Last Call Review of draft-ietf-msec-ipsec-group-counter-modes-
|Requested rev.||no specific revision (document currently at 06)|
|Type||Last Call Review|
|Team||Security Area Directorate (secdir)|
|Authors||David McGrew, Brian Weis|
|Draft last updated||2010-07-15|
Secdir Last Call review of -?? by Sam Hartman
This is a secdir review of the above draft. The text looks fine. However, I'm concerned that this specification does not provide sufficient detail for interoperable implementation. It makes it clear that a GKMS needs to allocate SIDs but does not cite any mechanism for a GKMS to do so. I think you need to either add a normative reference to a hopefully already existing description of how to distribute this parameter, or recast this document as an informational document describing a general method but not implementing a protocol.