IETF Logo Mail Archive

[Gen-art] GenArt review: draft-ietf-tls-openpgp-keys-10.txt

Robert Sparks <rjsparks@nostrum.com> Mon, 24 July 2006 15:48 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G52fM-0006RK-BT; Mon, 24 Jul 2006 11:48:20 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G52fK-0006R8-Mk for gen-art@ietf.org; Mon, 24 Jul 2006 11:48:18 -0400
Received: from shaman.nostrum.com ([72.232.15.10] helo=nostrum.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G52fJ-0000FG-BB for gen-art@ietf.org; Mon, 24 Jul 2006 11:48:18 -0400
Received: from [172.17.2.252] (vicuna.estacado.net [72.1.129.69]) (authenticated bits=0) by nostrum.com (8.13.6/8.13.6) with ESMTP id k6OFkmOj038432 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Mon, 24 Jul 2006 10:46:49 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Transfer-Encoding: 7bit
Message-Id: <15F1AA72-3602-4F97-A89D-F9A0DD41BF5D@nostrum.com>
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
To: gen-art@ietf.org, nmav@gnutls.org, tls-chairs@tools.ietf.org, tls-ads@tools.ietf.org
From: Robert Sparks <rjsparks@nostrum.com>
Date: Mon, 24 Jul 2006 10:46:52 -0500
X-Mailer: Apple Mail (2.752.2)
Received-SPF: pass (nostrum.com: 72.1.129.69 is authenticated by a trusted mechanism)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f60d0f7806b0c40781eee6b9cd0b2135
Cc:
Subject: [Gen-art] GenArt review: draft-ietf-tls-openpgp-keys-10.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org

I am the assigned Gen-ART reviewer for draft-ietf-tls-openpgp- 
keys-10.txt

For background on Gen-ART, please see the FAQ at <http:// 
www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html>.

Normally, the Gen-ART LC review occurs during IETF Last Call, but in  
this case the draft was not assigned
for review until after IETF Last Call concluded. Please consider  
these late Last Call comments and coordinate
with your AD before taking action on any of them.

This draft is basically ready for publication as an Experimental RFC,  
but has some minor nits that should be addressed
before publication.

1) The third paragraph in 2.3 is potentially confusing. I believe  
it's trying to say that the content of the
      OpenPGP public key appearing in the Certificate message is  
defined in section 10.1 of [OpenPGP].
      It would be better to state that directly, rather than have the  
reader wonder if this paragraph is attempting
      to define a new composition of OpenPGP packets.

2) Section 2.5: Is an "empty" OpenPGP key well-defined? I didn't find  
an answer to this question quickly
     skimming 2440. If this is defined somewhere, could you add a  
reference. If not, could you clarify
     what it should contain?

3) Section 2.5 (again): This section uses lower-case "should" and  
"may" where 2119 terms would
      make sense. Was the choice to not make these SHOULD and MAY  
intentional?

4) Section 2.6 (tiny nit): I realize this is document is targeting  
Experimental, but constructs like this
     catch my eye as a source of unending implementer arguments about  
whether this 'such as' list
     is comprehensive and exclusive. The intent here is to say _ALL_  
the remaining handshake
     messages are unchanged from the definitions in [TLS]. It might  
save pain later to change the
     words now to say just that, and have a separate sentence saying  
"including, but not limited to"
     giving examples if you need them.

5) I see there were several messages on the tls list around what text  
the security considerations
     section should contain. The document seems to reflect the  
conversations there, but without
     the context of those conversations, it feels weaker than it  
should. An explicit note in the security
     considerations section reinforcing that all the security  
considerations of 4346 and the documents
     it relies on would not hurt. Are there any guidelines in  
existing documents that this document could
     point to in order to help the reader understand what kind of  
issues he may be facing when making
     the decisions this document leaves to local policy?

As a matter of personal preference, I think the document would  
benefit from a Table of Contents.

I have a few grammar nits that I will send directly to Nikos.


RjS

_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email