Erik Kline has entered the following ballot position for draft-ietf-ipsecme-rfc8229bis-07: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc8229bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # Internet AD comments for {draft-ietf-ipsecme-rfc8229bis-07} CC @ekline ## Comments ### S1.1 * In "Cellular Network Access", is there a particular TS number to reference for this claim about preferring TLS for IWLAN setup? ### S2 * "Implementations MUST support TCP encapsulation on TCP port 4500": which implementations, exactly? Only TCP-supporting implementations, or all IKE/IPsec implementations? ### S6.1,6.3+,7.1,7.3,B.1,B.3,B.4 * Can the "IKETCP" be sent in a 7413 Fast Open (say, when reconnecting)? Can other IKE initiating messages be included with the SYN? Alternatively: are there concerns with use of Fast Open such that it should be forbidden? I don't see any mention of Fast Open anywhere in this doc, and I kinda think /something/ should maybe be said, but IANATP... (I am not a transport person) ### App. A * Is there an ALPN that is typically used with TLS? ## Nits ### S3.1 * "MUST close TCP connection" -> "MUST close the TCP connection" ### S6.4 * "after receiving error notification" -> "after receiving an error notification"? ### S6.7 * "stack manages DF bit" -> "stack manages the DF bit" ### S9.1 * "between all flows" -> "among all flows", perhaps ### S10 * "Note, that attacker capable to modify" -> "Note that an attacker able to modify" ### Acknowledgements * It seems a bit weird for an Author to Acknowledge himself (Tommy Pauly), but oh well ;-) :-) _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
