ietf
[Top] [All Lists]

Re: Gen-art review of draft-ietf-ipsecme-ikev2bis-08.txt

2010-03-19 11:01:51
At 2:37 PM +0000 3/19/10, Elwyn Davies wrote:
Not ready.  The document contains a lot of minor niggles and nits plus a major 
item that I am not sure the IETF should support:  this is the removal of all 
mention of mandatory to implement security suites from the document.  I 
appreciate the difficulty of keeping up to the minute, but it seems to me that 
this is outweighed by the difficulty of guaranteeing interoperability.  If the 
security landscape is so unstable, we have a bigger problem perhaps.  Whether 
this change is acceptable to the IAB, the IESG and the wider IETF is not 
something I can resolve.

. . .

Major issues:

s3.3.4: The draft states that the list of mandatory to implement suites has 
been removed due to evolution going too fast.  Is this acceptable?


draft-ietf-ipsecme-ikev2bis is a revision of RFC 4306, and the paragraph in 
question about removing the mandatory-to-implement suites is copied directly 
from RFC 4306. When the original WG published RFC 4306 over four years ago, it 
decided to split out the suites into what became RFCs 4307 and 4308. 
draft-ietf-ipsecme-ikev2bis changes nothing here.

Does that clear up your issue, or are you saying that 
draft-ietf-ipsecme-ikev2bis should reverse the old policy and explicitly pull 
in the text from RFC 4307 and RFC 4308 into the new document?

--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>