[IPsec] AD review of draft-ietf-ipsecme-dh-checks
Sean Turner <turners@ieca.com> Tue, 30 April 2013 13:39 UTC
Return-Path: <turners@ieca.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C9BC21F9BC5 for <ipsec@ietfa.amsl.com>; Tue, 30 Apr 2013 06:39:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.265
X-Spam-Level:
X-Spam-Status: No, score=-102.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BqyvuMnIT7xP for <ipsec@ietfa.amsl.com>; Tue, 30 Apr 2013 06:39:27 -0700 (PDT)
Received: from gateway16.websitewelcome.com (gateway16.websitewelcome.com [69.56.239.11]) by ietfa.amsl.com (Postfix) with ESMTP id E8A1521F99AE for <ipsec@ietf.org>; Tue, 30 Apr 2013 06:39:26 -0700 (PDT)
Received: by gateway16.websitewelcome.com (Postfix, from userid 5007) id 0A993EC22D64F; Tue, 30 Apr 2013 08:39:02 -0500 (CDT)
Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway16.websitewelcome.com (Postfix) with ESMTP id EF539EC22D605 for <ipsec@ietf.org>; Tue, 30 Apr 2013 08:39:01 -0500 (CDT)
Received: from [147.28.0.178] (port=50163 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from <turners@ieca.com>) id 1UXAmE-0004bS-8F; Tue, 30 Apr 2013 08:39:26 -0500
Message-ID: <517FC98D.2020201@ieca.com>
Date: Tue, 30 Apr 2013 07:39:25 -0600
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: ipsec@ietf.org, draft-ietf-ipsecme-dh-checks@tools.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator1743.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (thunderfish.local) [147.28.0.178]:50163
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 3
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20=
Subject: [IPsec] AD review of draft-ietf-ipsecme-dh-checks
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Apr 2013 13:39:32 -0000
Nicely written that makes it so much easier to review. Thanks. My comments in no particular order: 1. This document updates RFC 5996. I know one of my fellow ADs will ask why this is an updates before they get to s2. Can we add something to the introduction that says "This document updates RFC 5996 by providing new requirements for all IKEv2 implementations" or something like that. 2. s1/s3 indicates parts are taken from RFC 2412. Did you ask Hilarie if she was willing to grant you rights to publish under the current IETF's TLP in order to avoid including the pre-5378 boilerplate? In a nut shell if you copy text from an RFC before RFC 5378 you gotta ask. If you don't get an answer you need to include some additional boilerplate that says the draft includes pre-5378 text. All you need do is send her a message (I'd try ho@alum.mit.edu) explaining the situation and asking if she'd be willing to grant rights under the TLP (http://trustee.ietf.org/license-info/). Just forward the response to me so I know was done. If you'd rather not bother that's okay but then you need to add the following to the end of the copy right notice section: This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English. 3. s2.3: RFC 5114 uses y^2 = x^3 + ax + b (mod p) instead of y**2 = x**3 + ax + b mod p maybe best to stick with what's there or explain explain that it's different. 4. s1: r/elliptic curve groups/Elliptic Curve (EC) groups the term gets used later so you might as well introduce it early on 5. s3: r/ECC groups/EC groups or change it in s1 to match this section 5. s2.3/3: Seems like in s3 you added "*" to signify multiplication should you also do that in s2.3 to keep them consistent? 6. Please don't forget to incorporate Johannes suggestion. spt