Handley, David Mazieres, Quinn Slack, Eric Smith
Draft last updated 2017-12-19
Completed reviews Rtgdir Telechat review of -07 by John Drake (diff)
Opsdir Last Call review of -07 by Zitao Wang (diff)
Secdir Last Call review of -07 by Stephen Kent (diff)
Genart Last Call review of -07 by Dale Worley (diff)
Secdir Telechat review of -09 by Barry Leiba (diff)
Secdir Telechat review of -10 by Barry Leiba (diff)
Opsdir Telechat review of -10 by Zitao Wang (diff)
Genart Telechat review of -10 by Dale Worley (diff)
Assignment Reviewer Zitao Wang 
State Completed
Review review-ietf-tcpinc-tcpcrypt-10-opsdir-telechat-wang-2017-12-19
Reviewed rev. 10 (document currently at 15)
Review result Ready
Review completed: 2017-12-19


Reviewer: Zitao WANG

Review result: Ready

I have reviewed draft-ietf-tcpinc-tcpcrypt-10 as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.
Document editors and WG chairs should treat these comments just like any other last call comments.


"This document specifies tcpcrypt, a TCP encryption protocol designed for use in conjunction with the TCP Encryption Negotiation Option (TCP-ENO).  Tcpcrypt coexists with middleboxes by tolerating resegmentation, NATs, and other manipulations of the TCP header.  The protocol is self-contained and specifically tailored to TCP implementations, which often reside in kernels or other environments in which large external software dependencies can be undesirable. Because the size of TCP options is limited, the protocol requires one additional one-way message latency to perform key exchange before application data may be transmitted.  However, this cost can be avoided between two hosts that have recently established a previous tcpcrypt connection. "


My overall view of the document is 'Ready' for publication.