[Gen-art] Gen-ART Last Call review of draft-ietf-lamps-rfc3709bis-06
Paul Kyzivat <pkyzivat@alum.mit.edu> Tue, 25 October 2022 14:54 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 581FEC14CF12; Tue, 25 Oct 2022 07:54:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.008
X-Spam-Level:
X-Spam-Status: No, score=-7.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alum.mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zcS45ZtEHqeK; Tue, 25 Oct 2022 07:54:48 -0700 (PDT)
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2041.outbound.protection.outlook.com [40.107.94.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D95ECC14F734; Tue, 25 Oct 2022 07:54:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m98KntHNMP3fcXdZVEZ/64yr/FQ0x6DVTJHgDv9kx42B3pdbqcBmOMSH6rK8pp9lfRfDsEBAT6b6Y/EhbmgtHTZ5QxOmP0Ig+MyECApXV7pQwLioqYz+TeTrev9vAi4c6c3XD3VhMCcf2zBHhvodsysJNXOMExAt1N/IyX7oghFSWxNahRviBzdwhDDseXOd602cMjWuAM25I5fi8dSTF1T+Au3URGX4LzTMwPzI5j8Uvm2eH3gCntr8NozXhP0s012pOhA/IdPfdg3YyMHDWTchnuZM8kxuzLbSDtprJqk4AdddCrwzSa27F4rxeg7GFePjuXRZgfnFsT1gFWnOUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LOYBmR+wD4pJCny9FYliuZVYQWmz1ywRoduzHETgKMo=; b=cMpFh3sv7h7ugJRwMEiHl24LfHgOr0XddhAlQGblOlRaY8As4JBmN0gqCGWAzYUd6qae/ZrP8F2SBckGruF2P6i6+4P8/jZW+Wo10+1Cgsvu8VUgiNAhQJ9Kt1pqW3MROLoUVWp30NIG3u+5NgeK009HPlFBzqz9ebzXA3zoS/tLNFsFdXuu2mYpv0bTsXI5HqTBIpVoYOaZgOHEltrnuRQo62Yie09t5+r8UMZwLmodD8C5vFOPGm8GQ1H2m+2kiqEOS2bVUSJT7Y05kotwAiL7lq9OHdNMJJmikpx0iyPBu76AxMPJl16Y57jlb0TxRvQQR3AVe87gNCM7FD4CYQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 18.7.68.33) smtp.rcpttodomain=ietf.org smtp.mailfrom=alum.mit.edu; dmarc=pass (p=none sp=none pct=100) action=none header.from=alum.mit.edu; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alum.mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LOYBmR+wD4pJCny9FYliuZVYQWmz1ywRoduzHETgKMo=; b=fGRJmyGRrr7R5c0d9VQFDokOY4nBLAqmFgmRyvSv5HVevxBeZ4Nc/OEmqPZmqYrTT6OqmccRMxoepXqcFTJny9p/hsvREgPk+4h63k9RdC91kxEFVxOpYK5iGTaSVph3brdSpCtOsp5Z1EtTO9s7/TDRa9birIkYh3Pzi6nhXGc=
Received: from BN9PR03CA0344.namprd03.prod.outlook.com (2603:10b6:408:f6::19) by MN2PR12MB4159.namprd12.prod.outlook.com (2603:10b6:208:1da::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.23; Tue, 25 Oct 2022 14:54:42 +0000
Received: from BN1NAM02FT023.eop-nam02.prod.protection.outlook.com (2603:10b6:408:f6:cafe::e5) by BN9PR03CA0344.outlook.office365.com (2603:10b6:408:f6::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.28 via Frontend Transport; Tue, 25 Oct 2022 14:54:42 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 18.7.68.33) smtp.mailfrom=alum.mit.edu; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=alum.mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of alum.mit.edu designates 18.7.68.33 as permitted sender) receiver=protection.outlook.com; client-ip=18.7.68.33; helo=outgoing-alum.mit.edu; pr=C
Received: from outgoing-alum.mit.edu (18.7.68.33) by BN1NAM02FT023.mail.protection.outlook.com (10.13.2.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.16 via Frontend Transport; Tue, 25 Oct 2022 14:54:41 +0000
Received: from [192.168.1.52] (c-24-62-106-242.hsd1.ma.comcast.net [24.62.106.242]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id 29PEsdVG032580 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 25 Oct 2022 10:54:40 -0400
Message-ID: <3abe8edb-a4a1-06d9-7af3-028e3c58b52a@alum.mit.edu>
Date: Tue, 25 Oct 2022 10:54:39 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.13.1
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
To: draft-ietf-lamps-rfc3709bis.all@ietf.org
Cc: General Area Review Team <gen-art@ietf.org>
Content-Language: en-US
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN1NAM02FT023:EE_|MN2PR12MB4159:EE_
X-MS-Office365-Filtering-Correlation-Id: ee33eb43-bde4-46c6-fdb6-08dab698d8e5
