Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-ipsecme-add-ike-14> for your review

mohamed.boucadair@orange.com Tue, 12 September 2023 08:53 UTC

From: mohamed.boucadair@orange.com
Received-SPF: Fail (smtp-in365b.orange.com: domain of mohamed.boucadair@orange.com does not designate 104.47.18.109 as permitted sender) identity=mailfrom; client-ip=104.47.18.109; receiver=smtp-in365b.orange.com; envelope-from="mohamed.boucadair@orange.com"; x-sender="mohamed.boucadair@orange.com"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:80.12.66.32/28 ip4:80.12.210.96/28 ip4:80.12.70.34/31 ip4:80.12.70.36 include:spfa.orange.com include:spfb.orange.com include:spfc.orange.com include:spfd.orange.com include:spfe.orange.com include:spff.orange.com include:spf6a.orange.com include:spffed-ip.orange.com include:spffed-mm.orange.com -all"
Received-SPF: Pass (smtp-in365b.orange.com: domain of postmaster@EUR05-AM6-obe.outbound.protection.outlook.com designates 104.47.18.109 as permitted sender) identity=helo; client-ip=104.47.18.109; receiver=smtp-in365b.orange.com; envelope-from="mohamed.boucadair@orange.com"; x-sender="postmaster@EUR05-AM6-obe.outbound.protection.outlook.com"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/50 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all"
IronPort-Data: A9a23:0laj06AyBCSWehVW/4Tkw5YqxClBgxIJ4kV8jS/XYbTApD4m0jQDy 2MXUTuEM/qJamamLo0lborg/EgC75TXnNBlTANkpHpgcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMZiaA4E3ra9ANlFEkvYmQXL3wFeXYDS54QA5gWU8JhAlq8wIDqtYAbeORXUXV4 7sen+WFYAX+g28taDpNg06+gEgHUMra6WpwUmMWNagjUG/2zxE9EJ8ZLKetGHr0KqE88jmSH rurIBmRpws1zj91Yj+Xuu+Tnn4iG9Y+CTOzZk9+AMBOtPTiShsaic7XPNJEAateZq7gc9pZk L2hvrToIesl0zGldOk1C3Fl/y9C0aJup/yWB0S0mNep5EzqQlLQ3K5+B3MWMthNkgp3KTkmG f0wBQ03Nk3GrsfohbWxR69rm9gpK9TtMMUHoHZ8wDrFDPEgB5feX6HN4twe1zA17ixMNa+GO 4xFNnw2PFKZO0wn1lQ/UPrSmM+tgXn2djBU7liSuKE+72HS1iR2yrHrP9eTcduPLSlQthbI/ zmWpT6R7hcyaO6RijvC7UuQu/7DmCGnAY1CT4KVz6s/6LGU7jdKU0ZODAHTTeOColSwUJdSJ 00I/TAGt6Y5sUGnT8X6RVu/unHslh0bXdZMEvcS5wSEy66S6AGcbkAIUT9HZ5knudM4bTI32 VCNksivDjtq2JWOV3ub3rqQszKpfzIIRUcDfTQJRg4IptDvu6kygw7BCNF5H8adj8XuFDr1z nWBrCE/na47jMMX2eO851+vqzGtuJnPQwgd5wbWGGykhitjaIKNbIGy9R7c9/koBI+EUlnd7 HEekMif8u0mF5+G0SGBQfkKBveu/fntDdHHqVtmHp1k/jHz9mO5Jd1U+GsnfBYvNdsYczj0Z kOVoRlW+JJYIHqta+lwfp61DMMpi6PnELwJS8w4cPIRIclXSASu5xtFZGKh9lzyy1gno4Ewb MLzndmXMV4WDqFuzTyTTugb0KM2yi1W+V4/VawX3Dz6i+HBOS/9paMtbAvfMb1RALas+l29z jpJCyed4zN7OAEUSgDS6pIeN1wDKBDX7riv85UNHgJvCixhAn0hQ9/WxbcofYANoki4vuLB/ 3X4U0oGxUfl3SDDMV/TMiElb67zV5Fiq359JTYrIVujx3kkZ8Co8bsbcJw0O7Ig8YSPLMKYr dFVJK1s4dwWFVwrHgjxi7Gj8OSOkzz12Wqz09KNOmRXQnKZb1WhFiXYVgXu7jISKSG8qNEzp batviuCH8tfG1k9VJ2NMa33p79UgZT7sLMrN6cvCogLEHgADKAwdkQdc9drfJlScUmfmVN2K S7MWk9H+LOlT3AJHCnh3vnf9N/wSYOS72JfHmLB6q2xOzWS93i+24IobQp7VWG1aY8Aw437P b8956ikbpUvxQ8W26IiSeoD5fxlvLPH+eQFpjmI6V2QMzxH/Js7fyHatSSO34URroJkVfyeA x3ep4kHZuTYUC4neXZITDcYgi24/al8slHvAT4deS0WOAcfEHu7vURu092kpRFndOYwGaZ7h OArtYgR9hC1jQcsPpCelCdI+m+QL3sGFaI6qpUdB4ytgQ0uor2HSYKJETf4ufljdP0VWnTG4 BfM7EYBu1iY7k3Yenw8GD7G2u81aVEmpkVR1FFbT7iWsoatu8LbBCFszAk=
IronPort-HdrOrdr: A9a23:UvweoalDBxDAnP1+iQEYvMFqVirpDfLB3DAbv31ZSRFFG/Fwwf re5sjztCWE7gr5PUtPpTnuAsi9qB/nlaKdgrNhWotKPjOW3VdAd7sSlrcKqgeIc0aVm4Iz6U 4HSdkcNDSaNykfsS+V2njbL/8QhOCd9qamvOHfyGpKF143ApsQkTtRO0KjCUtxSxBBBZ0lUL ShxucvnUveRV0nKv2hAH8LRu7CoMCOsqnHT1opOz4LgTP+8Q9BR9TBYmWlNrt1aUI3/V+Cm1 K16zDE2g==
