I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This informational document defines a profile of behavior that IPsec implementations must adhere in order to be Suite B compliant. The authors claim that this profile does not introduce any new security concerns that are not already covered in existing RFCs on IPsec, IKE, and their use with ECDSA (i.e., RFCs 4303, 4754, 5759, 5996). After reviewing this document, I would agree with this assessment. --------------------- The following are specific comments based on my review of the document: In Section 3, there is a table that includes the heading "IANA assigned DH group #", which is a bit unclear. I would recommend inserting text below the table that indicates the specific IANA registry to which the table refers. In this case, it is the IANA registry of IKEv2 Diffie-Hellman Group Transform IDs (Transform Type 4) ... see http://www.iana.org/assignments/ikev2-parameters In the second paragraph of Section 5, in the context of implementations that are configured with a minimum level of security of 128 bits, the draft has the following text: "Suite-B-GCM-128 and Suite-B-GMAC-128, if offered, must appear in the IKEv2 and IPsec SA payloads before any offerings of Suite-B-GCM-256 and Suite-B-GMAC-256". This appears to be the only lower-case "must" in the document, and lower-case "must" in this type of specification can be confusing to implementers. There seems to be no security or interoperability reason why one would place the 128 suites first. Indeed, the reason for this requirement seems to be to prevent systems with a minimum security level of 128 bits from agreeing on a 256 suite (which I would suppose is for efficiency reasons???). Therefore, I would suggest that the authors replace the lower-case "must" with a capital "SHOULD". Alternatively, if the authors believe that the use of normative language here is inappropriate, then I would recommend rephrasing the sentence so as to avoid the use of the word "must". Since Suite B compliant IPsec implementations use Elliptic Curve Diffe-Hellman for key exchange within IKE, the authors should consider adding a reference to RFC 5903. The IANA considerations section is currently listed as "TBD". I would recommend the authors include a sentence indicating that this document makes no requests of IANA (or else remove the section completely).