Last Call Review of draft-ietf-ipsecme-dh-checks-04
review-ietf-ipsecme-dh-checks-04-genart-lc-romascanu-2013-05-13-00

I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART,
please see the FAQ at

<

http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Please resolve these comments along with any other Last Call comments you may
receive.

Document: draft-ietf-ipsecme-dh-checks-04
Reviewer: Dan Romascanu
Review Date: 5/13/13
IETF LC End Date: 5/20/13
IESG Telechat date:

Summary:

This document is Ready. It is clearly written and easy to follow, even for a
non-expert in security. I appreciated the sections that describe the transition
to implementations that support the update and the ones that describe behavior
upon test failures - which are of value to implementers and operators. One
minor issue related to the IANA registry may be only an issue of clarification.

Major issues:

Minor issues:

The IANA Considerations Sections mention that Groups 27-30 have been recently
defined in [I-D.merkle-ikev2-ke-brainpool]. This is an Informational Reference
which is somehow odd, because without this reference the IANA actions could not
be completed. On the other hand making [I-D.merkle-ikev2-ke-brainpool]
Normative Reference would create a downref because the later is informational.
I believe this is OK, because I see the document in RFC Editor Queue waiting
for IANA actions, which may actually be exactly the ones described in this I-D,
but a cleaner solution would have been not defining at all Groups 27-30 here.

Nits/editorial comments: