At 2:37 PM +0000 3/19/10, Elwyn Davies wrote: >Not ready. The document contains a lot of minor niggles and nits plus a major item that I am not sure the IETF should support: this is the removal of all mention of mandatory to implement security suites from the document. I appreciate the difficulty of keeping up to the minute, but it seems to me that this is outweighed by the difficulty of guaranteeing interoperability. If the security landscape is so unstable, we have a bigger problem perhaps. Whether this change is acceptable to the IAB, the IESG and the wider IETF is not something I can resolve. > >. . . > >Major issues: > >s3.3.4: The draft states that the list of mandatory to implement suites has been removed due to evolution going too fast. Is this acceptable? > draft-ietf-ipsecme-ikev2bis is a revision of RFC 4306, and the paragraph in question about removing the mandatory-to-implement suites is copied directly from RFC 4306. When the original WG published RFC 4306 over four years ago, it decided to split out the suites into what became RFCs 4307 and 4308. draft-ietf-ipsecme-ikev2bis changes nothing here. Does that clear up your issue, or are you saying that draft-ietf-ipsecme-ikev2bis should reverse the old policy and explicitly pull in the text from RFC 4307 and RFC 4308 into the new document? --Paul Hoffman, Director --VPN Consortium _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf