Telechat Review of draft-ietf-tcpinc-tcpcrypt-10
review-ietf-tcpinc-tcpcrypt-10-opsdir-telechat-wang-2017-12-19-00

Request Review of draft-ietf-tcpinc-tcpcrypt
Requested rev. no specific revision (document currently at 11)
Type Telechat Review
Team Ops Directorate (opsdir)
Deadline 2017-11-28
Requested 2017-10-25
Other Reviews Rtgdir Telechat review of -07 by John Drake (diff)
Opsdir Last Call review of -07 by Zitao Wang (diff)
Secdir Last Call review of -07 by Stephen Kent (diff)
Genart Last Call review of -07 by Dale Worley (diff)
Secdir Telechat review of -09 by Barry Leiba (diff)
Secdir Telechat review of -10 by Barry Leiba (diff)
Genart Telechat review of -10 by Dale Worley (diff)
Review State Completed
Reviewer Zitao Wang
Review review-ietf-tcpinc-tcpcrypt-10-opsdir-telechat-wang-2017-12-19
Posted at https://www.ietf.org/mail-archive/web/ops-dir/current/msg02950.html
Reviewed rev. 10 (document currently at 11)
Review result Ready
Draft last updated 2017-12-19
Review completed: 2017-12-19

Review
review-ietf-tcpinc-tcpcrypt-10-opsdir-telechat-wang-2017-12-19

Reviewer: Zitao WANG

Review result: Ready

I have reviewed draft-ietf-tcpinc-tcpcrypt-10 as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.
Document editors and WG chairs should treat these comments just like any other last call comments.

 

"This document specifies tcpcrypt, a TCP encryption protocol designed for use in conjunction with the TCP Encryption Negotiation Option (TCP-ENO).  Tcpcrypt coexists with middleboxes by tolerating resegmentation, NATs, and other manipulations of the TCP header.  The protocol is self-contained and specifically tailored to TCP implementations, which often reside in kernels or other environments in which large external software dependencies can be undesirable. Because the size of TCP options is limited, the protocol requires one additional one-way message latency to perform key exchange before application data may be transmitted.  However, this cost can be avoided between two hosts that have recently established a previous tcpcrypt connection. "

 

My overall view of the document is 'Ready' for publication.