General:
This is a good overview of AKEs for clustered ad hoc networks. However,
the presentation is rather condensed and the reader is required to be
well familiar with the material. But maybe at this stage of the seminar
we can assume it. For example, I would not have been able to understand
 Section 6.2 if the details had not already been given in Jan's paper.

In general, the term ad hoc network has different meanings. Often it
 means networks without any security infrastructure. In the context of
 this paper it is  assumed that the members of the ad hoc network are 
covered by a PKI or some other authentication infrasturcture. 

The main issue of the schemes considered in this paper is how to
 traverse the group for GDH in the most efficient way. After the most
 efficient way has been exstablished, the members run Burmester-Desmedt
 GDH, and then add authentication of the key exchange messages based on
 the authentication infrastructure. 


Editorial and detailed comments:
 
Section 2.1, para 1: Titles of papers are not usually quoted verbatim.

Section 2.3, step 2: an extra "1"
 
section 2.4, sentence, lines 1-3: unclear, a missing word?

Section 4, para 2:  Indendence of long term and short term secrets
 is also referred to as perfect forward secrecy.

Section 5, para 3: remove dots from 8 

Section 5, para 3, last line: not contributory = distributory
 (this is an opportunity to use a term introduced in the beginning 
but not used yet) 

Section 6, line 2: sentence to be corrected

Section 6, line 5: explained above

Section 6, para 1: How is Burmester-Desmedt authenticated within a 
cluster?

Section 6.2: You write: "A-GDH relied much on the implicit
 authentication. The group key can not be constructed without the secret
 share of one of the participants."  What do you mean? Plain Diffie-
Hellman does not give implicit authentication, so does not Burmester-
Desmedt, even if the key is computed from secrets shares of the
 participants.