To: "rfc-editor@rfc-editor.org" <rfc-editor@rfc-editor.org>, "kondtir@gmail.com" <kondtir@gmail.com>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "svan@elvis.ru" <svan@elvis.ru>
CC: "ipsecme-ads@ietf.org" <ipsecme-ads@ietf.org>, "ipsecme-chairs@ietf.org" <ipsecme-chairs@ietf.org>, "kivinen@iki.fi" <kivinen@iki.fi>, "rdd@cert.org" <rdd@cert.org>, "auth48archive@rfc-editor.org" <auth48archive@rfc-editor.org>
Thread-Topic: AUTH48: RFC-to-be 9464 <draft-ietf-ipsecme-add-ike-14> for your review
Thread-Index: AQHZ4snKeL6TjIdNlkOgHFwtyYuMyLAW19FQ
Content-Class:
Date: Tue, 12 Sep 2023 08:53:16 +0000
Message-ID: <DU2PR02MB1016027ABE45FE0F534F959AC88F1A@DU2PR02MB10160.eurprd02.prod.outlook.com>
References: <20230909025950.E9D64E5EA7@rfcpa.amsl.com>
In-Reply-To: <20230909025950.E9D64E5EA7@rfcpa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2023-09-12T07:57:08Z; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=e0b9ad0a-b016-4478-b084-8551f35d037d; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU2PR02MB10160:EE_|AM7PR02MB6049:EE_
x-ms-office365-filtering-correlation-id: 8b44b29d-130f-4dca-21ae-08dbb36db47d
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: eDznU6humusTL3KhBKssBJN6rPoKOUi0J+0yAad6H5MsfXppbsAv7AbXWSNRA/JN5NjYucn9oQSHYIrY/54AXIGY/DOYGGA7IpVPXopRX/hL+UJB+lQJD3azQFldH/sIZz7KpN7oEbEfrcLegqRkz5Jo9EIgpv6Mmx2bdVQChsYp+biCuRaK7DEX6TYD0mOqJWjFzm5rgZ2dzJXwp+BqdPBXgsOZvEfU4zt6c2yJE0FP9X6HNq439we9rvKT/EBwP8M5VG3EYtJOFzArj5AEyv0Pxsqx67c+42k7Y+RqM1B/9WSdjkwToU2MeDE2IuIL/zM5+kxIBLrBZZHiCqSN/ATNYYVIkxHHYj/XzfKhxU0dwA0lyaEXGLH9HbOhZ/WbNPjr12Hp/uIT5VCmdNAfMkdBnOXsrMUQwxT+Q8dK5Q8/WC2XOKH41opMOBHuIIY2bHWqz8eaUuMGu4I4QNEJcx17sQcd68oGVxHNL0V4l5Gt4FYYQU/aI3x+t9OhyWa7E/vRhpbFRKSG6A6nR3dsl9uE1ubnGreHgTe9ya0/Oxa/b5dn449oaTzP5LM3K4lYPqrjMtY3VcLTW6x5wP5nBn81ia7w/mD72eBmS4q49afMAEIXIJ83rL6HYJTvSC2vt3d44GhOy58yt0DjDXl4PF1K9m7kKnzmv6vIGXhPDro=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU2PR02MB10160.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(396003)(39860400002)(366004)(376002)(346002)(186009)(1800799009)(451199024)(41300700001)(71200400001)(6506007)(7696005)(83380400001)(45080400002)(478600001)(966005)(30864003)(66574015)(52536014)(2906002)(110136005)(66946007)(5660300002)(54906003)(64756008)(66446008)(66476007)(66556008)(76116006)(8676002)(8936002)(316002)(26005)(4326008)(15974865002)(86362001)(9686003)(33656002)(16799955002)(55016003)(38070700005)(38100700002)(122000001)(579004)(559001)(19607625013); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: oEySLjiMogKjiSYSkdpF/vxKrV3thUDjFa+7lK/RB87DVogpTeI/8i29nxwROYI2duVzsDUklbK7DxtfJFiAt3BHxjSkCc6PSwonDIIpUElp+jsIAuEMjiogNFjQcPypJQwV1srAB1pNo0lMVychxR/Kt61NRfZgA1/QWgD4UiB0tWPL6/2tdu/2zGBKGH50p27ktRkFsIFLZHzM7+cKqzuoN4b4PBIv0AbZZYf9JlEEN36Gv/+DK2Lw7E3nFH4uXkQwSZxMrVicM3MZMLgzEFz7nPzkKfhRDwT5nu9l1SciBwG/b1twaFYpUEaQIpQ9oCNEYOTf7ednudOOJNW4uuZyQE4MJA3u0yAFTHc5okCubvPyRS9Rtfa55D5ssQlYOvQTbz98XUNmtzCj5LdWtj7VReltZrxBHGx+IYvXe3mCw3ZOH9kj8bsAP99x09Hq7gM+DvSoIyo/Ir015KfIrprD2mOab5Yg32N1xfumtr1+Zm9jYsOl0HCxyvgaAYQmYk/bhqAiL8i3NRSfnGyg+cA3dVTfyWsBuLia+CcOnDufjvGQEsTjDHIyGSeGB0Q3UDXylxzPWS7N2HoZH7+0KoT9RhtdobK8Rm2La3JDiXbWemaGqvri0oUIO7E+k/DV7zcPATHKZYwqz0iQRDVO6/q5ODmwQXNwsSlWiHTUPa5bdLmGGiX/ThlNxDykVZleOYgX1VWl4GqdSFNBo2IlSRE9RRhyJ9xASc5g48ZFGZAIRyLoAPNlzZXydhSb6bpbWqn1Jt0y+hTTX1SfAoL0x5x1r8f6r7Qm28nwOMEeP7Cyj/Nh7re5QNGFXbI/9TjdTx8SVhOeeeYXDn1Xw56L+5SslJy/pUxKAuTb/hr4SGgsUZzLLuBBGCCT3CjxO2HRb2x07uxLbNjMS0ZU2obZkmhP2VUPBtSp7h+9N1rpSEOwQ03c5LDUSbIOwT5KFaVPIQeomc+1fapo2p2FeX7u6eaiAKt1AYRJQR7//IbQtUD49ELNkr5K+XTzKrzPHivXybGJlZkIKQp0Lmxu1bLtaJ0RIxWUDLBrhNS5+x+tKCSftQ8HOXujvRpFZgUzlcSdAwHgsAY4A33dQJjCQbLbRZ6wjCgjMy5fHCpzrebCg+ozD8qXjXqhRcs+LY/twFZdsoQ0JCY0cp66QYdnerSCRs0hBkdk9+mvT/3PEG+nZTdZudLNMPOGXsxiLV3tRQ0z6K+d/JvYM6+0rx8mSfkx8ezgbHdJxFc66TcuJRYXC2E7is8Ri+hfW3RznPlVYW6cqtAet1u5ARWqSYuH/ZLm8boTUbgYs9onkTgF27fJcUBoD5IlB9H0wCblwMQVOZb7RaaR/36Zpm1VCl/afDCuuJ2OFQ2b7ux6nS+MjKC8iIe3kEFwBVjQA8bYR8XgwmoiTyv4Kmuhsbq9DSC+M5DOVBUv2MewXITw2i5lmaGtsjm0TT/7EeCu8n7O+TUgP/0VYbyaEa90X6WJhnSSC9VbcFtHnubBrrqhQNmj0gid4hLpfrzVybf0y0qM238aD/7dled+g1NMReRwdTe/gyvwQCUAUiv1OyLCrHTRJ8qa37exlhU8Q/NwnZ9pgL20EEN6
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
X-OriginatorOrg: orange.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU2PR02MB10160.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8b44b29d-130f-4dca-21ae-08dbb36db47d
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Sep 2023 08:53:16.3925 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 90c7a20a-f34b-40bf-bc48-b9253b6f5d20
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4rHzG7f4hyHnwsu1OxhVR0qztp23BiNKLvcG9xi17nOOJmtrrh+vVY1SjaGSkftIeGWz3YESqC4QvflyA7HpqiTnwylJo2/L+FqdFc64f1M=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR02MB6049
X-TM-AS-ERS: 10.106.160.160-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-TMASE-Version: DDEI-5.1-9.0.1002-27870.006
X-TMASE-Result: 10--36.527200-10.000000
X-TMASE-MatchedRID: fSYce/2kgDx+uXouWP+0EYkYvhtXX+Z1fXOujraqF0L9zML+ydOw1wj6 fPBJ8V4YlOts73NQ5aOL+skqd2bd71Tdr6jAw79qSSQ7jOqms04Zca7SN08UZBwum9qeXFea3va 2ce93UiLM5EvGrGucngn7arGh7hdRfHgtqVa9cG/kjmTBn4CxZEEOfoWOrvuOStGAgmKqWuUVde whX2WAAQIBLKxWlKspmBrweN6a9GxaX+ynLxotZIHcC7KYYAdEnDMS6U2Jkuo2ugGkJu34Zq0GJ L2EV5pMq+Y49dGqjtFE+Pe5CSdVUeyJIIx+Y/tYWqBRUQClryaXfrypKnpvnkrh/hn4JkBnsHEo eZMrWPlfPChVhdu3Ppkt39icG/gy9QtrY126k6qDXK9TeM3yp7IxZweUR0NfwT0v3Gl09yhdSvv tjebQLYNG5puei0Ok/uCtAUhVXGGNTvshb22jejW3jZosiolGlUgQqGVMqmyn1elZcAZlNMiCh8 yBqE+tGSEKEg7q+DyshxEKFc6ZQfFNNy48ZgsSLMWHy9BwpWvZJrfdkZdZ1q88H8Y4FXgtJs1nm lVDLIiBN6X5O13TcVBHleFNaNBvR5JcuwGOSQUJOnewXha7HzXKFtsDtZ7TM9EkAUzyluFLpCLN 4NR43r6Y1Yhte3PBrM8FLAkLmXlHe+diFs6FeUrDoZQepPslY3lXn11HdtTx9yuqcJccUWUQyOF TDnmJvLnMD6cHrQWbYrq+939KfQPTzuDguI28JDLsemhp+qyi9o8AzjRI4ZzipwKe4Je1ppiSoo S1QHgq++Och6RPSLGPvJ0fdHc72x0pgWk4NOQj5/iH9rzNmZ4CIKY/Hg3A8gGd4jv8zaP9a7Q38 w1tP7Yh47+6UnDRuJhoZaSpA55p7Kxueu/Diq0hbOeGOMG1+gtHj7OwNO2FR9Hau8GO7qfDnZdV cKQklExlQIQeRG0=
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
X-TMASE-INERTIA: 0-0;;;;
X-TMASE-XGENCLOUD: 267f7337-e313-43c4-af72-e90671bdfc03-0-0-200-0
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/f3coenNOSF7DJWGv34ha6sefTRk>
Subject: Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-ipsecme-add-ike-14> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Sep 2023 08:53:36 -0000

