Draft:  draft-mcgrew-aes-gmac-esp-01.txt
Reviewer: Spencer Dawkins [spencer@mcsr-labs.org]
Review Date:Thursday 12/8/2005 3:42 PM CST
LC Date: 12/12/2005

Summary: this specification is mostly ready for publication as a Proposed 
Standard. I do have one question, which is probably due to my own ignorance.

The document defines AES-GMAC Additional Authenticated Data (AAD) with 
either 32-bit sequence numbers or 64-bit extended sequence numbers, but it 
was not obvious to me how a receiver parsing this field would know whether 
to interpret the field as 32-bit or 64-bit extended sequence numbers. If 
this is obvious to everyone in the security community, my apologies, but it 
might be nice to add a sentence like "The use of extended sequence numbers 
can be detected by ...".