Document: draft-ietf-tcpm-tcp-auth-opt-10
Reviewer: Wassim Haddad 
Review Date: 2010-03-09 
LC End Date: 2010-03-11 IESG Telechat date: 2010-03-11

Summary: Ready

Major issues: None

Minor issues:

- Page 13, Figure 3: traffic keys derived show two "Send_Other_key" in all 3 boxes.
Shouldn't be Rcv_Other_key?

- Page 37: sub-section 2: a) Privacy: "TCP exposes "only" the MKT IDs, MAC, and overall option.
Question: is "only" really needed?


Editorial/nits:

- section 2.1: TCP-AO "is" not intended to replace the use of IPsec...

- section 2.2: IMHO, the following sentence is not clear:

"This document differs from an IPsec/IKE solution in that TCP-AO as follows:"

- section 3: In this document, the characters ">>" proceeding...
Is it proceeding or preceding?

- section 4.2: "The TCP-AO option fields do not indicate the MAC algorithm either implicitly (as with TCP MD5) or explicitly.

either/or -> neither/nor

- section 5.2:

remove "Figure" (repeated twice)