[tcpinc] [OPS-DIR] Opsdir last call review of draft-ietf-tcpinc-tcpcrypt-07

wangzitao <wangzitao@huawei.com> Tue, 17 October 2017 02:09 UTC

Return-Path: <wangzitao@huawei.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 2B8C91323B8; Mon, 16 Oct 2017 19:09:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 8rjRRXIrO-AS; Mon, 16 Oct 2017 19:09:27 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BBD51321A4; Mon, 16 Oct 2017 19:09:26 -0700 (PDT)
Received: from (EHLO lhreml707-cah.china.huawei.com) ([]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DQT74557; Tue, 17 Oct 2017 02:09:24 +0000 (GMT)
Received: from DGGEML406-HUB.china.huawei.com ( by lhreml707-cah.china.huawei.com ( with Microsoft SMTP Server (TLS) id 14.3.361.1; Tue, 17 Oct 2017 03:09:23 +0100
Received: from DGGEML504-MBX.china.huawei.com ([]) by dggeml406-hub.china.huawei.com ([]) with mapi id 14.03.0301.000; Tue, 17 Oct 2017 10:09:17 +0800
From: wangzitao <wangzitao@huawei.com>
To: "draft-ietf-tcpinc-tcpeno.all@ietf.org" <draft-ietf-tcpinc-tcpeno.all@ietf.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "tcpinc@ietf.org" <tcpinc@ietf.org>
Thread-Topic: [OPS-DIR] Opsdir last call review of draft-ietf-tcpinc-tcpcrypt-07
Thread-Index: AdNG7OvkkdA2ewz9Rt2KqLuu2vNouA==
Date: Tue, 17 Oct 2017 02:09:17 +0000
Message-ID: <E6BC9BBCBCACC246846FC685F9FF41EA2B88900E@DGGEML504-MBX.china.huawei.com>
Accept-Language: en-US
Content-Language: zh-CN
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_E6BC9BBCBCACC246846FC685F9FF41EA2B88900EDGGEML504MBXchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.59E56655.0047, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: dbedd8f754556886f42536167e992b36
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/cl-7cYQ5VqrdyfayIymyXcr8bVk>
Subject: [tcpinc] [OPS-DIR] Opsdir last call review of draft-ietf-tcpinc-tcpcrypt-07
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2017 02:09:29 -0000

Reviewer: Zitao Wang

Review result: Ready with Nits

I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.  Document editors and WG chairs should treat these comments just like any other last call comments.

Document reviewed:  draft-ietf-tcpinc-tcpcrypt-07

This document specifies tcpcrypt, a TCP encryption protocol designed for use in conjunction with the TCP Encryption Negotiation Option (TCP-ENO).  Tcpcrypt coexists with middleboxes by tolerating resegmentation, NATs, and other manipulations of the TCP header.  The protocol is self-contained and specifically tailored to TCP implementations, which often reside in kernels or other environments in which large external software dependencies can be undesirable. Because the size of TCP options is limited, the protocol requires one additional one-way message latency to perform key exchange before application data may be transmitted.  However, this cost can be avoided between two hosts that have recently established a previous tcpcrypt connection.

My overall view of the document is 'Ready' for publication.

One small comment is that there are some id-nits, please fix it in next version:

  -- Looks like a reference, but probably isn't: '0' on line 323

  == Missing Reference: 'RFC-TBD' is mentioned on line 932, but not defined

     Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--).

OPS-DIR mailing list