Skip to main content

Last Call Review of draft-ietf-dhc-relay-server-security-03
review-ietf-dhc-relay-server-security-03-genart-lc-dupont-2017-03-10-00

Request Review of draft-ietf-dhc-relay-server-security
Requested revision No specific revision (document currently at 05)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2017-03-13
Requested 2017-02-27
Authors Bernie Volz , Yogendra Pal
I-D last updated 2017-03-10
Completed reviews Intdir Early review of -02 by Jouni Korhonen (diff)
Secdir Last Call review of -03 by Catherine Meadows (diff)
Genart Last Call review of -03 by Francis Dupont (diff)
Genart Telechat review of -03 by Francis Dupont (diff)
Assignment Reviewer Francis Dupont
State Completed
Request Last Call review on draft-ietf-dhc-relay-server-security by General Area Review Team (Gen-ART) Assigned
Reviewed revision 03 (document currently at 05)
Result Ready
Completed 2017-03-10
review-ietf-dhc-relay-server-security-03-genart-lc-dupont-2017-03-10-00
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-dhc-relay-server-security-03.txt
Reviewer: Francis Dupont
Review Date: 20170303
IETF LC End Date: 20170313
IESG Telechat date: unknown

Summary: Ready

Major issues: None

Minor issues: None

Nits/editorial comments: 
 - 3 pages 3-4: there is nothing about multicast which is an option
  for relay - agent exchanges. As multicast IPsec is a bit hard I
  understand this choice...

 - 3 page 4: there is a MUST for transport mode: I agree transport
  mode is better for this use but I am afraid not everybody in the
  security community will share this opinion. I propose to keep this
 and to wait for the security directorate review.

 - 4 page 4: I suggest: multiple relays -> relay chains

 - 4 page 5: I support your considerations: this use case is at least
  known plain text.

 - 4 page 5: preshared -> pre-shared
  (suggested by my spell checker and used by IKEv2 RFC)

Regards

Francis.Dupont@fdupont.fr