Stephen Farrell has entered the following ballot position for draft-ietf-lisp-crypto-09: Yes
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-lisp-crypto/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for doing this. Great to see folks incorporating such things where we can and I'll be interested to see how the experiments with this pan out. - intro: (nit) "PKI infrastructure" - the I in PKI already means infrastructure:-) - intro: (another nit) I don't get why " o Packet transport is optimized due to less packet headers. Packet loss is reduced by a more efficient key exchange." is true. - 3: (more nittyness:) AEAD is defined in RFC5116. - section 6 non-nit: I don't see why you want cipher suites 1, 2 and 4. The set of 3,5 and 6 seems to me like it'd be plenty. If it's not too late, I'd encourage you to either drop 1,2 and 4 or say those are OPTIONAL and 3,5 and 6 are RECOMMENDED. - section 7: I think you should embed the KDF into the cipher suite. It's ok to only have one KDF now, but later you may want others and it's fairly easy to include the KDF as part of the definition of the ciphersuite. - section 7: Why didn't you choose RFC 5869 for the KDF? That's a more accessible reference I think and just as good. _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
