Re: [art] [EXTERNAL] Artart last call review of draft-ietf-lamps-ocsp-nonce-update-04
Himanshu Sharma <himanshu@netskope.com> Tue, 02 April 2024 19:13 UTC
Return-Path: <himanshu@netskope.com>
X-Original-To: art@ietfa.amsl.com
Delivered-To: art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F21B2C14CF1B for <art@ietfa.amsl.com>; Tue, 2 Apr 2024 12:13:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.592
X-Spam-Level:
X-Spam-Status: No, score=-0.592 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_SORBS_WEB=1.5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netskope.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eb18cqm2Ydrj for <art@ietfa.amsl.com>; Tue, 2 Apr 2024 12:13:53 -0700 (PDT)
Received: from us-smtp-delivery-117.mimecast.com (us-smtp-delivery-117.mimecast.com [170.10.133.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20E29C14CEFD for <art@ietf.org>; Tue, 2 Apr 2024 12:13:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netskope.com; s=mimecast20210603; t=1712085231; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=lfY4vcm/lmTn+ivU2RY1iQwxPt6KwPJQ2ttBMNHk6QE=; b=PBuwzP/6ELVB2ptPZ84b9juQGBqYjC00m8wxKMM461xeMwXa80r4i9wGyZzkGIY+xc4Q1z jqFKSEv+z7bR/2/rSAFCOz6JFxDHHUzqKo3fic/8LSGq3fNxXV6YqvMG52PJNLvA2LVN6H qn9Ir6J/xyzhPiqvLE74NKewGjMbLi8=
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-272-ly_qYxUvPt2PkK941-xyGg-1; Tue, 02 Apr 2024 15:13:49 -0400
X-MC-Unique: ly_qYxUvPt2PkK941-xyGg-1
Received: by mail-pl1-f198.google.com with SMTP id d9443c01a7336-1e2058878b9so52129085ad.0 for <art@ietf.org>; Tue, 02 Apr 2024 12:13:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712085228; x=1712690028; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=hvE+Jxy4WmDGQbf7iG6ad1yGIqrYFV8GVPn6x2RLd8Q=; b=NMuIQuoZ+E6/IV9P+gwcfqPnkPX8Kc5fM5uJSs6UfudKGDLOUFhg0kKpSfnFjlR25X 3J7Rv/j7y518vw0sWdZr2qoWxOPKTNmXs5qrvnX6b4/RTXjddfIo6kKFv+p27GC3Rwig hOFk7N1MgnYB0slGSQJfp7JcRb7lHhyctDxLkkDUAS9wAC/TZu7zIgVo03sGGIq+eTFI c7GgJlWch2QdbuX/DfjHKEebkM4jNhsfsjQ9Ysa0NzQWk60gdWxphlwdzRgmpu5f+Gra +DKY4MrtauBYEaqg8MemJ/0cSdOqEAK0JI73t59NEVgnYiUrBCZNc+XfGzyhDITdOYsC IGAA==
X-Gm-Message-State: AOJu0YwjzJjLDB16gJTi3CAOKerILfD7YZsvLhlnPAvFwQ8pHQ1O4sYk Ja8V9EPVW6jyQijOhh9bg8HVk1B1GnbsQhCtuZWRey273GEn3KF1Z/ifT0+5jHuonJ+g/cMhmuH voqbQ1OXldCd9/ADNOXu2M/GWg+8kPZgWWiQS0S2SCT1Q74Sg8msxAQeu+FcS29CaimVcWL/GOf LLJyyMnHoxNWueqvq7
X-Received: by 2002:a17:902:e843:b0:1dc:8f19:8344 with SMTP id t3-20020a170902e84300b001dc8f198344mr17571349plg.27.1712085228341; Tue, 02 Apr 2024 12:13:48 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IG3HbDgzJGEmetnFVWGDOmLg96fs0TzEJa/dIO2nVuBRr/h3Jetvzk3uh51k3FGibeks0YbBLPMhWml
X-Received: by 2002:a17:902:e843:b0:1dc:8f19:8344 with SMTP id t3-20020a170902e84300b001dc8f198344mr17571332plg.27.1712085228075; Tue, 02 Apr 2024 12:13:48 -0700 (PDT)
Received: from netskope.com ([163.116.128.214]) by smtp-relay.gmail.com with ESMTPS id d12-20020a170902b70c00b001e218749fddsm279541pls.59.2024.04.02.12.13.47 for <art@ietf.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Apr 2024 12:13:48 -0700 (PDT)
X-Relaying-Domain: netskope.com
Received: by mail-pl1-f199.google.com with SMTP id d9443c01a7336-1e0c070b660so48348315ad.2 for <art@ietf.org>; Tue, 02 Apr 2024 12:13:47 -0700 (PDT)
X-Received: by 2002:a17:902:e543:b0:1e0:e8b7:1fa2 with SMTP id n3-20020a170902e54300b001e0e8b71fa2mr17824878plf.21.1712085227214; Tue, 02 Apr 2024 12:13:47 -0700 (PDT)
X-Received: by 2002:a17:902:e543:b0:1e0:e8b7:1fa2 with SMTP id n3-20020a170902e54300b001e0e8b71fa2mr17824863plf.21.1712085226951; Tue, 02 Apr 2024 12:13:46 -0700 (PDT)
MIME-Version: 1.0
References: <171199463982.27279.13238273687080929241@ietfa.amsl.com> <CAL9pJ7mQg_eWye9OVV2w192Jcuchzcs_es6moFmSo=05DOLKsQ@mail.gmail.com>
In-Reply-To: <CAL9pJ7mQg_eWye9OVV2w192Jcuchzcs_es6moFmSo=05DOLKsQ@mail.gmail.com>
