[Ace] Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08
Christer Holmberg via Datatracker <noreply@ietf.org> Fri, 04 October 2019 17:44 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C28D12011F; Fri, 4 Oct 2019 10:44:17 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Christer Holmberg via Datatracker <noreply@ietf.org>
To: gen-art@ietf.org
Cc: draft-ietf-ace-cwt-proof-of-possession.all@ietf.org, ietf@ietf.org, ace@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.104.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Christer Holmberg <christer.holmberg@ericsson.com>
Message-ID: <157021105722.1446.14439223392992273252@ietfa.amsl.com>
Date: Fri, 04 Oct 2019 10:44:17 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/K6634K4ZbDQjgrY06bYDtk-7VCY>
Subject: [Ace] Genart last call review of draft-ietf-ace-cwt-proof-of-possession-08
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Oct 2019 17:44:17 -0000
Reviewer: Christer Holmberg Review result: Ready with Issues I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-ace-cwt-proof-of-possession-08 Reviewer: Christer Holmberg Review Date: 2019-10-04 IETF LC End Date: 2019-10-09 IESG Telechat date: Not scheduled for a telechat Summary: For most part the document is ready, but I have a few editorial comments and an issue. Major issues: N/A Minor issues: The text says in the Security Considerations that one must ensure that the might not understand the "cnf" claim, and that applications must ensure that receivers support it. Q1: How are you going to ensure that, and why do you have to ensure that? RFC 8392 doesn't even seem to require that one must ensure that the receivers support CWT. Q2: For receivers that do support CWT, RFC 8392 says that unsupported claims must be discarded. If that can't be applied for "cnf" I think you need to explain why. Nits/editorial comments: Q_ED_1: Please use [RFC8392] instead of [CWT] when referencing to RFC 8392. Q_ED_2: Shall CBOR be enhanced on first occurrence (in the Abstract or Introduction), or is it on the list of well-known abbreviations? Q_ED_3: Add a reference for CBOR map on first occurrence. (I was looking in RFC 7049, and while it mentions maps in many places I could not find a proper definition for "CBOR map")
- [Ace] Genart last call review of draft-ietf-ace-c… Christer Holmberg via Datatracker
- Re: [Ace] Genart last call review of draft-ietf-a… Mike Jones
- Re: [Ace] Genart last call review of draft-ietf-a… Mike Jones
- Re: [Ace] Genart last call review of draft-ietf-a… Benjamin Kaduk