[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf
Subject: Re: Gen-ART LC Review of draft-ietf-karp-routing-tcp-analysis-05.txt
From: Mahesh Jethanandani <mjethanandani () gmail ! com>
Date: 2012-11-30 17:03:15
Message-ID: 7B7C06EA-E5EB-4FD6-ADE6-1A8E38B11405 () gmail ! com
[Download RAW message or body]
Ben,
See inline. If you are ok with these changes, I will go ahead and submit an updated \
version of the draft.
On Nov 25, 2012, at 5:56 PM, Mahesh Jethanandani wrote:
> Further trimming it to sections that require a response.
>
> On Nov 21, 2012, at 3:12 PM, Ben Campbell wrote:
>
> >
> > > >
> > > > *** Minor issues *** :
> > > >
> > > > -- section 2.2, last paragraph:
> > > >
> > > > The IKE mention lacks context. Do you mean to suggest IKE with IPSec? I \
> > > > assume so, but there's been no mention of IPSec so far.
> > >
> > > No. It implies the use of IKEv2 protocol for performing mutual authentication \
> > > and establishing SA. There is no suggestion of using IKE with IPSec.
> > > How about this?
> > >
> > > For point-to-point key management IKEv2[RFC5996] protocol provides ...
> >
> > 5996 describes IKEv2 as a component of IPSec, and a key-management mechanism for \
> > ESP and AH SAs. Now, I won't claim to be an IKE expert by any extent, but I think \
> > that if you mean to use IKE _without_ IPSec it would be good to add a sentence or \
> > two pointing that out. Or is there some other reference that could be used that \
> > describes using IKEv2 for non-IPSec SAs?
>
> Added this sentence.
>
> Although IKEv2 is discussed as a component of IPsec, KMP can use just the mutual \
> authentication and SA establishment portion of IKEv2.
This statement has been further modified to:
For point-to-point key management IKEv2 [RFC5996] provides for
automated key exchange under a SA and can be used for a comprehensive
Key Management Protocol (KMP) solution for routers. IKEv2 can be used
for both IPsec SAs [RFC4301] and other types of SAs. For example,
Fibre Channel SAs [RFC4595] are currently negotiated with IKEv2. Using
IKEv2 to negotiate TCP-AO is a possible option.
>
> >
> > >
> > > >
> > > > *** Nits/editorial comments ***:
> > > >
> > > > -- IDNits indicates some unused and obsoleted references. Please check.
> > >
> > > Found one unused reference and have removed it.
> >
> > Seems like there were more than one. From IDNits:
> >
> > == Missing Reference: 'IRR' is mentioned on line 92, but not defined
> >
> > == Unused Reference: 'RFC2409' is defined on line 585, but no explicit
> > reference was found in the text
> >
> > == Unused Reference: 'RFC3547' is defined on line 588, but no explicit
> > reference was found in the text
> >
> > ** Obsolete normative reference: RFC 2385 (Obsoleted by RFC 5925)
> >
> > -- Obsolete informational reference (is this intentional?): RFC 2409
> > (Obsoleted by RFC 4306)
> >
> > -- Obsolete informational reference (is this intentional?): RFC 3547
> > (Obsoleted by RFC 6407)
>
> I have removed these unused references.
>
> >
> > > >
> > > > -- section 4, 2nd paragraph: "In addition Improving TCP’s Robustness to Blind \
> > > > In-Window Attacks."
> > > > sentence fragment.
> > >
> > > Changed it to say:
> > >
> > > In addition, the recommendations in Improving TCP's Robustness to Blind \
> > > In-Window Attacks
> >
> > Am I correct in assuming this merges with the following sentence? Otherwise, it's \
> > still a fragment.
>
> Changed it to:
>
> In addition, the recommendations in RFC 5961 should also be followed ...
