Last Call Review of draft-ietf-netlmm-grekey-option-
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
Overall, the document is clear and ok, although I am not that particularly strong with MIPv6 etc.
>From the review I have one simple Question and one comment:
1. simple maybe stupid Question: Section 6.4 Status codes:
What do you mean with the abbrevation "TBD" in this text?
e.g. "GRE KEY OPTION NOT REQUIRED (TBD less than 128)"
2. COMMENT on Section 9 Security Considerations:
Considering the potential risks, I find it unnecessary weak to state that the there described security mechanisms "can be used". The section should use the stronger term of "SHOULD be" used instead throughout the whole section.
Additionally in the last paragraph:"In Proxy Mobile IPv6 [RFC5213], the use of IPsec [RFC4301] for protecting a mobile node's data traffic is optional." should rather use the term "recommended"/"RECOMMENDED" instead of "optional".
secdir mailing list
secdir at mit.edu