Document:   draft-ietf-ieprep-domain-req-05.txt
Reviewer: Scott W Brim [sbrim@cisco.com]
Review Date:  Friday 10/21/2005 11:33 AM
Telechat Date:  Thursday 10/27/2005

Summary: Ready; question/nit

Review:
--------

No objection.  I don't see anything wrong with the listed
requirements, modulo the one question below -- in fact they seem to be
pretty good.  However, I really can't tell if there are requirements
that have been omitted, since I'm not in the area.  

>    Any application layer label mechanisms used to support ETS MUST be
>    capable of supporting both the set of ETS and non-ETS (presumably,
>    normal) users.

I'm not sure about this one, perhaps because I don't understand what
it means.  I can envision, for example, applications that are only
used in ETS situations, and are only capable of running with ETS
labels.  Are they disallowed?  No special apps?  

I can see a requirement that any application which is used during
normal times must still be usable during "medium emergencies".  Is
that the goal?


Also a nit in case there is another version ...

>    If proxies take such action, then the security measures discussed in
>    [rfc3689] MUST be considered.  More discussion about security in the
>    single domain context is discussed in section 5.

You don't mean to say that the discussion is discussed. :-)