Dear RFC Editor, 

Please see inline. 

I let my co-authors further comment as appropriate. 

Cheers,
Med

> -----Message d'origine-----
> De : rfc-editor@rfc-editor.org <rfc-editor@rfc-editor.org>
> Envoyé : samedi 9 septembre 2023 05:00
> À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>;
> kondtir@gmail.com; dwing-ietf@fuggles.com; svan@elvis.ru
> Cc : rfc-editor@rfc-editor.org; ipsecme-ads@ietf.org; ipsecme-
> chairs@ietf.org; kivinen@iki.fi; rdd@cert.org; auth48archive@rfc-
> editor.org
> Objet : Re: AUTH48: RFC-to-be 9464 <draft-ietf-ipsecme-add-ike-14>
> for your review
> 
> Authors,
> 
> While reviewing this document during AUTH48, please resolve (as
> necessary) the following questions, which are also in the XML
> file.
> 
> 1) <!-- [rfced] Section 2:  We had trouble following this
> paragraph; "but could be located outside of it" followed by "the
> latter option becomes plausible" is a bit confusing.  If the
> suggested text doesn't adequately clarify things, would you like
> to provide alternative text that does?
> 
> Original:
>  For many years, typical designs have often considered that the
> DNS  resolver was usually located inside the protected domain, but
> could  be located outside of it.  With encrypted DNS, the latter
> option  becomes plausible.  Note that existing VPN client
> implementations  might not expect that the discovered DNS resolver
> IP addresses to be  outside of the covered IP address ranges of
> the VPN tunnel.
> 
> Suggested:
>  For many years, typical designs have often assumed that the DNS
> resolver was usually located inside the protected domain, but they
> don't consider implementations where the DNS resolver could be
> located outside of it.  With encrypted DNS, managing the latter
> scenario becomes plausible.  Note that existing VPN client
> implementations might not expect the discovered DNS resolver IP
> addresses to be outside of the covered IP address ranges of the
> VPN  tunnel. -->
> 

[Med] OK with "s/managing/implementing" or "s/managing/deploying".

> 
> 2) <!-- [rfced] Section 3.1:  Please clarify the meaning of "to
> configure ... to an initiator".
> 
> Original:
>  The ENCDNS_IP* IKEv2 Configuration Payload Attribute Types,
>  ENCDNS_IP4 and ENCDNS_IP6, are used to configure encrypted DNS
> resolvers to an initiator. -->
> 

[Med] What about?

NEW:
   The ENCDNS_IP* IKEv2 Configuration Payload Attribute Types,
   ENCDNS_IP4 and ENCDNS_IP6, are used to configure an initiator
   with encrypted DNS resolvers.

> 
> 3) <!-- [rfced] Please review each artwork element.  Should any of
> them be tagged as sourcecode?  If the current list of preferred
> values for "type"
> (https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fwww.rfc-editor.org%2Fmaterials%2Fsourcecode-
> types.txt&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0de
> e85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C
> 0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDA
> iLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sd
> ata=owrKC%2BaVwCKIaYUrlgQ%2FjOWPPgMyIDNDCh9P6A3ynOI%3D&reserved=0)
> does not contain an applicable type, please let us know.  Also, it
> is acceptable to leave the "type" attribute not set. -->
> 

[Med] We can leave this not set.

> 
> 4) <!-- [rfced] Figure 1:  We corrected the field-name mismatch
> per
> "IP Address(es) (variable) - Includes one or more IP addresses" as
> listed in the descriptions below.  Please let us know any
> objections.
> 
> Original:
>  ~                         IP Addresses                          ~
> 
> Currently:
>  ~                        IP Address(es)                         ~
> -->
> 

[Med] OK.

> 
> 5) <!-- [rfced] Section 3.1:  The use of "attribute" versus
> "attributes"
> was confusing here.  We updated the figure title and the next
> sentence as follows.  If this is incorrect, please provide a clear
> figure title and following text.
> 
> Original:
>                       Figure 1: Attributes Format
> 
>  The description of the fields of the attribute shown in Figure 1
> is
>  as follows:
> 
> Currently:
>      Figure 1: Format of ENCDNS_IP4 and ENCDNS_IP6 Attribute Types
> 
>  The descriptions of the fields shown in Figure 1 are as follows:
> -->

[Med] I suggest to update as follows: 

NEW:
      Figure 1: Format of ENCDNS_IP4 and ENCDNS_IP6 Configuration Attributes

> 
> 
> 6) <!-- [rfced] Sections 3.1 and 3.2:  Should these three
> instances of
> "Configuration Attribute Type" be "Configuration Payload Attribute
> Type"?

[Med] We can maintain the original text as that is aligned with the usage in https://datatracker.ietf.org/doc/html/rfc7296#section-3.15.1.

