In the introduction there is text:
Algorithm implementation requirements and usage guidelines for IKEv2
[RFC8247] and ESP/AH [RFC8223] gives guidance to implementors but
limits that guidance to avoid broken or weak algorithms.
but the RFC8223 is completely unrelated to the matter in hand:
[RFC8223] Esale, S., Torvi, R., Jalil, L., Chunduri, U., and K.
Raza, "Application-Aware Targeted LDP", RFC 8223,
DOI 10.17487/RFC8223, August 2017,
<https://www.rfc-editor.org/info/rfc8223>.
I assume it should be RFC8221 (i.e. replace the text in section 1 and
the reference).
--
This document says it updates 7296, 8221, and 8247. I am not
completely sure what it is supposed to update in RFC 7296? I can
somewhat understand that it supposedly updates 8221 and 8247 as it
changes the status of some cryptographic algorithms from MAY to
DEPRECATED, but I do not think there is anything in RFC7296 that is
really updated (not RFC8221, or 8247 do not update 7296).
I.e., what changes do RFC 7296 implementations need to do based on
this document (knowing that RFC7296 didn't specify the mandatory to
implement algorithms in it)?
Adding new status column to IANA is not updating the protocol.
So I would remove the 7296 from the Updates list.
--
In the section 1 there is text saying:
IKEv1 has been moved to Historic status.
I think it is supposed to say "This document moves IKEv1 to Historic
status".
--
What about other related RFCs, like RFC2407 The Internet IP Security
Domain of Interpretation for ISAKMP, and RFC2408 Internet Security
Association and Key Management Protocol (ISAKMP)?
Both of them are also obsoleted by the IKEv2, and are standard track
documents. I think we should move all of them to HISTORIC, i.e. change
section 3 to say "RFC 2407, RFC 2408, and RFC 2409 to Historic".
You do list all of them in the section 1:
IKEv1 [RFC2409] and its related documents for ISAKMP [RFC2408] and
IPsec DOI [RFC2407] were obsoleted by IKEv2 [RFC4306] in December
2005.
--
I think the Normative and Informal References split is not correct.
For example I do not think any of the RFC2407-2409, or RFC4306 are
normative.
I think the normative references section should just list RFC2119,
RFC8174, RFC8221 (replace 8223 wih this), and RFC8247.
The IKEv1, and IKEv2 releated RFCs are not needed to be normative
references, as you do not need to read and understand to know they are
deprecated :-)
I.e., move RFC2407, 2408, 2409, 4306, 6407, 7296, 8784 to informative
references section. RFC7296 might also be in normative if it is kept
in the updates list...
--
kivi...@iki.fi
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
