Reviewer: Charlie Kaufman
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This document proposes a small extension to the SCTP protocol to allow saving some computation by not computing a per-packet CRC32c checksum for each packet where the protocol is run over some protocol that provides a stronger integrity check than the CRC32c provides. The first case they have in mind is where SCTP is running over DTLS.

I see no security issues with this document. It does not discuss when it is appropriate to run the SCTP protocol over some cryptographically protected tunnel. Such a discussion would have security significance. This document simply prescribes a mechanism for skipping the creation and checking of the non-security CRC32c checksums when such tunnelling is done.

I had some non-security concerns with an earlier draft of this document, but they have all been addressed in this one.