[Acme] Barry Leiba's No Objection on draft-ietf-acme-email-smime-12: (with COMMENT)

Barry Leiba via Datatracker <noreply@ietf.org> Thu, 19 November 2020 04:36 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Barry Leiba via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-acme-email-smime@ietf.org, acme-chairs@ietf.org, acme@ietf.org, Rich Salz <rsalz@akamai.com>, rsalz@akamai.com
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Barry Leiba <barryleiba@computer.org>
Message-ID: <160576057337.21550.7381268745203445279@ietfa.amsl.com>
Date: Wed, 18 Nov 2020 20:36:13 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/vKydqBBQe13WUpqwNP4tlisNHhQ>
Subject: [Acme] Barry Leiba's No Objection on draft-ietf-acme-email-smime-12: (with COMMENT)

Barry Leiba has entered the following ballot position for
draft-ietf-acme-email-smime-12: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-acme-email-smime/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for discussing things with me and addressing my comments.  Version -12
takes care of all my comments except for the one in Section 2:  Please use the
new BCP 14 boilerplate and add a normative reference to RFC 8174.

The changes from version -10 do introduce a few typos and nits, so I'll record
them here; please consider fixing them, but there's no need to respond further.

— Section 1 —

   This document aims to support both:

I suggest saying what it does, rather than what it aims to do.  Also (nit), as
the two numbered items are each multiple sentences, the intro is better worded
thus:

NEW
   This document supports both of the following:
END

   Such MUA can present nice User
   Interface to the user and automate certificate issuance.

Nits: there are articles missing, “user interface” doesn’t need capitalization,
and “user interface to the user” is redundant:

NEW
   Such an MUA can present a nice
   interface to the user and automate certificate issuance.
END

In the second bullet, make it “An MUA”, as we pronounce it “em-yoo-ay”, not
“moo-ah”.

— Section 3 —

   The process of issing an S/MIME certificate works as follows.

Typo: make it “issuing”.

— Section 3.1 —

   To aid in debugging (and in for some

Typo: change “in for” to “for”.

— Section 3.2 —
In bullet 7:

       The text/plain body part (whether or not it is
       inside multipart/alternative) MUST contain a block of lines
       starting with the line "-----BEGIN ACME RESPONSE-----", followed
       by one or more line containing the base64url-encoded SHA-256
       digest [FIPS180-4] of the key authorization, calculated from
       concatenated token-part1 (received over email) and token-part2
       (received over HTTPS), as outlined in the 5th bullet in
       Section 3.

You changed this from “3rd bullet” to the new “5th bullet”, but I don’t
understand why: it’s still the third bullet that talks about how the content is
formed.

[Acme] Barry Leiba's No Objection on draft-ietf-a… Barry Leiba via Datatracker