Pekka, Comments inline..
> (Btw, maybe we could add "This document Updates RFC 2780." in the > Introduction, satisfying Allison's that particular comment.) Another thread going on about this. Please see my mail and respond to my comments :) > Now that there is a document which describes how to deal with ICMPv6 > and IPsec, this document should probably have as small amount of > normative text on IPsec as possible. > > Some informal text, helping the ICMPv6 implementers to understand the > IPsec processing issues, should be still OK. I agree. The knob of whether unauthenticated ICMP packets should be accepted or dropped also falls under IPsec module while implementing. So why should ICMP implementors be worried about this. I will try to modify the text in that section so that it just provides information and points to the IPsec RFCs for detailed processing. > > If providing this knob is a requirement for ONLY IPsec > > implementors, why are we mentioning it (as a MAY requirement) > > in the ICMPv6 draft ? > > Let's remove the mention. Yeah I also think that it should be removed. > Yes, though it has to be worded carefully as not to be seen as a red > flag. It should probably be stated like: > > "IPsec RFCs describe the IPsec processing, including ICMPv6 > messages" > > instead of: > > "IPsec processing of ICMPv6 messages is described in IPsec RFCs" > > (IMHO, the latter may confuse the reader to think that IPsec > processing of ICMPv6 messages should be described in _this_ spec and > IPsec specs should be a normative reference.) Makes sense. I will keep this in mind while updating the text. Regards Mukesh -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------