Last Call Review of draft-ietf-tsvwg-transport-encrypt-19

Request Review of draft-ietf-tsvwg-transport-encrypt
Requested rev. no specific revision (document currently at 20)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2021-02-19
Requested 2021-02-05
Authors Gorry Fairhurst, Colin Perkins
Draft last updated 2021-02-15
Completed reviews Secdir Early review of -01 by Christopher Wood (diff)
Opsdir Last Call review of -19 by Shwetha Bhandari (diff)
Genart Last Call review of -19 by Joel Halpern (diff)
Secdir Last Call review of -19 by Derek Atkins (diff)
Genart Telechat review of -20 by Joel Halpern
Assignment Reviewer Joel Halpern 
State Completed
Review review-ietf-tsvwg-transport-encrypt-19-genart-lc-halpern-2021-02-15
Posted at
Reviewed rev. 19 (document currently at 20)
Review result Ready with Issues
Review completed: 2021-02-15


I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at


Document: draft-ietf-tsvwg-transport-encrypt-19
Reviewer: Joel Halpern
Review Date: 2021-02-15
IETF LC End Date: 2021-02-19
IESG Telechat date: Not scheduled for a telechat

Summary: THis document is ready for publication as an Informational RFC

Major issues:

Minor issues:
     While section 2 does include a discussion of traffic mis-ordering, it does not include a discussion of ECMP, and the dependence of ECMP on flow identification to avoid significant packet mis-ordering.

    Section 5.1 of this document discusses the use of Hop-by-Hop IPv6 options.  It seems that it should acknowledge and discuss the applicability of the sentence "New hop-by-hop options are not recommended..." from section 4.8 of RFC 8200.  I think a good argument can be made in this case as to why (based on the rest of the sentence from 8200) the recommendation does not apply to this proposal.  The document should make the argument.

Nits/editorial comments:
     I found the discussion of header compression slightly confusing.  Given that the TCP / UDP header is small even compared to the IP header, it is difficult to see why encrypting it would have a significant impact on header compression efficacy.

   The wording in section 6.2 on adding header information to an IP packet has the drawback of seeming to imply that one could add (or remove) such information in the network, without adding an encapsulating header.  That is not permitted by RFC 8200.  It would be good to clarify the first paragraph.  (The example, which talks about the sender putting in the information is, of course, fine.)