Hi Tero, thank you for the review. See inline below.
> I would need author to reply this email and express whether there is > any IPRs related to this draft known by the authors. I confirm that I'm not aware of any IPR related to this draft. > -- > > In section 3.1 the draft says: > > Instead, the initiator MAY either link the > Announcements to the CAs received in the IKE_SA_INIT response, or MAY > ignore the SUPPORTED_AUTH_METHODS notification entirely. > > but instead of ignoring the SUPPORTED_AUTH_METHODS notification > entirely, it could simply ignore the cert linking. If it ignores the > whole SUPPORTED_AUTH_METHODS it might pick completely unusable method, > so instead it should use that to pick suitable methods, even when it > can't link them to specific trust anchors. Makes sense. Changed to: Instead, the initiator MAY either link the Announcements to the CAs received in the IKE_SA_INIT response, or MAY ignore the Announcements containing links to CAs. > -- > > In section 3.2 the draft says: > > The meaning of the remaining octets of the blob, if > any, depends on the authentication method and is defined below. > > I think it would be simply bettter to say: > > The meaning of the remaining octets of the blob, if > any, depends on the authentication method. > > as in the future some of those authentication methods might be defined > in other documents and not below... OK, good point. > -- > > As this document adds two new variations of the basic IKEv2 > IKE_SA_INIT / (IKE_INTERMEDIATE) / IKE_AUTH, it would be really good > to have IKEv2 RFC 7296 Appendix C style exchange summaries. Please add > those. Added. > -- > > I-D nits complain : > > == Outdated reference: A later version (-09) exists of > draft-ounsworth-pq-composite-sigs-08 > > so fix that also at the same time. Oh, this is fixed automatically when a new version is published :-) Regards, Valery. > -- > [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
