Last Call Review of draft-seokung-msec-mikey-seed-
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
I see no problems with this draft -- it adds a few entries to IANA
registries that have an assignment metric of IETF Consensus. It has a
dependency on a draft that was on telechat in June; all Discuss
positions on that doc have been cleared.
The only questions I might ask are really out of scope: 1) does MIKEY
deal with algoritm agility gracefully (e.g. is it subject to downgrade
or DOS attacks)? But that's out of scope for this review and this
And... 2) for the fields being changed (and others), 3830 says "a one
byte length is enough" and establishes an IANA registry for the values
0-255, but those fields appear to be encoded on the wire using a TLV
scheme. I have fear of future interop issues if some implementations
hardcode the one byte length, and the text in 3830 makes it pretty
clear that hardcoding would be justified. But, again, that's beyond
the scope of this draft to fix.