Suite B Profile for Internet Protocol Security (IPsec)
RFC 6380

Note: This ballot was opened for revision 02 and is now closed.

(Sean Turner) Yes

(Ron Bonica) No Objection

(Stewart Bryant) No Objection

(Gonzalo Camarillo) No Objection

(Wesley Eddy) No Objection

(Adrian Farrel) No Objection

Comment (2011-08-06 for -)
No email
send info
I am balloting No Objection after a quick read and based on the support of the Responsible AD

(Stephen Farrell) (was Discuss) No Objection

Comment (2011-08-11)
No email
send info
(1) MUST is used before section 2

(2) What does "having" an X.509 cert mean for interop? I think you
want to say use somewhere.

(3) Saying "using the curves with foo" is a little unclear - maybe say
"using the curves with foo specified in bar section baz" would be
clearer.

(4) "appear in the literature with different names" maybe give
references

(5) 4.2 says "each system MUST specify" but systems don't specify,
specifications do. Suggest rewording.

(6) The IPR declaration refers to a "Standard" so I've no idea if
its relevant for this document or not.


--- this used to be discuss point 1

(1) I'd like to be reassured that nothing here requires implementers to
add some suite-B-specific, but non interoperable code to a node not
trying to be suite-B conformant but otherwise doing all the right
algorithms at the right sizes. If we had that problem then suite-B
would no longer be a simple profile but would become something close to
a national algorithm. (In terms of the non-interoperable aspects that
would then exist.)

(David Harrington) No Objection

(Russ Housley) No Objection

Comment (2011-08-11 for -)
No email
send info
  The Gen-ART Review by Alexey Melnikov includes one comment that has
  not been resolved.  Please consider his comment.
  
  The document includes this sentence:
  >
  > The responder SHOULD accept the first Suite B UI suite offered by
  > the initiator that it can accommodate.
  >
  Alexey believes that use of SHOULD here is inappropriate.  There are
  four Suite B UI suites, and in this case, any of the four will meet
  the security requirements.  The initiator has provided them in their
  preferred order.  Selecting any of the four choices that is offered by
  the initiator meets the security and interoperability requirements.
  The current wording says the responder SHOULD pick the initiator's
  preferred one, which may create additional testing for conformance.

(Pete Resnick) (was Discuss) No Objection

(Peter Saint-Andre) No Objection

(Robert Sparks) No Objection