Last Call Review of draft-ietf-msec-ipsec-group-counter-modes-
review-ietf-msec-ipsec-group-counter-modes-secdir-lc-hartman-2010-07-15-00

Request Review of draft-ietf-msec-ipsec-group-counter-modes
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-07-23
Requested 2010-07-11
Authors David McGrew, Brian Weis
Draft last updated 2010-07-15
Completed reviews Secdir Last Call review of -?? by Sam Hartman
Assignment Reviewer Sam Hartman
State Completed
Review review-ietf-msec-ipsec-group-counter-modes-secdir-lc-hartman-2010-07-15
Review completed: 2010-07-15

Review
review-ietf-msec-ipsec-group-counter-modes-secdir-lc-hartman-2010-07-15

This is a secdir review of the above draft.

The text looks fine. However, I'm concerned that this specification does
not provide sufficient detail for interoperable implementation.  It
makes it clear that a GKMS needs to allocate SIDs but does not cite any
mechanism for a GKMS to do so.

I think you need to either add a normative reference to a hopefully
already existing description of how to distribute this parameter, or
recast this document as an informational document describing a general
method but not implementing a protocol.