Skip to main content

IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap
RFC 6071

Yes

(Sean Turner)

No Objection

(Dan Romascanu)
(Gonzalo Camarillo)
(Jari Arkko)
(Peter Saint-Andre)
(Ron Bonica)

Note: This ballot was opened for revision 10 and is now closed.

(Sean Turner; former steering group member) Yes

Yes ()

                            

(Adrian Farrel; former steering group member) No Objection

No Objection (2010-08-11)
Thanks for what must have been a pretty painful task. I think this makes a useful document.

(Dan Romascanu; former steering group member) No Objection

No Objection ()

                            

(Gonzalo Camarillo; former steering group member) No Objection

No Objection ()

                            

(Jari Arkko; former steering group member) No Objection

No Objection ()

                            

(Peter Saint-Andre; former steering group member) No Objection

No Objection ()

                            

(Ron Bonica; former steering group member) No Objection

No Objection ()

                            

(Tim Polk; former steering group member) No Objection

No Objection (2010-08-12)
(1) I understand that this is a forklift upgrade for RFC 2411, so the usual "Changes Since ..." section would not be
helpful.  However, this document has a very similar title and does obsolete 2411 if approved.  Perhaps a few
sentences in the intro to describe that relationship would be useful!

(2) RFC 5282 should be added to the list of base documents in section 4.1.2, IKEv2.  As noted in section 5.4, 5282
added the capability to negotiate combined mode algorithms to IKEv2.

(3) Section 5.4.3 is misplaced.  GMAC is an Integrity protection algorithm and should appear in section 5.3. This 
will necessitate forward pointers to section 5.4, since it is based on a combined mode algorithm, but it does not fit
with the other algorithms in 5.4 which are providing both encryption and integrity-protection.

(4) In section 5.2.1, last sentence of the first paragraph:

                                                                                This number (the
   value 11 for ESP_NULL) is found on the IANA registries for both IKEv1
   and IKEv2, but it is not mentioned in this RFC.

"this RFC" is ambiguous - I gather the authors meant RFC 2410 (since the
value is clearly mentioned in *this* RFC).  I suggest:

s/this RFC/[RFC2410]/