Hi Christer, thank you for your review. Please, see inline.
> Reviewer: Christer Holmberg > Review result: Almost Ready > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-ipsecme-qr-ikev2-09 > Reviewer: Christer Holmberg > Review Date: 2019-12-13 > IETF LC End Date: 2019-12-25 > IESG Telechat date: Not scheduled for a telechat > > Summary: The document is well-written, and almost ready for publication. > However, I have a couple of minor comments that I would like the authors to > address. > > Major issues: None > > Minor issues: > > Q1: > > The Security Considerations lists IKEv2/IPSec algorithms that are not > considered quantum-resistant. However, that is not mentioned anywhere else. I > think it would be good to mention that in the Abstract and/or Introduction. Introduction already contains the following text: If the preshared key has sufficient entropy and the PRF, encryption and authentication transforms are quantum-secure, then the resulting system is believed to be quantum resistant, that is, invulnerable to an attacker with a quantum computer. We think that it is out of scope of this document to classify existing algorithms on the ground of whether they are quantum secure or not, the Security Considerations section lists only most obvious cases. > Q2: > > Section 3 says: > > "If the responder does not support this specification or does not have > any PPK configured, then it ignores the received notification and > continues with the IKEv2 protocol as normal." > > I assume the ignoring of a non-supported notification and continuing with > normal IKEv2 is part of the IKEv2 specification. If so, I suggest to say add > something like: > > ", as described in RFCXXXX." OK. > Nits/editorial comments: > > Q3: > > The Security Considerations talk about the Grover's algorithm. Please add a > reference. Added. Thank you, Valery Smyslov. > _______________________________________________ > IPsec mailing list > ip...@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