> 
> Original:
>  *  Attribute Type (15 bits) - Identifier for Configuration
> Attribute
>     Type.  This is set to TBA1 for ENCDNS_IP4 or TBA2 for
> ENCDNS_IP6,
>     as registered in Section 8.
> ...
>  *  Attribute Type (15 bits) - Identifier for Configuration
> Attribute
>     Type; is set to TBA3 value listed in Section 8.
> ...
>  *  Attribute Type (15 bits) - Identifier for Configuration
> Attribute
>     Type; is set to TBA3 value listed in Section 8. -->
> 
> 
> 7) <!-- [rfced] Section 3.1:  It looks odd to have 'Length of the
> ADN'
> but no quotes around Length of SvcParams.  May we update as
> suggested?
> 
> Original:
>  -  (4 + 'Length of the ADN' + N * 4 + Length of SvcParams) for
> ...
>  -  (4 + 'Length of the ADN' + N * 16 + Length of SvcParams) for
> 
> Suggested:
>  *  (4 + 'Length of the ADN' + N * 4 + 'Length of SvcParams') for
> ...
>  *  (4 + 'Length of the ADN' + N * 16 + 'Length of SvcParams') for
> -->
> 

[Med] The suggested text is OK.

> 
> 8) <!-- [rfced] Figure 2:  We found it confusing that the
> description
> for the "Certificate Digest" field only appears after Figure 4.
> Will readers readily find the field description, or should some
> clarifying text be added?
> 

[Med] I don't think a change is needed here.

> Original:
>  Some of the fields shown in Figure 2 can be omitted as further
>  detailed below.
> 
> Possibly:
>  Some of the fields shown in Figure 2 can be omitted, as further
>  detailed below.  Descriptions for the "Authentication Domain
> Name"
>  and "Certificate Digest" fields are provided below Figure 4. -->
> 
> 
> 9) <!-- [rfced] Section 4:  Per Section 6.2 of RFC 8310 ("Section
> 8
> discusses these mechanisms ..."), should "the mechanism" be "the
> mechanisms" here, or should one mechanism in particular from
> Section 8 of RFC 8310 be cited here?
> 

[Med] OK to update to "mechanisms".

> Original:
>  The DNS client establishes an encrypted DNS session (e.g., DoT,
> DoH,
>  DoQ) with the address(es) conveyed in ENCDNS_IP* and uses the
>  mechanism discussed in Section 8 of [RFC8310] to authenticate the
> DNS
>  resolver certificate using the authentication domain name
> conveyed in
>  ENCDNS_IP*. -->
> 
> 
> 10) <!-- [rfced] Section 4:  Please confirm that "PKIX-EE(1) with
> selector SPKI(1)" is correct.  We could only find "DANE-EE(3) and
> selector SPKI(1)" and "DANE-EE(3) with selector SPKI(1)" in RFC
> 7671.
> 

[Med] Yes, please see 5.3 of RFC7671.

> Original:
>  This approach is
>  similar to certificate usage PKIX-EE(1) with selector SPKI(1)
> defined
>  in [RFC7671] but without PKIX validation. -->
> 
> 
> 11) <!-- [rfced] Section 4:  The first sentence in the "Note:"
> paragraph
> did not parse.  We updated it as noted below.  Please let us know
> any objections.
> 
> Also, please review whether the "Note:" paragraph should be in the
> <aside> element.  It is defined as "a container for content that
> is
> semantically less important or tangential to the content that
> surrounds it"
> (https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fauthors.ietf.org%2Fen%2Frfcxml-
> vocabulary%23aside&data=05%7C01%7Cmohamed.boucadair%40orange.com%7
> Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d
> 20%7C0%7C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC
> 4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C
> %7C%7C&sdata=I7PImckstjLTTo5K5l1VC8TFPxvqIThfb2C%2BxZ2gDTE%3D&rese
> rved=0).
> 

[Med] The use of <aside> element is not justified here. Please maintain the original format. 

> Original:
>  Note: [RFC8598] requires INTERNAL_IP6_DNS (or INTERNAL_IP4_DNS)
>  attribute to be mandatory present when INTERNAL_DNS_DOMAIN is
>  included.  This specification relaxes that constraint in the
>  presence of ENCDNS_IP* attributes.  That is, if ENCDNS_IP*
>  attributes are supplied, it is allowed for responders to include
>  INTERNAL_DNS_DOMAIN even in the absence of INTERNAL_IP6_DNS (or
>  INTERNAL_IP4_DNS) attributes.
> 
> Currently:
>  Note: [RFC8598] requires that the INTERNAL_IP6_DNS (or
>  INTERNAL_IP4_DNS) attribute be present when INTERNAL_DNS_DOMAIN
> is
>  included.  This specification relaxes that constraint in the
>  presence of ENCDNS_IP* attributes.  That is, if ENCDNS_IP*
>  attributes are supplied, responders are allowed to include
>  INTERNAL_DNS_DOMAIN even in the absence of INTERNAL_IP6_DNS (or
>  INTERNAL_IP4_DNS) attributes. -->
> 

[Med] The suggested text looks good to me. 

> 
> 12) <!-- [rfced] Section 5:  We do not see SHA2-256 mentioned in
> RFC 6234.  Will this citation be clear to readers?
> 
> Original:
>  Implementations MUST support SHA2-256 [RFC6234]. -->
> 

[Med] Yes. As we are relying on the IANA registry (https://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#hash-algorithms), we are using the label that used in that registry + authoritative spec with the hash algo. No change is needed here.  

> 
> 13) <!-- [rfced] Section 6:  Please clarify the meaning of "does
> not
> alter the trust on" in this sentence.  Are some words missing?
> 
> Original:
>  This document adheres to the security considerations defined in
>  [RFC7296].  In particular, this document does not alter the trust
> on
>  the DNS configuration provided by a responder. -->
> 

[Med] What about: 

NEW:
   In particular, this document does not alter the trust that the initiator
   have on the DNS configuration provided by a responder.