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: vr3G78eLoAtKL1BuANymG/2lZw24z/D7A++nz2+/KbW9FJB1ilHY5d3HK5w1+HwZfXXeJOPwyaSeHvUxHD0em6jqubSfnXd8Fq+gh7lv3LxFpKebLn+qN9uj2Pyk54qiq3UV6Z1eK6MhErU89C+n8YzXOoXDxvmghxfIJ+als/esD2JyzTTnI7b+Pb0A3j6yySx7n0I1eH71DHxYXtHlhoPF/g/Njs7MlpROZo3nA17GImvcPO12TAMwCjEVwsN6nbhd3pj2tpQwIC3lQQCxuSJBcVLurEw2A4qhzwdUKrlNi2GHFyLJujKC19FeQ+NrToU8Lh5I8skjp5BcDmkFqmic824B3/kEZuiW62Rt1M5pF/ofvIviuyUQqJ6AlkU1kvbxQl1ba0Wx5oxgxM287+JwQJ0LZuLWxVskiBqDb9JWDPQvR7Vs8WRvF+zlYUSqT2LrmwDZLF0ePuhhxurQyrOng7uCY7TFhk4iaVFujWkvpJAJV00AZx27AnNxkw1umbMxlG1YCtM3pOJbLKUVRbzr9CW7+PgqNfRX3cTq3OCuezL0YJ83XBYiL1jPBW26cuxdGOywRrGLRkKkHtrr7kfyI3e2DMg25XatbaohA4nR4f5jaJt2Xs8gSWg0HCh7lPPGizJSmapwrjJsId0UdKf8dSQTuQ5vFjdqb2Ld0TDbsv0Y+nzW7bcifSeVIpyq+yXVcLffgO/8ypmXjDOx6fsg/4K4ug2aRGZl1IGsPVGKEr2idufkQMLeXkPGLW4j5FH8J4qShzgyeLoHct9qJCAIkjugnZRagJh3IDot/+1Ye7HzcNjzXgq3PNsaB4VZ0lWgjX/5gjP9lTxPeEH8Kw==
X-Forefront-Antispam-Report: CIP:18.7.68.33; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:outgoing-alum.mit.edu; PTR:outgoing-alum.mit.edu; CAT:NONE; SFS:(13230022)(376002)(39860400002)(346002)(136003)(396003)(451199015)(40470700004)(46966006)(36840700001)(82310400005)(31686004)(4001150100001)(2906002)(40480700001)(4326008)(356005)(41300700001)(5660300002)(7596003)(75432002)(8936002)(8676002)(70206006)(66899015)(36860700001)(47076005)(70586007)(82740400003)(786003)(316002)(450100002)(40460700003)(6916009)(86362001)(31696002)(478600001)(41320700001)(26005)(186003)(336012)(956004)(2616005)(43740500002); DIR:OUT; SFP:1101;
X-OriginatorOrg: alum.mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Oct 2022 14:54:41.5019 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ee33eb43-bde4-46c6-fdb6-08dab698d8e5
X-MS-Exchange-CrossTenant-Id: 3326b102-c043-408b-a990-b89e477d582f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3326b102-c043-408b-a990-b89e477d582f; Ip=[18.7.68.33]; Helo=[outgoing-alum.mit.edu]
X-MS-Exchange-CrossTenant-AuthSource: BN1NAM02FT023.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4159
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/IiFgJfnLGPzwxj92raQWE4oI108>
Subject: [Gen-art] Gen-ART Last Call review of draft-ietf-lamps-rfc3709bis-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Oct 2022 14:54:52 -0000
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-lamps-rfc3709bis-06 Reviewer: Paul Kyzivat Review Date: 2022-10-25 IETF LC End Date: 2022-10-28 IESG Telechat date: ? Summary: This draft is on the right track but has open issues, described in the review. Issues: Major: 0 Minor: 1 Nits: 2 1) MINOR: In Section 4.1 (Extension Format): The following: "CAs SHOULD use the one-way hash function that is associated with the certificate signature to compute the hash value, and CAs MAY include other hash values." introduces the possibility that a client might not support *any* of the provided hash algorithms. This seems bad. RFC3709 didn't have this problem because it required that an SHA-1 hash be included and supported. This can be fixed by changing "CAs SHOULD" to "CAs MUST". 2) NIT: From IdNits: ** Downref: Normative reference to an Informational RFC: RFC 1952 I think it would be ok to change the reference to Informative. 3) NIT: Typos In Section 3 (Logotype Data): s/then each image objects/then each image object/ In Section 7 (Image Formats): s/The following table lists many commons/The following table lists many common/ s/requirements these image formats/requirements for these image formats/ s/the client will receive response/the client will receive a response/ (The last one above appears twice.) In Section 10 (Privacy Considerations): s/cache logotype data is cached/cache logotype data/
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Paul Kyzivat
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Russ Housley
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Paul Kyzivat
- Re: [Gen-art] [lamps] Gen-ART Last Call review of… Russ Housley
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Lars Eggert