[Acme] Opsdir last call review of draft-ietf-acme-subdomains-04

Bo Wu via Datatracker <noreply@ietf.org> Sun, 20 November 2022 12:20 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Bo Wu via Datatracker <noreply@ietf.org>
To: ops-dir@ietf.org
Cc: acme@ietf.org, draft-ietf-acme-subdomains.all@ietf.org, last-call@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <166894684271.62712.14786912749584690539@ietfa.amsl.com>
Reply-To: Bo Wu <lana.wubo@huawei.com>
Date: Sun, 20 Nov 2022 04:20:42 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/Zm8tiB9slhVo2GveJPVQiqVhQgA>
Subject: [Acme] Opsdir last call review of draft-ietf-acme-subdomains-04

Reviewer: Bo Wu
Review result: Has Nits

Reviewer: Bo Wu
Review result: Has Nits

I am the assigned Ops reviewer for this draft.

Document: draft-ietf-acme-subdomains-04

Summary:

This document (with intended status Standards Track) extends ACME [RFC8555] to
support issuing certificates for subdomains. This is a well-written document.

Major issues: None.

Minor issues: None.

Nits/editorial comments:

1- Question: Section 4.3, Would it better to replace "a given identifier FQDN"
with "a given subdomain"?
   Clients need a mechanism to optionally indicate to servers whether or
   not they are authorized to fulfill challenges against parent domains
   for a given identifier FQDN.

2- Question: Section 5, it seems that the text below the call flow figure is
not consistent with the figure. It would be better to describe the differences
between the steps in the figure and the steps in the text below.

3- Inconsistent words: Section 5, pre-authorised -> pre-authorized

4- Question: Section 8, Is RFC 8555 a normal reference as this document is an
enhancement to this RFC?

Thanks,
Bo Wu

[Acme] Opsdir last call review of draft-ietf-acme… Bo Wu via Datatracker
Re: [Acme] Opsdir last call review of draft-ietf-… Owen Friel (ofriel)