Re: [Gen-art] Genart review of draft-ietf-pkix-cmp-transport-protocols-18

Christer Holmberg <> Tue, 15 May 2012 18:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 186C821F881A for <>; Tue, 15 May 2012 11:50:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.164
X-Spam-Status: No, score=-6.164 tagged_above=-999 required=5 tests=[AWL=0.085, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dsee-irQS6kk for <>; Tue, 15 May 2012 11:50:30 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 776E021F8779 for <>; Tue, 15 May 2012 11:50:29 -0700 (PDT)
X-AuditID: c1b4fb30-b7be1ae0000059fc-56-4fb2a5744077
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id A7.DB.23036.475A2BF4; Tue, 15 May 2012 20:50:28 +0200 (CEST)
Received: from ([]) by ([]) with mapi; Tue, 15 May 2012 20:50:28 +0200
From: Christer Holmberg <>
To: "Peylo, Martin (NSN - FI/Espoo)" <>, "" <>, "" <>
Date: Tue, 15 May 2012 20:48:47 +0200
Thread-Topic: Genart review of draft-ietf-pkix-cmp-transport-protocols-18
Thread-Index: Ac0xoqdXoxjsfzuuSE+UhyHHLVaitgBDSLxQAAbkgBs=
Message-ID: <>
References: <>, <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
Subject: Re: [Gen-art] Genart review of draft-ietf-pkix-cmp-transport-protocols-18
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 May 2012 18:50:31 -0000

Hi Martin,

Your suggested changes look good.

Regarding Q2-2, however, I belive the section is normally called just "Conventions".



From: Peylo, Martin (NSN - FI/Espoo) []
Sent: Tuesday, May 15, 2012 7:12 PM
To: Christer Holmberg;;
Subject: RE: Genart review of draft-ietf-pkix-cmp-transport-protocols-18

Hi Christer,

thank you for your review and valuable nits. Please find my comments inline, prefixed with an “MP”.

Attached, the so far unpublished (pre-)19 version of the draft implementing the changes described below.

Kind regards,


From: ext Christer Holmberg []
Sent: Monday, May 14, 2012 10:35 AM
Subject: Genart review of draft-ietf-pkix-cmp-transport-protocols-18

I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <>.

Please wait for direction from your document shepherd or AD before posting a new version of the draft.

Document: draft-ietf-pkix-cmp-transport-protocols-18.txt
Reviewer: Christer Holmberg
Review Date: 14 May 2012
IETF LC End Date: 21 May 2012
IESG Telechat date: 24 May 2012

Summary: The draft is ready for publication, but with a number of editorial nits.

Major issues: -

Minor issues: -

Nits/editorial comments:

Section 1:

Q1-1: In my opinion the following statement (1st paragraph) can be removed:

   "This document defines the transport mechanism which was removed from the main CMP specification
   with the second release and referred to be in a separate document."

Because, the following paragraphs describes very well the background, and justification of the new transport. There is no need to say whether the new transport was originally supposed to be part of the main spec or not.

MP: Removed.

Q1-2: In the 2nd paragraph, please add reference to HTTP on first occurrence.

MP: although it’s the first occurrence in 2nd paragraph, I would prefer to add the references to RFC 1945 and RFC2616 to the 4th paragraph. Reason is that 2nd paragraph contains only an historic reference - and there (in RFC2510) it was not referenced what HTTP is either. See below how the 4th paragraph will then look like when also fixing Q1-3.

Q1-3: The following statement is a little confusing:

   "During the long time it existed as draft, this RFC was undergoing drastic changes."

There hasn’t been any changes to the RFC, but to the draft. So, I would say something like:

            “Before this document was published as an RFC, the draft version underwent drastic changes during the work process.”

MP: Changed, I inserted “long-lasting” to highlight the long time it took from draft-1 (June 22, 2000) to now. So the paragraph is now:

   Before this document was published as an RFC, the draft version

   underwent drastic changes during the long-lasting work process.  The

   "TCP-Based Management Protocol" was enhanced and a TCP-Messages-over-

   HTTP transport specification appeared.  As both proved to be needless

   and cumbersome, implementers preferred to use plain HTTP transport

   following [RFC1945] or [RFC2616].  This document now reflects that by

   exclusively describing HTTP as transport protocol for CMP.

Section 2:


Q2-1: The section only contains the RFC 2119 terminology, but that is normally in a “Conventions” section.

Q2-2: As there are no requirements listed, I suggest to remove the section.

MP: This was totally missed so far. I will change this section to “Conventions Used in This Document” as of course the RFC 2119 terminology is used throughout the document.

Section 3.2:


Q3_2-1: The text says:

“However, neither HTTP nor this protocol are designed to correlate messages on the same

            connection in any meaningful way;”

It is a little unclear what “this protocol” refers to.

MP: changed to “… neither HTTP nor the protocol specified in this document are designed…”

Section 4:


Q4-1: It is a little unclear what is meant by “legacy implementations”. Do you consider implementations based on earlier versions of the draft as “legacy”? In my opinion a “legacy” implementation is based on a previously published standard/RFC.

So, if the section is supposed to cover issues with earlier versions of this draft, I think it should be called something else.

MP: I’m following a proposal from Sean Turner here and take his excellent suggestion to replace the complete section.

> 4.  Implementation Considerations


>     Implementors should be aware that implementations might exist that

>     use a different approach for HTTP transport because this document

>     has been under development for more than a decade.  Further,

>     implementations based on earlier drafts of this

>     document might use an unregistered "application/pkixcmp-poll" MIME

>     type.