IPsec Extensions to Support Robust Header Compression over IPsec
draft-ietf-rohc-ipsec-extensions-hcoipsec-08
Yes
(Magnus Westerlund)
No Objection
(Alexey Melnikov)
(Cullen Jennings)
(Lars Eggert)
(Lisa Dusseault)
(Ralph Droms)
(Robert Sparks)
(Ron Bonica)
(Ross Callon)
(Russ Housley)
(Tim Polk)
Note: This ballot was opened for revision 08 and is now closed.
Magnus Westerlund Former IESG member
Yes
Yes
()
Unknown
Alexey Melnikov Former IESG member
No Objection
No Objection
()
Unknown
Cullen Jennings Former IESG member
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
(was Discuss)
No Objection
No Objection
(2009-12-16)
Unknown
The OPS-DIR review performed by Bert Wijnen on version 05 of the document included the following comment: > If I understand the document correctly, then a user of this protocol will have to add additional paramters in the SPD and SAD databases (as defined in RFC4301). > I do not see any discussion as to what implications (if any) that may have to existing entries in the databases?. Might that cause interupts to ongoing operations? Or can existing entries be left untouched and could one choose to just add these new paramters to new entries in the databases? > Answers to these questions are probably best added in the document itself. The answer from the document editor mentioned that: > Bert's understanding is correct; we are adding additional parameters to the SPD and SAD databases. Fortunately, I do not think that these new parameters will cause issues for existing entries in the SPD and SAD. The additional ROHCoIPsec SPD parameters are simply configured (e.g., along with the other parameters in the SPD). Based on the these SPD parameters, the ROHCoIPsec SAD parameters will be populated during the initialization/rekey of a child SA (e.g., along with the other SAD parameters). I am satisfied with the answer, but I believe that the issue should be documented in the future RFC.
Jari Arkko Former IESG member
(was Discuss)
No Objection
No Objection
(2009-12-17)
Unknown
Neither the abstract or the introduction made it clear whether the header compression is inside or outside IPsec headers. Maybe its obvious for the authors, but as a reader I would have wanted to see that early on. > 4. Extensions to IPsec Processing > > 4.1. Addition to the IANA Protocol Numbers Registry Mixing IANA considerations and behaviour rules. > ICV The document does a poor job of explaining why ICVs are needed. I think you should add a paragraph about this. > IPComp and ROHC I would personally rather just say use one, not both. Do we need this complexity?
Lars Eggert Former IESG member
No Objection
No Objection
()
Unknown
Lisa Dusseault Former IESG member
No Objection
No Objection
()
Unknown
Pasi Eronen Former IESG member
No Objection
No Objection
(2009-12-09)
Unknown
In my opinion, including support for ROHC segmentation (Section 4.3) is misguided, and unnecessary complexity. While AH/ESP sequence numbers could be used in theory to reconstruct the correct segment sequence, I have doubts that anyone will actually implement this: ROHC is useful mostly for small packets (where the header is large part of the total packet) -- but those won't require fragmentation...
Ralph Droms Former IESG member
No Objection
No Objection
()
Unknown
Robert Sparks Former IESG member
No Objection
No Objection
()
Unknown
Ron Bonica Former IESG member
No Objection
No Objection
()
Unknown
Ross Callon Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
No Objection
No Objection
()
Unknown
Tim Polk Former IESG member
No Objection
No Objection
(2009-12-17)
Unknown
I suggest spelling out robust header compression once somewhere in the abstract. It should be relatively obvious given the document's title, but in isolation the abstract is difficult to sort.