I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at
< http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Please wait for direction from your document shepherd
or AD before posting a new version of the draft.
Document: draft-ietf-dime-ikev2-psk-diameter-08
Reviewer: Ben Campbell
Review Date: 2011-06-17
IESG Telechat date: 2011-06-23
Summary: This draft is almost ready for publication as a proposed standard. I
still have a concern about the generation of the PSK.
Major issues:
In my initial Gen-ART review, I made the following comment: The draft says that
the procedure that the HAAA follows to generate the PSK is out of scope. But
doesn't the IKE2 initiator need to understand the procedure? If the procedure
is not defined somewhere, how you achieve any degree of interoperability?
The author responded that the PSK generation was in fact important for
interoperability, but that the specific procedures have been intentionally left
to other specifications. It is up to specifications that use this Diameter
application to define the PSK generation mechanism. Further, the author
indicated 2 3GPP2 specs that have done this.
I am still concerned that this means that this specification cannot be
implemented in an interoperable way without effectively profiling it. There is
no apparent coordination on how such profiling may be done, and by whom. I
think this is likely to result in implementation islands that can't talk to
each other. I recognize that there is precedent for doing this, but I think it
is something that should not be done without careful consideration,
particularly in a standards track RFC. I leave it to the IESG to confirm
whether it is appropriate in this circumstance.
I further note that there is no apparent way to negotiate or declare what PSK
generation mechanism might be used, if an implementation supports more than one.
Minor Issues: None
Editorial Comments: None
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf