Yaron Sheffer
2007-04-04 06:53:35 UTC
Mostly nits, some bigger comments.
* If the use of Raw RSA is "clarified", shouldn't this draft
"update" RFC 4306 (or worse, RFC 4718)?
* Sec. 2: "It *SHOULD be sent in after *the phase 1 SA has become
private," - I guess you mean "SHOULD be sent *only* after.
* Typo: "Aggressive mode *is *SHOULD NOT".
* Sec. 3: "This code point is hereby defined for IKEv1" - this
should also go into the IANA Considerations.
* KEY is capitalized a number of times.
* Sec. 5: "It details the order in which to look for authentication
data for a protocol which does not in itself require any
authentication data." This sentence baffled me. What do you mean?
Does this imply that no further security analysis is required?
Thanks,
Yaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.postel.org/pipermail/anonsec/attachments/20070404/2edd4baf/attachment.html
* If the use of Raw RSA is "clarified", shouldn't this draft
"update" RFC 4306 (or worse, RFC 4718)?
* Sec. 2: "It *SHOULD be sent in after *the phase 1 SA has become
private," - I guess you mean "SHOULD be sent *only* after.
* Typo: "Aggressive mode *is *SHOULD NOT".
* Sec. 3: "This code point is hereby defined for IKEv1" - this
should also go into the IANA Considerations.
* KEY is capitalized a number of times.
* Sec. 5: "It details the order in which to look for authentication
data for a protocol which does not in itself require any
authentication data." This sentence baffled me. What do you mean?
Does this imply that no further security analysis is required?
Thanks,
Yaron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.postel.org/pipermail/anonsec/attachments/20070404/2edd4baf/attachment.html