[tcpm] Secdir last call review of draft-ietf-tcpm-ao-test-vectors-05

Christian Huitema via Datatracker <noreply@ietf.org> Mon, 24 January 2022 03:05 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: tcpm@ietf.org
Delivered-To: tcpm@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C263A3A1694; Sun, 23 Jan 2022 19:05:51 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Christian Huitema via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-tcpm-ao-test-vectors.all@ietf.org, last-call@ietf.org, tcpm@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.43.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <164299355173.8277.13266364760547855582@ietfa.amsl.com>
Reply-To: Christian Huitema <huitema@huitema.net>
Date: Sun, 23 Jan 2022 19:05:51 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/BArUkxYbXHujqlVLYllMTRcGuoo>
Subject: [tcpm] Secdir last call review of draft-ietf-tcpm-ao-test-vectors-05
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2022 03:05:52 -0000

Reviewer: Christian Huitema
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments.

This document does exactly what the abstract says: provide test vectors that
cover the key derivation and message signing algorithms defined for TCP-AO.
Defining these test vectors will help improve the quality of implementations.
It certainly does not create any new security issue.