I’ve done a review pass of this document. In general, I think it is technically good.
I did find several places where I think additional clarity or editorial improvements could be made. To address these, I’ve proposed the following pull request: https://github.com/boucadair/draft-ietf-ipsecme-add-ike/pull/5 Some of the revenant items I am trying to address are: - Make it more clear early on that the attributes are generically communicating encrypted DNS resolvers, and don’t define specific details for DoH/DoT/DoQ (that comes from the SVCB-DNS draft) - Be more explicit about how ENCDNS_IP* are two specific types, ENCDNS_IP4 and ENCDNS_IP6 - Introduce and explain ENCDNS_DIGEST_INFO earlier on. Currently, it is defined with no explanation until a later section. - Clarify the behavior of the initiator for including ENCDNS_IP* attributes. Specifically, I believe this is intended to be: either include exactly one empty ENCDNS_IP* attribute of a given type to request “any” encrypted DNS resolver on that address family; OR, include one or more of that type with hints about the addresses and APNs being requested. This was implied by the text previously, but not clear. If these items are addressed, I’m happy to see this progress. Thanks, Tommy > On Aug 9, 2022, at 1:47 PM, Tero Kivinen <kivi...@iki.fi> wrote: > > This is the start of 2 week WGLC on the document, ending 2022-08-17. > Please submit your comments to the list, also send a note if you have > reviewed the document, so we can see how many people are interested in > getting this out. > -- > kivi...@iki.fi > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
