Hi Dave, Yes, I believe they have been addressed. Thanks for checking in, my apologies for not confirming sooner.
Best Regards, Tim Carlin On Mon, Jan 30, 2017 at 3:54 PM, Waltermire, David A. (Fed) < [email protected]> wrote: > >From what I can tell, addressing this feedback is the only thing that > needs to be done before progressing this draft to the IESG for publication. > > Tim, > > Did Tero's response address your concerns? > > Tero, > > Are you or the other authors planning to post an update based on this > feedback? > > Thanks, > Dave > > > -----Original Message----- > > From: IPsec [mailto:[email protected]] On Behalf Of Tero Kivinen > > Sent: Thursday, January 12, 2017 8:03 AM > > To: Timothy Carlin <[email protected]> > > Cc: [email protected] > > Subject: [IPsec] Review of draft-ietf-ipsecme-rfc7321bis-01 > > > > Timothy Carlin writes: > > > My comments: > > > > > > * Section 4 mentions that that 256-bit keys are raised to the SHOULD > > > level. Should this read as these are now the MUST level as > > > ENCR_AES_CBC and > > > ENCR_AES_GCM_16 are at the MUST level according to Table 1 (with the > > > [1] endnote)? > > > > Yes, I think this is inconsistancy caused by last edits, i.e., when we > changed > > the 256-bit keys to MUST, we only edited the footnote, and missed the > text > > in section 4. > > > > So correct change is: > > > > OLD: > > > > In that sense 256 bit keys > > status has been raised from MAY in RFC7321 to SHOULD. > > > > NEW: > > > > In that sense 256 bit keys > > status has been raised from MAY in RFC7321 to MUST. > > > > > * Section 5 mentions ENCR_NULL_AUTH_AES_GMAC, which is not > > referenced > > > anywhere in the document. Should it be added to Table 1 at the MUST > > > level? > > > > No. It is MAY level algorithm, just like the AUTH_AES_128_GMAC and > > AUTH_AES_256_GMAC algorithms. The reason those > > AUTH_AES_{128,256}_GMAC algorithms are listed here is, that they used to > > be SHOULD+, and are now downgraded to MAY. > > > > The ENCR_NULL_AUTH_AES_GMAC has been MAY, and will be MAY, so it is > > not mentioned in the section 4. > > > > Your text edits seemed to be fine. > > -- > > [email protected] > > > > _______________________________________________ > > IPsec mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec >
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
