--- 1/draft-ietf-ipsecme-split-dns-13.txt	2018-11-03 21:13:19.934781654 -0700
+++ 2/draft-ietf-ipsecme-split-dns-14.txt	2018-11-03 21:13:19.966782422 -0700
@@ -1,19 +1,19 @@
 
 Network                                                         T. Pauly
 Internet-Draft                                                Apple Inc.
 Intended status: Standards Track                              P. Wouters
-Expires: April 25, 2019                                          Red Hat
-                                                        October 22, 2018
+Expires: May 7, 2019                                             Red Hat
+                                                        November 3, 2018
 
                    Split DNS Configuration for IKEv2
-                    draft-ietf-ipsecme-split-dns-13
+                    draft-ietf-ipsecme-split-dns-14
 
 Abstract
 
    This document defines two Configuration Payload Attribute Types for
    the IKEv2 protocol that add support for private DNS domains.  These
    domains are intended to be resolved using DNS servers reachable
    through an IPsec connection, while leaving all other DNS resolution
    unchanged.  This approach of resolving a subset of domains using non-
    public DNS servers is referred to as "Split DNS".
 
@@ -25,21 +25,21 @@
    Internet-Drafts are working documents of the Internet Engineering
    Task Force (IETF).  Note that other groups may also distribute
    working documents as Internet-Drafts.  The list of current Internet-
    Drafts is at https://datatracker.ietf.org/drafts/current/.
 
    Internet-Drafts are draft documents valid for a maximum of six months
    and may be updated, replaced, or obsoleted by other documents at any
    time.  It is inappropriate to use Internet-Drafts as reference
    material or to cite them other than as "work in progress."
 
-   This Internet-Draft will expire on April 25, 2019.
+   This Internet-Draft will expire on May 7, 2019.
 
 Copyright Notice
 
    Copyright (c) 2018 IETF Trust and the persons identified as the
    document authors.  All rights reserved.
 
    This document is subject to BCP 78 and the IETF Trust's Legal
    Provisions Relating to IETF Documents
    (https://trustee.ietf.org/license-info) in effect on the date of
    publication of this document.  Please review these documents
@@ -82,21 +82,21 @@
    resolve hosts within a set of private domains using the tunnel, while
    letting resolutions for public hosts be handled by a device's default
    DNS configuration.
 
    The Internet Key Exchange protocol version 2 [RFC7296] negotiates
    configuration parameters using Configuration Payload Attribute Types.
    This document defines two Configuration Payload Attribute Types that
    add support for trusted Split DNS domains.
 
    The INTERNAL_DNS_DOMAIN attribute type is used to convey one or more
-   DNS domains that SHOULD be resolved only using the provided DNS
+   DNS domains that MUST be resolved only using the provided DNS
    nameserver IP addresses, causing these requests to use the IPsec
    connection.
 
    The INTERNAL_DNSSEC_TA attribute type is used to convey DNSSEC trust
    anchors for those domains.
 
    When only a subset of traffic is routed into a private network using
    an IPsec SA, these Configuration Payload options can be used to
    define which private domains are intended to be resolved through the
    IPsec connection without affecting the client's global DNS