> 
> 14) <!-- [rfced] Section 6:  We had trouble parsing this sentence.
> Please clarify "returned ENCDNS_IP* resolvers configuration" and
> to what "it" refers (the responder or the initiator?).
> 

[Med] the initiator. 

> Original:
>  If the IKEv2 responder has used NULL Authentication method
> [RFC7619]
>  to authenticate itself, the initiator MUST NOT use returned
>  ENCDNS_IP* resolvers configuration unless it is pre-configured,
> e.g.,
>  in the operating system or the application. -->
> 
> 
> 15) <!-- [rfced] Regarding the references to IANA subregistries,
> we note
> that [IANA-IKE-HASH] is normative, whereas [IANA-IKE-CFG] is
> informative.
> Would you like these both to be one or the other?
> 

[Med] The current classification is correct. We had this comment during the publication process. IANA-IKE-HASH is normative as this is key for interoperability. 

> For background:
> "Normative references specify documents that must be read to
> understand
> or implement the technology in the new RFC, or whose technology
> must be
> present for the technology in the new RFC to work. An informative
> reference is not normative; rather, it only provides additional
> information."
> from
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fnormative-
> informative-
> references%2F&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1
> f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C
> 0%7C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7
> C&sdata=ey5hl4Xv5MyTVuxIXlWrbMmiVEkAbgrhCZL5D9vH6ys%3D&reserved=0)
> 
>    [IANA-IKE-HASH]
>               IANA, "IKEv2 Hash Algorithms",
> 
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fwww.iana.org%2Fassignments%2Fikev2-
> parameters%2F&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1
> f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C
> 0%7C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7
> C&sdata=ARTDuz1COFOC%2FBCc24fCN%2FXoihzfU0PBlxSKXdd6QiM%3D&reserve
> d=0>.
> 
>    [IANA-IKE-CFG]
>               IANA, "IKEv2 Configuration Payload Attribute Types",
> 
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fwww.iana.org%2Fassignments%2Fikev2-
> parameters%2F&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1
> f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C
> 0%7C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7
> C&sdata=ARTDuz1COFOC%2FBCc24fCN%2FXoihzfU0PBlxSKXdd6QiM%3D&reserve
> d=0>.
> -->
> 
> 
> 16) <!-- [rfced] Appendix A.1:  Please clarify the meaning of
> "There is
> no ambiguity to" in this sentence.
> 
> Original:
>  There is no ambiguity to identify the
>  encrypted resolver associated with the supplied digest.
> 
> Possibly:
>  Identifying the encrypted resolver associated with the supplied
>  digest is therefore unambiguous. -->
> 

[Med] The proposed wording is better. Thanks.

> 
> 17) <!-- [rfced] Please review the "Inclusive Language" portion of
> the
> online Style Guide at
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fwww.rfc-
> editor.org%2Fstyleguide%2Fpart2%2F%23inclusive_language&data=05%7C
> 01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0
> e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C6382982523066895
> 79%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJ
> BTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=MzcH%2F6iSwrVdkU
> hLib6XWKcOo7aJn11FBbYieLo8oLg%3D&reserved=0>,
> and let us know if any changes are needed.
> 
> Note that our script did not flag any words in particular, but
> this
> should still be reviewed as a best practice. -->
> 

[Med] I don't have any comment here. 

> 
> 18) <!-- [rfced] Please let us know if any changes are needed for
> the
> following:
> 
> a) The following terms were used inconsistently in this document.
> We chose to use the latter forms.  Please let us know any
> objections.
> 
>  configuration payload attribute (in text; 1 instance) /
>    Configuration Payload Attribute (in text; 3 instances)
> 

[Med] We can use "Configuration Payload Attribute"

>  Num addresses / Num Addresses (field name)
> 

[Med] We can use "Num Addresses"

> b) The following terms/expressions appear to be used
> inconsistently in this document.  Please let us know which form is
> preferred.
> 
>  hash algorithm identifiers / 'Hash Algorithm Identifiers' /
>    Hash Algorithm Identifiers
>    For example:
>      included hash algorithm identifiers
>      included 'Hash Algorithm Identifiers'
>      the Hash Algorithm Identifier
>      the hash algorithm identifiers
> 

[Med] We can use 'Hash Algorithm Identifiers' only when referring to the field name and hash algorithm identifiers in the description text.

>  set to zero / set to 0 / set to '0'

[Med] Please note that both "set to zero" and "set to 0" are used in rfc7296. We can change "set to '0'" to "set to 0".

> 
>  the ENCDNS_IP* Configuration Payload Attribute /
>    the ENCDNS_IP* Configuration Payload Attribute(s) /
>    the ENCDNS_IP* Configuration Payload Attributes
> 

[Med] "ENCDNS_IP* Configuration Payload Attributes" is used to refer to both IPv4/IPv6 attributes. The singular form is better when describing the field. I suggest to make these changes in Section 3.1:

OLD: in the ENCDNS_IP* Configuration Payload Attribute(s).
NEW: in the ENCDNS_IP* Configuration Payload Attribute.

OLD: multiple ADNs are included in the ENCDNS_IP* Configuration Payload Attributes.
NEW: multiple ADNs are included in the ENCDNS_IP* Configuration Payload Attribute.

