I guess I did mention this before but just in case that was missed - the idea
of a separate confidentiality mechanism for each encapsulation/overlay protocol
when these are all IP based does seem a bit inapposite to me. At a minimum, it
opens up scope for additional security holes to prey upon (as against using a
standard mechanism like IPsec).
Thanks,
Manish
On 13-Oct-2016, at 7:27 AM, Pete Resnick
<presnick(_at_)qti(_dot_)qualcomm(_dot_)com> wrote:
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please treat these comments just
like any other last call comments.
For more information, please see the FAQ at
http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Document: draft-ietf-lisp-crypto-09
Reviewer: Pete Resnick
Review Date: 2016-10-12
IETF LC End Date: 2016-10-04
IESG Telechat date: 2016-10-13
Summary: This draft is ready for publication as an Experimental RFC
Though this is not an area of expertise for me, the document is clearly
written, I reviewed the data structures and they appear correct, and the
document seems ready to go forward. (I do find it dicey that this is an
Experimental document. I understand there is history here, but this is a
full-fledged protocol document and the fact that it is only required to be
subjected to a cursory review for Experimental status and can pass IESG
review with one "YES" and everyone else "ABSTAIN"ing seems kinda ridiculous.
But that's not a reason to stop this document.)
Major issues:
None
Minor issues:
None
Nits/editorial comments:
Section 9, second to last paragraph: "Otherwise, the packet has been tampered
with and is discarded." The "tampered with" is probably overstating the case.
I would simply say "invalid".
--
Pete Resnick http://www.qualcomm.com/~presnick/
<http://www.qualcomm.com/%7Epresnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478
_______________________________________________
lisp mailing list
lisp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/lisp