Last Call Review of draft-ietf-dhc-relay-server-security-03
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please treat these comments just
like any other last call comments.
For more information, please see the FAQ at
Reviewer: Francis Dupont
Review Date: 20170303
IETF LC End Date: 20170313
IESG Telechat date: unknown
Major issues: None
Minor issues: None
- 3 pages 3-4: there is nothing about multicast which is an option
for relay - agent exchanges. As multicast IPsec is a bit hard I
understand this choice...
- 3 page 4: there is a MUST for transport mode: I agree transport
mode is better for this use but I am afraid not everybody in the
security community will share this opinion. I propose to keep this
and to wait for the security directorate review.
- 4 page 4: I suggest: multiple relays -> relay chains
- 4 page 5: I support your considerations: this use case is at least
known plain text.
- 4 page 5: preshared -> pre-shared
(suggested by my spell checker and used by IKEv2 RFC)