IETF Logo Mail Archive

[Gen-art] Genart last call review of draft-ietf-sidrops-cms-signing-time-06

Gyan Mishra via Datatracker <noreply@ietf.org> Fri, 08 March 2024 01:04 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: gen-art@ietf.org
Delivered-To: gen-art@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 21BEBC15155E; Thu, 7 Mar 2024 17:04:38 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Gyan Mishra via Datatracker <noreply@ietf.org>
To: gen-art@ietf.org
Cc: draft-ietf-sidrops-cms-signing-time.all@ietf.org, last-call@ietf.org, sidrops@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.7.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <170985987812.47428.13412522670940084191@ietfa.amsl.com>
Reply-To: Gyan Mishra <hayabusagsm@gmail.com>
Date: Thu, 07 Mar 2024 17:04:38 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/vaUaWq4w4qPCy6a4DX3cPXizCl8>
Subject: [Gen-art] Genart last call review of draft-ietf-sidrops-cms-signing-time-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2024 01:04:38 -0000

Reviewer: Gyan Mishra
Review result: Ready

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.

Document: draft-ietf-sidrops-cms-signing-time-??
Reviewer: Gyan Mishra
Review Date: 2024-03-07
IETF LC End Date: 2024-03-11
IESG Telechat date: Not scheduled for a telechat

Summary:

In the Resource Public Key Infrastructure (RPKI), Signed Objects are defined as
Cryptographic Message Syntax (CMS) protected content types by way of a standard
template (RFC 6488). That template includes an optional CMS signing-time
attribute, representing the purported time at which the object was signed by
its issuer. At the time when the standard template was defined, rsync was the
only distribution mechanism for RPKI repositories.¶

Since the publication of the standard template, a new, additional protocol for
distribution of RPKI repositories has been developed: the RPKI Repository Delta
Protocol (RRDP). While RPKI repository operators must provide rsync service,
RRDP is typically deployed alongside it as well, and preferred by default by
most Relying Party (RP) implementations. However, RP implementations also
support fallback to rsync in the event of problems with the RRDP service. As
deployment experience with RRDP has increased, the usefulness of optimizing
switchovers by RPs from one mechanism to the other has become apparent.¶

This document describes how Publishers and RPs can use the CMS signing-time
attribute to minimize the burden of switching over from RRDP to rsync.
Additionally, this document updates RFC 6488 by mandating the presence of the
CMS signing-time attribute and disallowing the use of the binary-signing-time
attribute.¶

The draft is well written and is ready for publication.

Major issues:
None

Minor issues:
None
Nits/editorial comments:
In section 2.2 talks about file comparison and says

Old

If a file is found in DIR that is identical to the sender's file, the file will
NOT be transferred to the destination directory.

New

If a file is found in DIR that has the identical size to the sender's file, the
file will NOT be transferred to the destination directory.

v2.23.0 | Report a Bug | By Email