Re: [Gen-art] Genart last call review of draft-ietf-ipsecme-rfc8229bis-06
Valery Smyslov <svan@elvis.ru> Wed, 01 June 2022 08:33 UTC
Return-Path: <svan@elvis.ru>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 092C1C13CDE6; Wed, 1 Jun 2022 01:33:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=elvis.ru
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w7CDbTHOeJF4; Wed, 1 Jun 2022 01:33:28 -0700 (PDT)
Received: from akmail.elvis.ru (akmail.elvis.ru [82.138.51.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91F7EC15AAE4; Wed, 1 Jun 2022 01:33:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=elvis.ru; s=mail; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID: Date:Subject:In-Reply-To:References:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=LpQf6Dx5pTkq2WXwmIOjTULtr5XoEEjH7RUueHg4GM4=; b=gjtQu5zpqFW/VtQMUhK+u9jmK/ lIwfbjd4L+Ox25WAYAZg6Qcaz+p32JlJzlCusC0UtqdtnrbF/9u2Ie5ms8TflX46518Pdixig4Utf nuPbglIkIa8dV7NDWT5lV3UpkuqPKMSXI3umTZ3BcqjxKrMUKmEr/vJNNcEX4IStAHik=;
Received: from kmail.elvis.ru ([93.188.44.208]) by akmail.elvis.ru with esmtp (Exim 4.92) (envelope-from <svan@elvis.ru>) id 1nwJn8-0007YB-Il; Wed, 01 Jun 2022 11:33:22 +0300
Received: from mail16.office.elvis.ru ([10.111.1.29] helo=mail.office.elvis.ru) by kmail.elvis.ru with esmtp (Exim 4.92) (envelope-from <svan@elvis.ru>) id 1nwJn8-0003oh-Bh; Wed, 01 Jun 2022 11:33:22 +0300
Received: from MAIL16.office.elvis.ru (10.111.1.29) by MAIL16.office.elvis.ru (10.111.1.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1779.2; Wed, 1 Jun 2022 11:33:22 +0300
Received: from buildpc (10.111.10.33) by MAIL16.office.elvis.ru (10.111.1.29) with Microsoft SMTP Server id 15.1.1779.2 via Frontend Transport; Wed, 1 Jun 2022 11:33:22 +0300
From: Valery Smyslov <svan@elvis.ru>
To: 'Reese Enghardt' <ietf@tenghardt.net>, gen-art@ietf.org
CC: draft-ietf-ipsecme-rfc8229bis.all@ietf.org, ipsec@ietf.org, last-call@ietf.org
References: <165402123047.5824.8550810378286288506@ietfa.amsl.com>
In-Reply-To: <165402123047.5824.8550810378286288506@ietfa.amsl.com>
Date: Wed, 01 Jun 2022 11:33:24 +0300
Message-ID: <0aea01d87592$420860f0$c61922d0$@elvis.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Content-Language: ru
Thread-Index: AQJsms8IcIzfv/uCTf0psebJnkIp5KwR4r3Q
X-CrossPremisesHeadersFilteredBySendConnector: MAIL16.office.elvis.ru
X-OrganizationHeadersPreserved: MAIL16.office.elvis.ru
X-KLMS-AntiSpam-Interceptor-Info: not scanned
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Status: not scanned, disabled by settings
X-KLMS-AntiPhishing: Clean, bases: 2022/06/01 07:58:00
X-KLMS-AntiVirus: Kaspersky Security for Linux Mail Server, version 8.0.3.30, bases: 2022/06/01 01:56:00 #19634024
X-KLMS-AntiVirus-Status: Clean, skipped
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/OwRgWNiZu6XRqEuOCUds8Wg_G7E>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-ipsecme-rfc8229bis-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2022 08:33:33 -0000
Hi Reese, thank you for your review! Please find my comments below. > -----Original Message----- > From: Reese Enghardt via Datatracker [mailto:noreply@ietf.org] > Sent: Tuesday, May 31, 2022 9:21 PM > To: gen-art@ietf.org > Cc: draft-ietf-ipsecme-rfc8229bis.all@ietf.org; ipsec@ietf.org; last-call@ietf.org > Subject: Genart last call review of draft-ietf-ipsecme-rfc8229bis-06 > > Reviewer: Reese Enghardt > Review result: Ready with Nits > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-ipsecme-rfc8229bis-06 > Reviewer: Reese Enghardt > Review Date: 2022-05-31 > IETF LC End Date: 2022-05-31 > IESG Telechat date: Not scheduled for a telechat > > Summary: This document is well-written, clear, and concise. It is basically > ready for publication, though I found a few nits, which could be fixed to make > it even easier to read. > > Major issues: None. > > Minor issues: > > Section 4: > > "The maximum message length is used as the effective MTU for connections that > are being encrypted using ESP, so the maximum message length will influence > characteristics of inner connections, such as the TCP Maximum Segment Size > (MSS)." > > Here, it may be worth defining "inner connection" to make this paragraph easier > to understand - the "inner connection" is currently explained only later in > Section 10.1. How about: The maximum message length is used as the effective MTU for connections that are being encrypted using ESP, so the maximum message length will influence characteristics of these connections, such as the TCP Maximum Segment Size (MSS). > Section 9: > > "TCP encapsulation of IKE should therefore use standard TCP behaviors to avoid > being dropped by middleboxes." I understand the use of "standard TCP" in a > colloquial sense, e.g., not using any TCP extensions which might be blocked by > middleboxes, even if the extensions are standardized in an RFC. Still, I wonder > if a different phrasing here would be clearer. Definitely, the "standard TCP behaviors" here does not mean that TCP extensions should not be used. How about the following text: TCP encapsulation of IKE should therefore use common TCP behaviors to avoid being dropped by middleboxes. > Nits/editorial comments: > > "There is a trade-off in choosing the period of time after which TCP connection > is closed" -> "the TCP connection is closed" Fixed. > "With TCP encapsulation this is generally not possible, because TCP/IP stack > manages DF bit in the outer IP header" -> "the TCP/IP stack" Fixed. > "The frequency of sending such messages should be high enough to allow quick > detection and restoring of broken TCP connection." -> "connections" Fixed. Thank you! Regards, Valery.
- [Gen-art] Genart last call review of draft-ietf-i… Reese Enghardt via Datatracker
- Re: [Gen-art] Genart last call review of draft-ie… Valery Smyslov