Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)
RFC 5926

Note: This ballot was opened for revision 03 and is now closed.

(Lars Eggert) Yes

(Jari Arkko) No Objection

Comment (2010-03-11 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Its not traditional for the authors to thank themselves in the
acknowledgments section.

(Ross Callon) No Objection

(Ralph Droms) No Objection

(Lisa Dusseault) No Objection

(Pasi Eronen) (was Discuss) No Objection

(Adrian Farrel) No Objection

(Russ Housley) No Objection

Comment (2010-03-10 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
  The Gen-ART Review by Avshalom Houri on 2010-03-09 includes some
  editorial comments.  Please consider them if an update to this
  document is needed for any reason.

(Cullen Jennings) No Objection

Alexey Melnikov No Objection

Comment (2010-03-11 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Agreeing with Pasi's DISCUSS on management interface for keys.


3.1.1.  Concrete KDFs

      - "||":      For any X || Y, "||" represents a concatonation

"concatenation"?

                   operation of the binary strings X and Y.

      - Output_Length:  The length in bits of the key that the KDF will
                   produce.  The Output_length is represented within two
                   octets.  This length must be the size required for
                   the MAC algorithm that will use the PRF result as a
                   seed.

I assume this is in network byte order? It would be better to state this explicitly.

(Tim Polk) No Objection

(Dan Romascanu) No Objection

(Robert Sparks) No Objection

Magnus Westerlund No Objection

(Ron Bonica) Recuse