[CDNi] Secdir last call review of draft-ietf-cdni-delegation-acme-03
Valery Smyslov via Datatracker <noreply@ietf.org> Tue, 17 October 2023 12:45 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: cdni@ietf.org
Delivered-To: cdni@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 91C31C1705F6; Tue, 17 Oct 2023 05:45:11 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Valery Smyslov via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: cdni@ietf.org, draft-ietf-cdni-delegation-acme.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 11.13.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <169754671158.21160.1314665109283979400@ietfa.amsl.com>
Reply-To: Valery Smyslov <valery@smyslov.net>
Date: Tue, 17 Oct 2023 05:45:11 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cdni/W-METEstxvCHQ-pNA_8EWNBuvuo>
Subject: [CDNi] Secdir last call review of draft-ietf-cdni-delegation-acme-03
X-BeenThere: cdni@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "This list is to discuss issues associated with the Interconnection of Content Delivery Networks \(CDNs\)" <cdni.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cdni>, <mailto:cdni-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cdni/>
List-Post: <mailto:cdni@ietf.org>
List-Help: <mailto:cdni-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cdni>, <mailto:cdni-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2023 12:45:11 -0000
Reviewer: Valery Smyslov Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft defines a CDNI metadata object to enable delegation of X.509 certificates using ACME protocol. The actual operations for certificates delegation using ACME protocol are defined in RFC9115, which contains a comprehensive list of security considerations. This document just extends the CDNI metadata interface to enable leveraging the schemes from RFC9115. Nits: 1. "CDN" is used in the Abstract without expanding, but it is later expanded in the Introduction. I found this inconsistent: if the abbreviation is well-known, then no expanding is needed, otherwise, it should be expanded in the Abstract. 2. "CDNI", "FCI" are used with no expanding before the Terminology section, which specifies where the terms are defined.
- [CDNi] Secdir last call review of draft-ietf-cdni… Valery Smyslov via Datatracker
- Re: [CDNi] Secdir last call review of draft-ietf-… frederic.fieau
- Re: [CDNi] Secdir last call review of draft-ietf-… frederic.fieau