Pasi Eronen and Valtteri Niemi write: o Section 4: Good text, but perhaps would be even clearer if Router Discovery would be mentioned before Address Autoconfiguration and Redirect. Also, the list of destination address rules is perhaps in the wrong place. o Section 6: This section might be easier to read if it would be split to two parts: one describing what sort of certificates are used, and a second section specifying how the certificates are transported over ICMPv6. o Section 9.3.2 (editorial): These requirements duplicate some of the requirements already described in RFC2461 (section 8.1). E.g. RFC2461 already says that unspecified source address is not allowed, and must match the current routing table. o Section 11 (editorial): In phrase "Signatures related to the use of the AH_RSA_Sig transform MAY be precomputed for Multicast Neighbor and Router Advertisements.", perhaps "..precomputed for unsolicited (multicast) Neighbor and Router..." would be clearer. ----------------- Jari Arkko responds: > Other comments follow: > > o Section 4: Good text, but perhaps would be even clearer if Router > Discovery would be mentioned before Address Autoconfiguration and Ok. > Redirect. Also, the list of destination address rules is perhaps in > the wrong place. Yes. The thing is, it is quite important information if one uses IPsec. However, I have proposed the use of ND options which would essentially make this list unnecessary. I'm hoping that would fix this issue... > Section 6 > --------- > > This section might be easier to read if it would be split to two > parts: one describing what sort of certificates are used, and a > second section specifying how the certificates are transported > over ICMPv6. Ok. > o Section 9.3.2 (editorial): These requirements duplicate some of > the requirements already described in RFC2461 (section 8.1). > E.g. RFC2461 already says that unspecified source address is not > allowed, and must match the current routing table. This needs to be reformulated accordingly. > o Section 11 (editorial): In phrase "Signatures related to the use > of the AH_RSA_Sig transform MAY be precomputed for Multicast > Neighbor and Router Advertisements.", perhaps "..precomputed for > unsolicited (multicast) Neighbor and Router..." would be clearer. Yes. Thanks. ----------------- ----------------- ----------------- -----------------