Telechat Review of draft-ietf-tcpinc-tcpcrypt-09
review-ietf-tcpinc-tcpcrypt-09-secdir-telechat-leiba-2017-11-11-00

Request Review of draft-ietf-tcpinc-tcpcrypt
Requested revision No specific revision (document currently at 15)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2017-11-28
Requested 2017-10-25
Authors Andrea Bittau, Daniel B. Giffin , Mark J. Handley , David Mazieres , Quinn Slack , Eric W. Smith
I-D last updated 2017-11-11
Completed reviews Rtgdir Telechat review of -07 by John Drake (diff)
Opsdir Last Call review of -07 by Zitao Wang (diff)
Secdir Last Call review of -07 by Stephen Kent (diff)
Genart Last Call review of -07 by Dale R. Worley (diff)
Secdir Telechat review of -09 by Barry Leiba (diff)
Secdir Telechat review of -10 by Barry Leiba (diff)
Opsdir Telechat review of -10 by Zitao Wang (diff)
Genart Telechat review of -10 by Dale R. Worley (diff)
Assignment Reviewer Barry Leiba
State Completed
Request Telechat review on draft-ietf-tcpinc-tcpcrypt by Security Area Directorate Assigned
Reviewed revision 09 (document currently at 15)
Result Has issues
Completed 2017-11-11
review-ietf-tcpinc-tcpcrypt-09-secdir-telechat-leiba-2017-11-11-00
I’ve looked at Stephen Kent’s review and the discussion thereof, and have
little to add to that.  A couple of small things:

1. Section 3 says that the subsections “describes the tcpcrypt protocol at an
abstract level.”  There is no sense in which this description is abstract, and
I’d prefer that we not try to say it is, because that gives a reader an
expectation that it will be high-level, and perhaps even non-normative.  Maybe
this?:

NEW
   This section provides details of the operation of the tcpcrypt protocol.
   The wire format of all messages is specified in Section 4.
END

2. In Section 7 (IANA), you say:

   Tcpcrypt's TEP identifiers will need to be incorporated in IANA's
   "TCP encryption protocol identifiers" registry under the
   "Transmission Control Protocol (TCP) Parameters" registry

I can find no such registry.  Can you help me here, maybe give me a URL?

Also, with respect to the new “tcpcrypt AEAD Algorithm" registry:

   Future assignments are to be made under the "RFC Required" policy

Note that that policy allows for assignments to be made in any RFC stream,
which includes the IRTF, the IAB, and the Independent Stream.  Do you really
want people to be able to send documents to the Independent Stream Editor, and
to have them published and make assignments with minimal review?

You might consider whether “IETF Review” is more appropriate.  That allows RFCs
of any type (Standards Track, Informational, Experimental, BCP), but requires
that they be in the IETF stream and have a formal IETF last call.

It will also help IANA if you make it clear what the valid range of values is
for the “Value” column.  Is 0x0000 valid?  Is 0xFFFF the maximum?  Explicitly
saying that values must be in the range 0x0001 to 0xFFFF inclusive will be
helpful.  (I say this with particular note that you changed how the Value field
is specified between -07 and -09, so this clearly has not even been clear to
the spec developers.)