> c) Please note that, per elsewhere in this document and per the
> rest
> of this cluster of documents
> (https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fwww.rfc-
> editor.org%2Fcluster_info.php%3Fcid%3DC461&data=05%7C01%7Cmohamed.
> boucadair%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a2
> 0af34b40bfbc48b9253b6f5d20%7C0%7C0%7C638298252306689579%7CUnknown%
> 7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwi
> LCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=kgB%2BVVVsL5u0%2F7ewYwO%2FHks
> JsKFXUGsczfCrlaNEyCk%3D&reserved=0), we changed
> the single-quoted field names to double-quoted.  Please let us
> know
> any concerns. -->
> 
> 
> Thank you.
> 
> RFC Editor/lb/ar
> 
> 
> On Sep 8, 2023, rfc-editor@rfc-editor.org wrote:
> 
> *****IMPORTANT*****
> 
> Updated 2023/09/08
> 
> RFC Author(s):
> --------------
> 
> Instructions for Completing AUTH48
> 
> Your document has now entered AUTH48.  Once it has been reviewed
> and
> approved by you and all coauthors, it will be published as an RFC.
> If an author is no longer available, there are several remedies
> available as listed in the FAQ
> (https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fwww.rfc-
> editor.org%2Ffaq%2F&data=05%7C01%7Cmohamed.boucadair%40orange.com%
> 7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5
> d20%7C0%7C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiM
> C4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7
> C%7C%7C&sdata=AVmnlP7tXmIfvKcCbcKWP02MVqeSPbtjVM%2FX%2Ba5oJmE%3D&r
> eserved=0).
> 
> You and you coauthors are responsible for engaging other parties
> (e.g., Contributors or Working Group) as necessary before
> providing
> your approval.
> 
> Planning your review
> ---------------------
> 
> Please review the following aspects of your document:
> 
> *  RFC Editor questions
> 
>   Please review and resolve any questions raised by the RFC Editor
>   that have been included in the XML file as comments marked as
>   follows:
> 
>   <!-- [rfced] ... -->
> 
>   These questions will also be sent in a subsequent email.
> 
> *  Changes submitted by coauthors
> 
>   Please ensure that you review any changes submitted by your
>   coauthors.  We assume that if you do not speak up that you
>   agree to changes submitted by your coauthors.
> 
> *  Content
> 
>   Please review the full content of the document, as this cannot
>   change once the RFC is published.  Please pay particular
> attention to:
>   - IANA considerations updates (if applicable)
>   - contact information
>   - references
> 
> *  Copyright notices and legends
> 
>   Please review the copyright notice and legends as defined in
>   RFC 5378 and the Trust Legal Provisions
>   (TLP -
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> trustee.ietf.org%2Flicense-
> info%2F&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0dee8
> 5244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%
> 7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiL
> CJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdat
> a=CLVTn9%2FahmzPfRa7wbrqZX3hdy3XyTokVZR5mG5Y7m0%3D&reserved=0).
> 
> *  Semantic markup
> 
>   Please review the markup in the XML file to ensure that elements
> of
>   content are correctly tagged.  For example, ensure that
> <sourcecode>
>   and <artwork> are set correctly.  See details at
> 
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
> Fauthors.ietf.org%2Frfcxml-
> vocabulary&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0d
> ee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7
> C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMD
> AiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&s
> data=z%2BMn8kpajc5kiHpa3ysWH7kTeAhugXRE2m616iMNdrY%3D&reserved=0>.
> 
> *  Formatted output
> 
>   Please review the PDF, HTML, and TXT files to ensure that the
>   formatted output, as generated from the markup in the XML file,
> is
>   reasonable.  Please note that the TXT will have formatting
>   limitations compared to the PDF and HTML.
> 
> 
> Submitting changes
> ------------------
> 
> To submit changes, please reply to this email using 'REPLY ALL' as
> all
> the parties CCed on this message need to see your changes. The
> parties
> include:
> 
>   *  your coauthors
> 
>   *  rfc-editor@rfc-editor.org (the RPC team)
> 
>   *  other document participants, depending on the stream (e.g.,
>      IETF Stream participants are your working group chairs, the
>      responsible ADs, and the document shepherd).
> 
>   *  auth48archive@rfc-editor.org, which is a new archival mailing
> list
>      to preserve AUTH48 conversations; it is not an active
> discussion
>      list:
> 
>     *  More info:
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> mailarchive.ietf.org%2Farch%2Fmsg%2Fietf-announce%2Fyb6lpIGh-
> 4Q9l2USxIAe6P8O4Zc&data=05%7C01%7Cmohamed.boucadair%40orange.com%7
> Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d
> 20%7C0%7C0%7C638298252306689579%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC
> 4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C
> %7C%7C&sdata=%2Fs6iQAXfBoXAipisgn1aB2Op8OzZo9Om3v18pCvMzRQ%3D&rese
> rved=0
> 
>     *  The archive itself:
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> mailarchive.ietf.org%2Farch%2Fbrowse%2Fauth48archive%2F&data=05%7C
> 01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0
> e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C6382982523066895
> 79%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJ
> BTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=9N2d3iC33AbY5pVU
> %2FPJkD%2BFQDDBExuhHf9i1axXSM%2Bc%3D&reserved=0
> 
>     *  Note: If only absolutely necessary, you may temporarily opt
> out
>        of the archiving of messages (e.g., to discuss a sensitive
> matter).
>        If needed, please add a note at the top of the message that
> you
>        have dropped the address. When the discussion is concluded,
>        auth48archive@rfc-editor.org will be re-added to the CC
> list and
>        its addition will be noted at the top of the message.
> 
> You may submit your changes in one of two ways:
> 
