Telechat Review of draft-ietf-bmwg-ipsec-meth-
review-ietf-bmwg-ipsec-meth-secdir-telechat-salowey-2009-10-22-00

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The document seems useful and well written.  I have two comments:

1) The AES transforms are SHOULD, it seems we should be moving towards a
MUST for these ciphers.  Why are they a SHOULD?  Is it because of the
base IPSEC documents?  If SHOULD is what is really wanted I think it
would be good to have some explanation of why and how/if things are
expected to evolve over time.  

2) The security considerations section says there are no security
considerations associated with this document.  Yet the document has a
section on denial of service attacks.  It seems the security
considerations section should acknowledge that these tests may provide
some useful information about the expected of DOS attacks on the
performance of the device or system under test.  It would be great if it
could say a bit more about the useful information collected, but that
may be beyond the scope of the document. 

Cheers,

Joe