IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap
RFC 6071
Yes
No Objection
Note: This ballot was opened for revision 10 and is now closed.
(Sean Turner; former steering group member) Yes
(Adrian Farrel; former steering group member) No Objection
Thanks for what must have been a pretty painful task. I think this makes a useful document.
(Dan Romascanu; former steering group member) No Objection
(Gonzalo Camarillo; former steering group member) No Objection
(Jari Arkko; former steering group member) No Objection
(Peter Saint-Andre; former steering group member) No Objection
(Ron Bonica; former steering group member) No Objection
(Tim Polk; former steering group member) No Objection
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be helpful. However, this document has a very similar title and does obsolete 2411 if approved. Perhaps a few sentences in the intro to describe that relationship would be useful! (2) RFC 5282 should be added to the list of base documents in section 4.1.2, IKEv2. As noted in section 5.4, 5282 added the capability to negotiate combined mode algorithms to IKEv2. (3) Section 5.4.3 is misplaced. GMAC is an Integrity protection algorithm and should appear in section 5.3. This will necessitate forward pointers to section 5.4, since it is based on a combined mode algorithm, but it does not fit with the other algorithms in 5.4 which are providing both encryption and integrity-protection. (4) In section 5.2.1, last sentence of the first paragraph: This number (the value 11 for ESP_NULL) is found on the IANA registries for both IKEv1 and IKEv2, but it is not mentioned in this RFC. "this RFC" is ambiguous - I gather the authors meant RFC 2410 (since the value is clearly mentioned in *this* RFC). I suggest: s/this RFC/[RFC2410]/