Skip to main content

ChaCha20, Poly1305, and Their Use in the Internet Key Exchange Protocol (IKE) and IPsec
RFC 7634

Yes

(Kathleen Moriarty)

No Objection

Alvaro Retana
(Alia Atlas)
(Barry Leiba)
(Benoît Claise)
(Brian Haberman)
(Deborah Brungard)
(Jari Arkko)
(Martin Stiemerling)
(Spencer Dawkins)
(Terry Manderson)

Note: This ballot was opened for revision 11 and is now closed.

Alvaro Retana No Objection

(Alissa Cooper; former steering group member) Yes

Yes (2015-07-08 for -11)
Agree with the comments about toning down the language in the first paragraph.

(Kathleen Moriarty; former steering group member) Yes

Yes (for -11)

                            

(Stephen Farrell; former steering group member) Yes

Yes (2015-07-07 for -11)
intro: "gold standard" is being a bit too keen IMO, I'd say
toning the language down a bit would be better.

intro: 3DES may be the "only other widely supported" cipher
for IPsec, but that's not true more generally.

section 2 says: "As the ChaCha20 block function is not applied
directly to the plaintext, no padding should be necessary."
That "should" could be confusing as written if a reader thinks
it means their code doesn't have to do padding. It might be
better to e.g. say something like "In theory no padding is
needed for this cipher, however, in keeping with..." 

section 3: Is "SHOULD inlude no padding" really right?  I'd
have thought a MAY was better there.  "MUST accept any length"
is also a bit odd - what if I (try:-) add loads of padding?

Appendices: thanks for those - I assume someone checked them
for you? (I didn't:-)

(Alia Atlas; former steering group member) No Objection

No Objection (for -11)

                            

(Barry Leiba; former steering group member) No Objection

No Objection (for -11)

                            

(Ben Campbell; former steering group member) No Objection

No Objection (2015-07-07 for -11)
This is easier than usual to read for this sort of draft :-) 

-- Section 1, 1st paragraph:
I concur with Stephen's comment. Furthermore, this entire paragraph pretty much reads like advertising copy. Can it be toned down a bit?

-- 8.1 (Normative References)

The reference to [RFC7539]  is a normative downref. I don't see it on the downref registry, nor was it mentioned in the last call notice. (For the record, I think it's a reasonable downref.)

(Benoît Claise; former steering group member) No Objection

No Objection (for -11)

                            

(Brian Haberman; former steering group member) No Objection

No Objection (for -11)

                            

(Deborah Brungard; former steering group member) No Objection

No Objection (for -11)

                            

(Jari Arkko; former steering group member) No Objection

No Objection (for -11)

                            

(Joel Jaeggli; former steering group member) No Objection

No Objection (2015-07-08 for -11)
Juergen Schoenwaelder's comment's from the opsdir review were applied in version 11.

(Martin Stiemerling; former steering group member) No Objection

No Objection (for -11)

                            

(Spencer Dawkins; former steering group member) No Objection

No Objection (for -11)

                            

(Terry Manderson; former steering group member) No Objection

No Objection (for -11)