Scott C Moonen writes:
> - Is Section 1.2 necessary? None of these terms are used in this fashion
> in this document.
True. Removed.
> - page 8, "sees an new" => "sees a new"
> - page 8, "in the Section 8" => "in Section 8"
Fixed.
> - page 12, excessive space in "i.e. UDP encapsulated"; perhaps replace
> with comma.
xml2rfc seems to want to put it there, but that is something that can
be fixed in the final RFC editing phase.
> - page 16, "with a new SA which needs heuristics" => "produces a new SA
> which needs heuristics and will benefit from the existing flows".
Fixed.
> - page 21, "things what needs" => "things that need"
> - page 21, suggest "optimize things" => "optimize steps", just to reduce
> repetition
> - page 21, "For example implementation" => "For example, implementations"
Fixed.
> - page 25, I believe that DES-MAC has a 64-bit ICV (FIPS 113) and KPDK has
> a 128-bit ICV (RFC 1828).
RFC4306 does not give reference to AUTH_DES_MAC, and the AUTH_KPDK_MD5
reference is to RFC1826 whic does not define it. I do not want to put
those there as both of them are actually quite unsecure and should not
be used anyways.
Changed to:
// AUTH_DES_MAC and AUTH_KPDK_MD5 are left out from
// this document.
> - page 30, for tunnel mode checks it might be worth just mentioning that
> tunnel mode is inferred by protocol 4 for IPv4 and protocol 41 for IPv6.
Changed it to be:
// Tunnel mode checks (protocol 4 for IPv4 and protocol 41 for
// IPv6) is also left out from here to make the document shorter.
--
kivi...@iki.fi
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
