[IPsec] Barry Leiba's Discuss on draft-ietf-ipsecme-ikev2-null-auth-06: (with DISCUSS and COMMENT)
"Barry Leiba" <barryleiba@computer.org> Thu, 21 May 2015 18:35 UTC
Return-Path: <barryleiba@computer.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F65B1A1EF5; Thu, 21 May 2015 11:35:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yKYkmkZ_gAVq; Thu, 21 May 2015 11:35:27 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id DD47B1A1BFE; Thu, 21 May 2015 11:35:27 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Barry Leiba <barryleiba@computer.org>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150521183527.2369.7540.idtracker@ietfa.amsl.com>
Date: Thu, 21 May 2015 11:35:27 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/67x6YcXaZL4Pj1zTdssU69hV87w>
Cc: ipsecme-chairs@ietf.org, paul.hoffman@vpnc.org, ipsec@ietf.org, draft-ietf-ipsecme-ikev2-null-auth.ad@ietf.org, draft-ietf-ipsecme-ikev2-null-auth.shepherd@ietf.org, draft-ietf-ipsecme-ikev2-null-auth@ietf.org
Subject: [IPsec] Barry Leiba's Discuss on draft-ietf-ipsecme-ikev2-null-auth-06: (with DISCUSS and COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 18:35:29 -0000
Barry Leiba has entered the following ballot position for draft-ietf-ipsecme-ikev2-null-auth-06: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-null-auth/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- First: Thanks, Paul, for a very informative and useful shepherd writeup. I have no problem with the reference to Experimental RFC 5739, but I do have a problem with the downref not having been noted in the last call announcement, as required by RFC 3967 (BCP 97). And I think the MUST in the last paragraph of Section 2.5 requires 5739 to be normative. I hate to say this, but I think this requires a second last call on this document, which will really serve no one. We really do need to do an update to BCP 97 to fix this, because it comes up all the time. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Editorial comment in Section 2: If a peer that requires authentication receives an AUTH payload containing the NULL Authentication method type, it MUST return an AUTHENTICATION_FAILED notification. We're referring to NULL authentication as "authentication", so maybe this should say something like "If a peer that requires positive identification receives [...]", or "If a peer that requires authenticated identity receives [...]" ?
- [IPsec] Barry Leiba's Discuss on draft-ietf-ipsec… Barry Leiba
- Re: [IPsec] Barry Leiba's Discuss on draft-ietf-i… Paul Hoffman
- Re: [IPsec] Barry Leiba's Discuss on draft-ietf-i… Barry Leiba
- Re: [IPsec] Barry Leiba's Discuss on draft-ietf-i… Kathleen Moriarty