Mahesh Jethanandani
mjethanandani@gmail.com
[Attachment #3 (unknown)]
<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
-webkit-line-break: after-white-space; ">Ben,<div><br></div><div>See inline. If you \
are ok with these changes, I will go ahead and submit an updated version of the \
draft.<div><br><div><div>On Nov 25, 2012, at 5:56 PM, Mahesh Jethanandani \
wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div \
style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; ">Further trimming it to sections that require a \
response.<div><br><div><div>On Nov 21, 2012, at 3:12 PM, Ben Campbell \
wrote:</div><br><blockquote type="cite"><div><br><blockquote type="cite"><blockquote \
type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote \
type="cite">*** Minor issues *** :<br></blockquote></blockquote><blockquote \
type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote \
type="cite"><blockquote type="cite">-- section 2.2, last \
paragraph:<br></blockquote></blockquote><blockquote type="cite"><blockquote \
type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote \
type="cite">The IKE mention lacks context. Do you mean to suggest IKE with IPSec? I \
assume so, but there's been no mention of IPSec so \
far.<br></blockquote></blockquote><blockquote \
type="cite"><br></blockquote><blockquote type="cite">No. It implies the use of IKEv2 \
protocol for performing mutual authentication and establishing SA. There is no \
suggestion of using IKE with IPSec.<br></blockquote><blockquote \
type="cite"><br></blockquote><blockquote type="cite">How about \
this?<br></blockquote><blockquote type="cite"><br></blockquote><blockquote \
type="cite">For point-to-point key management IKEv2[RFC5996] protocol provides \
...<br></blockquote><br>5996 describes IKEv2 as a component of IPSec, and a \
key-management mechanism for ESP and AH SAs. Now, I won't claim to be an IKE expert \
by any extent, but I think that if you mean to use IKE _without_ IPSec it would be \
good to add a sentence or two pointing that out. Or is there some other reference \
that could be used that describes using IKEv2 for non-IPSec \
SAs?<br></div></blockquote><div><br></div>Added this \
sentence.</div><div><br></div><div><i>Although IKEv2 is discussed as a component of \
IPsec, KMP can use just the mutual authentication and SA establishment portion of \
IKEv2.</i></div></div></div></blockquote><div><br></div>This statement has been \
further modified to:</div><div><br></div><div><i>For point-to-point key management \
IKEv2 [RFC5996] provides for</i><div><i> automated key exchange under a SA and \
can be used for a comprehensive</i></div><div><i> Key Management Protocol (KMP) \
solution for routers. IKEv2 can be used</i></div><div><i> for both IPsec \
SAs [RFC4301] and other types of SAs. For example, </i></div><div><i> Fibre \
Channel SAs [RFC4595] are currently negotiated with IKEv2. \
Using</i></div><div><i> IKEv2 to negotiate TCP-AO is a possible \
option.</i></div></div><div><br></div><div><br><blockquote type="cite"><div \
style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; "><div><div><br><blockquote type="cite"><div><br><blockquote \
type="cite"><br></blockquote><blockquote type="cite"><blockquote \
type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote \
type="cite">*** Nits/editorial comments ***:<br></blockquote></blockquote><blockquote \
type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote \
type="cite"><blockquote type="cite">-- IDNits indicates some unused and obsoleted \
references. Please check.<br></blockquote></blockquote><blockquote \
type="cite"><br></blockquote><blockquote type="cite">Found one unused reference and \
have removed it.<br></blockquote><br>Seems like there were more than one. From \
IDNits:<br><br> == Missing Reference: 'IRR' is mentioned on line 92, but not \
defined<br><br> == Unused Reference: 'RFC2409' is defined on line 585, but no \
explicit<br> reference was found in the text<br><br> == \
Unused Reference: 'RFC3547' is defined on line 588, but no explicit<br> \
reference was found in the text<br><br> ** Obsolete \
normative reference: RFC 2385 (Obsoleted by RFC 5925)<br><br> -- Obsolete \
informational reference (is this intentional?): RFC 2409<br> \
(Obsoleted by RFC 4306)<br><br> -- Obsolete \
informational reference (is this intentional?): RFC 3547<br> \
(Obsoleted by RFC \
6407)<br></div></blockquote><div><br></div>I have removed these unused \
references.</div><div><br><blockquote type="cite"><div><br><blockquote \
type="cite"><blockquote type="cite"><br></blockquote></blockquote><blockquote \
type="cite"><blockquote type="cite">-- section 4, 2nd paragraph: "In addition \
Improving TCP’s Robustness to Blind In-Window \
Attacks."<br></blockquote></blockquote><blockquote type="cite"><blockquote \
type="cite"><br></blockquote></blockquote><blockquote type="cite"><blockquote \
type="cite">sentence fragment.<br></blockquote></blockquote><blockquote \
type="cite"><br></blockquote><blockquote type="cite">Changed it to \
say:<br></blockquote><blockquote type="cite"><br></blockquote><blockquote \
type="cite">In addition, the recommendations in Improving TCP's Robustness to Blind \
In-Window Attacks<br></blockquote><blockquote type="cite"><br></blockquote><br>Am I \
correct in assuming this merges with the following sentence? Otherwise, it's still a \
fragment.<br><br></div></blockquote><br></div><div>Changed it \
to:</div><div><br></div><div><i>In addition, the recommendations in RFC 5961 should \
also be followed ...</i></div></div></div></blockquote></div><br><div> <span \
class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); \
font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: \
normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: \
-webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; \
word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; \
-webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; \
-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; \
"><div>Mahesh Jethanandani</div><div><a \
href="mailto:mjethanandani@gmail.com">mjethanandani@gmail.com</a></div><div><br></div></span><br \
class="Apple-interchange-newline"> </div>
<br></div></div></body></html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic