Evaluation of Candidate Protocols for IP Flow Information Export (IPFIX)
RFC 3955

Note: This ballot was opened for revision 03 and is now closed.

(Bert Wijnen) Yes

(Steven Bellovin) No Objection

Comment (2004-04-09 for -)
No email
send info
Nice evaluation.  I would like it if all of the candidates were described in RFCs -- a future reader of this document may be frustrated by the inability to research some details of one of the described candidates.

The discussion of LFAP should probably note that DES is not regarded as adequately secure.

The Conclusions section should note that the work effort to improve NetFlow must include suitable security enhancements.  In particular, some decision on the precise security mechanism must be made; simply saying "just use IPsec" or "just switch to TCP and use TLS" are inadequate, especially the former.

(Margaret Cullen) No Objection

(Ted Hardie) No Objection

(Scott Hollenbeck) No Objection

(Russ Housley) No Objection

Comment (2004-03-30 for -)
No email
send info
  Please change "IPSEC" to "IPsec" throughout the document.

(David Kessens) No Objection

(Allison Mankin) (was Discuss, No Objection) No Objection

Comment (2004-04-02)
No email
send info
I like the idea of the candidates being published as RFCs - they
should all have text at the beginning stating they were candidates
to make the context clear.