IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap
Note: This ballot was opened for revision 10 and is now closed.
(Sean Turner) Yes
(Jari Arkko) No Objection
(Ron Bonica) No Objection
(Gonzalo Camarillo) No Objection
(Adrian Farrel) No Objection
Comment (2010-08-11 for -** No value found for 'p.get_dochistory.rev' **)
Thanks for what must have been a pretty painful task. I think this makes a useful document.
(Tim Polk) No Objection
Comment (2010-08-12 for -** No value found for 'p.get_dochistory.rev' **)
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be helpful. However, this document has a very similar title and does obsolete 2411 if approved. Perhaps a few sentences in the intro to describe that relationship would be useful! (2) RFC 5282 should be added to the list of base documents in section 4.1.2, IKEv2. As noted in section 5.4, 5282 added the capability to negotiate combined mode algorithms to IKEv2. (3) Section 5.4.3 is misplaced. GMAC is an Integrity protection algorithm and should appear in section 5.3. This will necessitate forward pointers to section 5.4, since it is based on a combined mode algorithm, but it does not fit with the other algorithms in 5.4 which are providing both encryption and integrity-protection. (4) In section 5.2.1, last sentence of the first paragraph: This number (the value 11 for ESP_NULL) is found on the IANA registries for both IKEv1 and IKEv2, but it is not mentioned in this RFC. "this RFC" is ambiguous - I gather the authors meant RFC 2410 (since the value is clearly mentioned in *this* RFC). I suggest: s/this RFC/[RFC2410]/