[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rohc] Gen-ART review of draft-ietf-rohc-ikev2-extensions-hcoipsec-09

To: Black_David at emc.com, ro at breakcheck.com, kivinen at safenet-inc.com, cabo at tzi.org, gen-art at ietf.org, christou_chris at bah.com
Subject: Re: [rohc] Gen-ART review of draft-ietf-rohc-ikev2-extensions-hcoipsec-09
From: Emre Ertekin <emreertekin.ietf at gmail.com>
Date: Sun, 20 Sep 2009 21:20:18 -0700
Cc: magnus.westerlund at ericsson.com, rohc at ietf.org
Delivered-to: rohc at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type; bh=XKVnSUJ3orATjyLdvA33aqiS7hWT528dvlCDeIlvb8s=; b=XSwFaZZWjqFrO/faJWcdvkfk+beEQb5xzTORXOLZcZQ0w9Cljl5WGvfRbKx1ErnytC DyqUvZZhk1qZ3kmekJgK389OrjsEu2PK5AXm/mK1pOzSwfMP539H2qLdrHaeKbmbrjte 5voMelCBqnSd68xG1FDTzoDqqnUba8O9uBbzE=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=lXO2zCKQdBA8setkmvmzneK2wvUdL4fLN3JdSRd8aCg3SLMWeoJmfaB2xZcos10NWi vRHQF/L9jAYAImG+JxlNrASqc3hR3mXAIGuuGAGwFIobokUcaJWT3dbpF62qXawiBxwy sgL0Ju8IaRh+wJJfXIXYAoGzgo0TRZzh89qYY=
List-archive: <http://www.ietf.org/mail-archive/web/rohc>
List-help: <mailto:rohc-request@ietf.org?subject=help>
List-id: Robust Header Compression <rohc.ietf.org>
List-post: <mailto:rohc@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/rohc>, <mailto:rohc-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/rohc>, <mailto:rohc-request@ietf.org?subject=unsubscribe>

Hi David,

Thank you for reviewing our drafts.  Please find our responses below.

> Comments:
>
> The draft does not use RFC 2119 keywords (e.g., MUST), but the
> draft is clearly written with clearly stated requirements, so
> the authors' non-use of RFC 2119 keywords is not a problem.

Thanks for pointing this out--actually, another reviewer requested
that we include these keywords as well.  Therefore, we decided to
include them in the next release of the draft.

> Figure 2 is confusing; it would be better to separate it into
> two ASCII diagrams, one each for the AF=0 and AF=1 cases.  For
> AF=0, tilde (~) characters should be used in the vertical sides
> of the ROHC Attribute Value box to indicate that the value
> is variable length.

I feel that the figures/description provided are pretty
straightforward for IKE implementers, as they are identical to the
figures/description presented in Section 3.3.5 of IKEv2 [RFC 4306] and
the IKEv2bis draft.  However, if you feel that it is necessary to
separate these figures, I'm happy to entertain further discussion
here.

> In Section 2.1.2, the discussion of ROHC Profile neglects to
> say where the profile numbers come from.  It looks like they
> come from the IANA registry for ROHC Profile Identifiers:
> http://www.iana.org/assignments/rohc-pro-ids/rohc-pro-ids.xhtml
> That should be stated.

Sounds good, I can add a statement with this reference.

> Truncating an integrity algorithm's output via use of a
> ROHC_ICV_LEN value that is less than the algorithm's normal
> output size weakens the security protection of that integrity
> algorithm. That needs to be noted as a security consideration
> in Section 3.

Although I agree with the intent of your comment, I do not think that
this causes a security consideration for IKE.  However, I would like
to add text in the companion ROHCoIPsec framework draft
[draft-ietf-rohc-hcoipsec] that speaks to your point.  Is this alright
with you?

> The last sentence of the description of the MRRU attribute is:
>
> 	If MRRU is 0 or if no MRRU attribute is sent, no
>       segment headers are allowed on the ROHCoIPsec channel.
>
> What's a segment header?  Please add a sentence or two to explain.

Sure; I'll add a reference to Section 5.2.5 of RFC 3095.

> idnits 2.11.13 ran clean after correctly guessing that this
> draft is intended for Proposed Standard status.

Ok!  Thanks again.

Best Regards,
Emre

> Thanks,
> --David
> ----------------------------------------------------
> David L. Black, Distinguished Engineer
> EMC Corporation, 176 South St., Hopkinton, MA  01748
> +1 (508) 293-7953             FAX: +1 (508) 293-7786
> black_david at emc.com        Mobile: +1 (978) 394-7754
> ----------------------------------------------------

Follow-Ups:
- Re: [rohc] Gen-ART review of draft-ietf-rohc-ikev2-extensions-hcoipsec-09
  - From: Black_David

Prev by Date: Re: [rohc] Last Call: draft-ietf-rohc-ikev2-extensions-hcoipsec (IKEv2 Extensions to Support Robust Header Compression over IPsec (ROHCoIPsec)) to Proposed Standard
Next by Date: Re: [rohc] Last Call: draft-ietf-rohc-ipsec-extensions-hcoipsec (IPsec Extensions to Support Robust Header Compression over IPsec (ROHCoIPsec)) to Proposed Standard
Previous by thread: Re: [rohc] Gen-ART review of draft-ietf-rohc-ikev2-extensions-hcoipsec-09
Next by thread: Re: [rohc] Gen-ART review of draft-ietf-rohc-ikev2-extensions-hcoipsec-09
Index(es):
- Date
- Thread