Last Call Review of draft-ietf-ippm-ipsec-08
review-ietf-ippm-ipsec-08-opsdir-lc-baker-2015-02-05-00

Request Review of draft-ietf-ippm-ipsec
Requested revision No specific revision (document currently at 11)
Type IETF Last Call Review
Team Ops Directorate (opsdir)
Deadline 2015-02-09
Requested 2015-01-31
Authors Kostas Pentikousis , Emma Zhang , Yang Cui
I-D last updated 2015-12-20 (Latest revision 2015-08-26)
Completed reviews Genart IETF Last Call review of -08 by Meral Shirazipour (diff)
Genart Telechat review of -09 by Meral Shirazipour (diff)
Secdir IETF Last Call review of -08 by Hannes Tschofenig (diff)
Secdir Telechat review of -09 by Hannes Tschofenig (diff)
Opsdir IETF Last Call review of -08 by Fred Baker (diff)
Assignment Reviewer Fred Baker
State Completed
Request IETF Last Call review on draft-ietf-ippm-ipsec by Ops Directorate Assigned
Reviewed revision 08 (document currently at 11)
Result Ready
Completed 2015-02-05
review-ietf-ippm-ipsec-08-opsdir-lc-baker-2015-02-05-00
I have been asked to review draft-ietf-ippm-ipsec-08 for operational purposes.
Fair disclaimer: I don’t claim to be a security expert. I would look for that
review from the security directorate.

I would say that, for what this intends to do, it is ready to go.

With respect to the questions in

http://tools.ietf.org/html/rfc5706#appendix-A.1

, this is a mechanism that might be used among consenting adults. The question
of how it might interact with an implementation that doesn’t conform to the
specification (for example, doesn’t implement IPsec) is not especially
addressed; a fair supposition is that it would not work. However, if both ends
support i, it provides a means to generate a temporary key from IPsec keying
material exchanged using IKEv2 as opposed to requiring prior configuration.
That is likely to improve deployability over present mechanisms.

Attachment:

signature.asc

Description:

 Message signed with OpenPGP using GPGMail