From: Himanshu Sharma <himanshu@netskope.com>
Date: Tue, 02 Apr 2024 12:13:34 -0700
Message-ID: <CAL9pJ7n4gkYQSTRzC-ZH-dpEtDUzTvN9f8tTyPW73AZeh+QfhQ@mail.gmail.com>
To: Jim Fenton <fenton@bluepopcorn.net>
Cc: art@ietf.org, draft-ietf-lamps-ocsp-nonce-update.all@ietf.org, last-call@ietf.org, spasm@ietf.org, Joseph Salowey <joe@salowey.net>
x-netskope-inspected: true
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: netskope.com
Content-Type: multipart/alternative; boundary="000000000000c72c99061521e712"
Archived-At: <https://mailarchive.ietf.org/arch/msg/art/MGD_5z4eIj1kkxSiS8HvexWSARU>
Subject: Re: [art] [EXTERNAL] Artart last call review of draft-ietf-lamps-ocsp-nonce-update-04
X-BeenThere: art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Applications and Real-Time Area Discussion <art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/art>, <mailto:art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/art/>
List-Post: <mailto:art@ietf.org>
List-Help: <mailto:art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/art>, <mailto:art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2024 19:13:57 -0000
Hi Jim
Thanks for all the suggestions and pointing you the IDNITS errors.
I have changed the content according to your suggestions, corrected the
reference, and moved RFC 5912 to the informative reference section from
normative reference section.
Russ has verified the ASN.1 module and it compiles fine.
Now this draft has 0 errors reported from IDNITS.
Meanwhile I have reached out to Joseph Salowey and am working with him to
address the feedback he has provided.
Himanshu
On Mon, Apr 1, 2024 at 3:12 PM Himanshu Sharma <himanshu@netskope.com>
wrote:
> Thanks Jim for your time to review the Draft.
> I will work on the suggestions and update the draft accordingly.
>
>
>
> On Mon, Apr 1, 2024 at 11:04 AM Jim Fenton via Datatracker <
> noreply@ietf.org> wrote:
>
>> Reviewer: Jim Fenton
>> Review result: Almost Ready
>>
>> I am the designated ART ART reviewer for
>> draft-ietf-lamps-ocsp-nonce-update-04.
>>
>> Status: Almost ready
>>
>> Comments:
>>
>> Section 1, suggest replacing "[RFC8954] enforce the maximum" to "[RFC8954]
>> limits the maximum"
>>
>> Section 2, suggest replacing "enforce" with "limit".
>>
>> Section 2.1 paragraph 1 can be deleted since this is replacing RFC8954 in
>> its
>> entirety.
>>
>> Section 2.1 paragraph 3: "An OCSP client that implements this document
>> SHOULD
>> use a minimum length of 32 octets..." while RFC 8954 says, "Newer OCSP
>> clients
>> that support this document MUST use a length of 32 octets..." It seems
>> like
>> this requirement has been weakened; is there a reason for that? Also in
>> that
>> paragraph, rather than "in excess of what is permitted by RFC 8954"
>> suggest
>> saying "in excess of the limit of 32 octets that was specified in RFC
>> 8954."
>>
>> Section 2.1 paragraph 4: replace "...MUST accept Nonce octets length of at
>> least 16 octets..." with "...MUST accept Nonce lengths of at least 16
>> octets..."
>>
>> Section 2.1 paragraph 5: replace "Nonce octet length" with "Nonce length"
>>
>> In the example, the object identifier, in addition to Offset and Length,
>> is in
>> decimal.
>>
>> I don't have the expertise in ASN.1 to fully review Appendix A; hopefully
>> another reviewer can check that.
>>
>> IDNITS points out that you have a normative reference to RFC 5912, which
>> is
>> informational. I'm not sure the reference is really normative, though.
>>
>>
>>
- [art] Artart last call review of draft-ietf-lamps… Jim Fenton via Datatracker
- Re: [art] [EXTERNAL] Artart last call review of d… Himanshu Sharma
- Re: [art] [EXTERNAL] Artart last call review of d… Himanshu Sharma
- Re: [art] [EXTERNAL] Artart last call review of d… Himanshu Sharma
- Re: [art] [EXTERNAL] Artart last call review of d… Jim Fenton