> An update to the provided XML file
> - OR -
> An explicit list of changes in this format
> 
> Section # (or indicate Global)
> 
> OLD:
> old text
> 
> NEW:
> new text
> 
> You do not need to reply with both an updated XML file and an
> explicit
> list of changes, as either form is sufficient.
> 
> We will ask a stream manager to review and approve any changes
> that seem
> beyond editorial in nature, e.g., addition of new text, deletion
> of text,
> and technical changes.  Information about stream managers can be
> found in
> the FAQ.  Editorial changes do not require approval from a stream
> manager.
> 
> 
> Approving for publication
> --------------------------
> 
> To approve your RFC for publication, please reply to this email
> stating
> that you approve this RFC for publication.  Please use 'REPLY
> ALL',
> as all the parties CCed on this message need to see your approval.
> 
> 
> Files
> -----
> 
> The files are available here:
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-
> editor.org%2Fauthors%2Frfc9464.xml&data=05%7C01%7Cmohamed.boucadai
> r%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40
> bfbc48b9253b6f5d20%7C0%7C0%7C638298252306689579%7CUnknown%7CTWFpbG
> Zsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6
> Mn0%3D%7C3000%7C%7C%7C&sdata=JGFmMJGNpWQgBX73UkQlpkX3iZM80t0z2EOvv
> Szk6xc%3D&reserved=0
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-
> editor.org%2Fauthors%2Frfc9464.html&data=05%7C01%7Cmohamed.boucada
> ir%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b4
> 0bfbc48b9253b6f5d20%7C0%7C0%7C638298252306846778%7CUnknown%7CTWFpb
> GZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI
> 6Mn0%3D%7C3000%7C%7C%7C&sdata=JyumPy2ZshtNSIunfh19bKsl9t29rMU%2BrI
> VR30mTfWE%3D&reserved=0
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-
> editor.org%2Fauthors%2Frfc9464.pdf&data=05%7C01%7Cmohamed.boucadai
> r%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40
> bfbc48b9253b6f5d20%7C0%7C0%7C638298252306846778%7CUnknown%7CTWFpbG
> Zsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6
> Mn0%3D%7C3000%7C%7C%7C&sdata=l1ehzpcaHu4X96xfBRIDWFyYKjXE7NCBwPsEk
> zdZ8C0%3D&reserved=0
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-
> editor.org%2Fauthors%2Frfc9464.txt&data=05%7C01%7Cmohamed.boucadai
> r%40orange.com%7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40
> bfbc48b9253b6f5d20%7C0%7C0%7C638298252306846778%7CUnknown%7CTWFpbG
> Zsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6
> Mn0%3D%7C3000%7C%7C%7C&sdata=a8%2F3eUZlwam9Tif2qeGNgp2aZWRl8l6026u
> J5ID0cyg%3D&reserved=0
> 
> Diff file of the text:
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-editor.org%2Fauthors%2Frfc9464-
> diff.html&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0de
> e85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C
> 0%7C638298252306846778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDA
> iLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sd
> ata=MiclK0p0x%2FwWwjK6hdOs5aRRBV6AfmvzSH1hZA1pxO0%3D&reserved=0
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-editor.org%2Fauthors%2Frfc9464-
> rfcdiff.html&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1f
> 0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0
> %7C0%7C638298252306846778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAw
> MDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C
> &sdata=U6xedH0t5w2ciI7Uc2Jg3jYw0C%2BCKXIJwS%2Fy8mGqCG0%3D&reserved
> =0 (side by side)
> 
> Diff of the XML:
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-editor.org%2Fauthors%2Frfc9464-
> xmldiff1.html&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1
> f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C
> 0%7C0%7C638298252306846778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7
> C&sdata=BMT9%2BLuSD5RDu9QFtfvDmaiKeQt7DG7QUBJJhH1SjGE%3D&reserved=
> 0
> 
> This diff file compares an altered original and the RFC
> (in order to make the changes in moved text viewable):
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-editor.org%2Fauthors%2Frfc9464-alt-
> diff.html&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb2a1f0de
> e85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C
> 0%7C638298252306846778%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDA
> iLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sd
> ata=jFixXSJXkUar7rD9uvhkGXCcdPOLLWIztsXE3slNgmE%3D&reserved=0
> 
> Tracking progress
> -----------------
> 
> The details of the AUTH48 status of your document are here:
> 
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> www.rfc-
> editor.org%2Fauth48%2Frfc9464&data=05%7C01%7Cmohamed.boucadair%40o
> range.com%7Cb2a1f0dee85244493d1908dbb0e0e24c%7C90c7a20af34b40bfbc4
> 8b9253b6f5d20%7C0%7C0%7C638298252306846778%7CUnknown%7CTWFpbGZsb3d
> 8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3
> D%7C3000%7C%7C%7C&sdata=9pKsy6EOrWJesRXiI%2F2%2BjSeLkQBPV18FvKScRJ
> 97Oag%3D&reserved=0
> 
> Please let us know if you have any questions.
> 
> Thank you for your cooperation,
> 
> RFC Editor
> 
> --------------------------------------
> RFC9464 (draft-ietf-ipsecme-add-ike-14)
> 
> Title            : Internet Key Exchange Protocol Version 2
> (IKEv2) Configuration for Encrypted DNS
> Author(s)        : M. Boucadair, T. Reddy.K, D. Wing, V. Smyslov
> WG Chair(s)      : Yoav Nir, Tero Kivinen
> Area Director(s) : Roman Danyliw, Paul Wouters
____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

[auth48] AUTH48: RFC-to-be 9464 <draft-ietf-ipsec… rfc-editor
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… rfc-editor
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Valery Smyslov
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… tirumal reddy
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Valery Smyslov
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Dan Wing
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Roman Danyliw
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… mohamed.boucadair
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew
Re: [auth48] AUTH48: RFC-to-be 9464 <draft-ietf-i… Lynne Bartholomew