Interoperability Report for Forwarding and Control Element Separation (ForCES)
RFC 6984

Note: This ballot was opened for revision 07 and is now closed.

(Spencer Dawkins) Yes

(Adrian Farrel) (was Recuse, Yes) Yes

(Jari Arkko) No Objection

(Richard Barnes) No Objection

(Stewart Bryant) No Objection

(Gonzalo Camarillo) No Objection

(Benoît Claise) No Objection

(Stephen Farrell) No Objection

Comment (2013-05-30 for -08)
No email
send info
abstract: >2 years to write this up? wow. Did
something go wrong somewhere? Or, if this is just a
case of "we didn't bother becuase the wg were doing
other more important work" then saying so would be

(Brian Haberman) No Objection

(Joel Jaeggli) No Objection

Barry Leiba No Objection

Comment (2013-05-13 for -07)
No email
send info
The reviewer offers to buy the document shepherd a new keyboard.

(Martin Stiemerling) No Objection

(Sean Turner) No Objection

Comment (2013-05-27 for -08)
No email
send info
No objection to the publication of this draft, just curious about a couple of things:

0) People often get the certificate bit wrong, was there any thought to including the test certificates that you used in this document?

1) There's two versions of IKE; did you implement IKEv1 or IKEv2?  RFC 5811 points to IKEv1 interestingly enough, which was obsoleted by RFC 4036 (and that was obsoleted by RFC 5996). 

2) ESP can be implemented in RFC 4303 without using any of the ESP v3 features and then it looks just like ESP v2.  Were any of the v3 features implemented (i.e., which version of ESP was implemented)?

3) I take it from the list that the ESP encryption was not implemented?

4) One of the requirements in RFC 5811 is that cryptographic agility be supported.  Did you test this SHOULD:

   A compliant implementation SHOULD provide operational means for
   configuring the CE and FE to negotiate other cipher suites and even
   use manual keying.

5) Did you test any of the SAD and SPD setups?

one nit: IPSec and IPsec are both used should just be IPsec.