Hi Erik, thank you for your comments. Please see inline.
> -----Original Message----- > From: Erik Kline via Datatracker [mailto:nore...@ietf.org] > Sent: Wednesday, November 30, 2022 6:16 AM > To: The IESG > Cc: draft-ietf-ipsecme-ikev2-multiple...@ietf.org; ipsecme-cha...@ietf.org; > ipsec@ietf.org; > kivi...@iki.fi; kivi...@iki.fi > Subject: Erik Kline's No Objection on > draft-ietf-ipsecme-ikev2-multiple-ke-10: (with COMMENT) > > Erik Kline has entered the following ballot position for > draft-ietf-ipsecme-ikev2-multiple-ke-10: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-multiple-ke/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > # Internet AD comments for draft-ietf-ipsecme-ikev2-multiple-ke-10 > CC @ekline > > ## Nits > > ### S2 > > * s/FIPS complaint/FIPS compliant/ Funny typo :-) Fixed, thank you. > ### S3.2.1 > > * I take it that it's not relevant to the example flow that there is no > transform called AKE4. :-) This was done on purpose, to illustrate the text in the para above: The initiator MAY propose non-consecutive Additional Key Exchange transforms, for example proposing Additional Key Exchange 2 and Additional Key Exchange 5 transforms only. > ### S5 > > * "can dwarfed"? This has been already changed to: Simply increasing the key length can mitigate this attack. by request from Sean. The updated PR is available at: https://github.com/post-quantum/ietf-pq-ikev2/pull/22 Regards, Valery. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec