Hi Murray, > Murray Kucherawy has entered the following ballot position for > draft-ietf-ipsecme-g-ikev2-20: No Objection > > When responding, please keep the subject line intact and reply to all email > addresses included in the To and CC lines. (Feel free to cut this introductory > paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot- > positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-g-ikev2/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I support Roman's DISCUSS regarding Section 9.2.
It is already addressed: https://github.com/smyslov/G-IKEv2/pull/28 > In addition to that, I > suggest putting each new registry in its own subsection, and each specific > action or group of actions in Section 9.3 in their own subsections. These would be tiny subsections :-) Instead, I suggest to create a numbered list for these actions. > Regarding the SHOULD in Section 2.3.1, what's the alternative? Why is there a > choice here? The alternative is not to inform the GCKS. In many situations the GCKS does not care if the GM joins the group or not (for any reason). The GM may silently leave the group at any time (e.g. when user just switches the CPE off). It is unlikely that GCKS will fix its policy when a single GM cannot follow it. But it is still "SHOULD" and not "MAY" because in some situations the GCKS may do care about current membership - for example if LKH is employed and the GCKS needs to maintain individual GM keys. Knowing that the GM failed to join the group can save GCKS's resources. The combined changes can be reviewed here: https://github.com/smyslov/G-IKEv2/pull/30 Regards, Valery. _______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
