HI Miika, > -----Original Message----- > From: Miika Komu [mailto:miika.komu@xxxxxxxxxxxx] > Sent: Monday, January 07, 2019 8:19 PM > To: Liushucheng (Will Liu) <liushucheng@xxxxxxxxxx>; ops-dir@xxxxxxxx > Cc: draft-ietf-hip-rfc4423-bis.all@xxxxxxxx; hipsec@xxxxxxxx; ietf@xxxxxxxx > Subject: Re: Opsdir last call review of draft-ietf-hip-rfc4423-bis-19 > > Hi Will, > > On 5/10/18 12:16, Will LIU wrote: > > Reviewer: Will LIU > > Review result: Ready > > > > Hi all, > > > > (Sorry , it seems to me that the notification was blocked by the > > filter. I guess it's a little bit late.) > > no it's not! It's me who is running late. [Will] Aha, life is busy.:) > > > I have reviewed draft-ietf-hip-rfc4423-bis-19 as part of the > > Operational directorate's ongoing effort to review all IETF documents > > being processed by the IESG. These comments were written with the > > intent of improving the operational aspects of the IETF drafts. > > Comments that are not addressed in last call may be included in AD > > reviews during the IESG review. Document editors and WG chairs should > > treat these comments just like any other last call comments. > > > > “This memo describes a new namespace, the Host Identity namespace, > and > > a new protocol layer, the Host Identity Protocol, between the > > internetworking and transport layers. Herein are presented the > > basics of the current namespaces, their strengths and weaknesses, and > > how a new namespace will add completeness to them. The roles of this > > new namespace in the protocols are defined. > > > > This document obsoletes RFC 4423 and addresses the concerns raised > by > > the IESG, particularly that of crypto agility. It incorporates > > lessons learned from the implementations of RFC 5201 and goes further > > to explain how HIP works as a secure signaling channel.” > > > > My overall view of the document is 'Ready' for publication. > > thanks! > > > Some small ones: > > > > 1. Especially, I am glad to see the security consideration part well > explained. > > I guess it's still worth writing something about the security tradeoff > > influence for the different modes mentioned in previous sections. In > > fact, there are some words in previous sections, maybe a summary can be > put here. > > I added one line quick summary to the abstract: > > [...] The section on security considerations describe also measures against > flooding attacks, usage of identities in access control lists, weaker types of > identifiers and trust on first use. [...] > > Does this address your concern? [Will] Yep. > > > 2. It's good to have a single subsection about " Answers to NSRG > questions". > > However, maybe it's better to put it in appendix? > > it's already in appendix (due to other review comments). > > Thanks for the feedback! Regards, / 致礼 Will LIU / 刘树成
