Draft:  draft-ietf-ipsec-ike-auth-ecdsa-05.txt
Reviewer: Elwyn Davies [elwynd@dial.pipex.com]
Review Date:  Friday 2/24/2006 4:57 AM CST
IETF LC Date: 6 March 2006

Summary: This one is essentially ready for PS.  There are a couple of editorial 
fixes which would mainly help IANA.

I am assuming that somebody will have or will be going to verify the 
test vectors.

Editorial (refer to your AD/WG chair for guidance on respinning the doc):

s1, para 2 contains the assertion 'For any given level of security 
against the best attacks known, ECDSA signatures are smaller than RSA 
signatures and ECDSA keys require less bandwidth than DSA keys; there 
are also advantages of computational speed and efficiency in many 
settings.'  If the reference [LV] backs up this assertion it would be 
good to reference it here also.  If not it would be good to have some 
other reference that justifies this assertion.

(actually editorial+): s5: It would be useful to give the three methods 
mnemonic names which can be placed in the IANA registry and document 
them in s5.


s1: Acronyms IPsec, RSA and DSA need expansion.

s3: Acronym MAC needs expansion.

s3, table: To avoid confusion with references, the code points (e.g., 
[19]) currently enclosed in square brackets would be better in round 
brackets.

s6: It might be helpful to explicitly bracket y^2 = x^3 - 3 x + b  
modulo p   - I think this is supposed to be y^2 = (x^3 - 3 x + b)  modulo p

s7.1: BTW IKEv2 has made it to RFC - RFC4306.