Iain, Overall, LGTM.
Questions and notes: [ section 3.2 ] * Does "IPENC" need to be officially recorded in an official registry somewhere? Or has this already been done and a link to it can be included in this draft? I wasn't able to find this word in the APRS PDF linked to in the references. [ section 5 ] * Can you explain more about the limitations on non-NULL encryption? My intuition would be that ESP with non-NULL encryption provides privacy only on the IP links between tunnel endpoints. A packet that failed to decrypt properly would not be transmitted over the amateur radio link, but rather be dropped by the IP endpoint (and possibly logged). I don't think I follow what the intent of this section is. * I cannot find the phrase "dead peer detection" in RFC 7926, nor is that the IKEv2 RFC. I think perhaps you meant RFC 7296 (numeric transposition). _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
