[Gen-art] Genart last call review of draft-ietf-core-stateless-05

Dan Romascanu via Datatracker <noreply@ietf.org> Wed, 01 April 2020 08:49 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Dan Romascanu via Datatracker <noreply@ietf.org>
To: gen-art@ietf.org
Cc: draft-ietf-core-stateless.all@ietf.org, last-call@ietf.org, core@ietf.org, dromasca@gmail.com
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <158573098630.30833.17715509721846547699@ietfa.amsl.com>
Reply-To: Dan Romascanu <dromasca@gmail.com>
Date: Wed, 01 Apr 2020 01:49:46 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/zZ2uU2tTC2X3gC1KYZ5ZP5S_tFA>
Subject: [Gen-art] Genart last call review of draft-ietf-core-stateless-05

Reviewer: Dan Romascanu
Review result: Ready with Issues

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-core-stateless-05
Reviewer: Dan Romascanu
Review Date: 2020-04-01
IETF LC End Date: 2020-04-02
IESG Telechat date: Not scheduled for a telechat

Summary: READY with Issues.

This is a very clear and well-written document. I have a few minor issues that
I suggest to clarify before approval and publication.

Major issues:

Minor issues:

1. It would be useful to include some considerations whether the authors
consider useful / possible / allowed that the mechanism (extended token
lengths) presented in this document can be used for other purposed than the
by-design the use case (avoiding per-request state).

2. In Section 2.2:

>  The idea is that a server implementing
      this document should at least support large tokens in its first
      few processing steps, enough to return an error response rather
      than a Reset message.

Why is not this 'should' capitalized? What happens if the server does not
support large tokens in the first processing steps?

3. In Section 5.2:

> The use of encryption, integrity protection, and replay protection of
   serialized state is recommended in general, unless a careful analysis
   of any potential attacks to security and privacy is performed.  AES-
   CCM with a 64 bit tag is recommended, combined with a sequence number
   and a replay window.  Where encryption is not needed, HMAC-SHA-256,
   combined with a sequence number and a replay window, may be used.

A few issues with this paragraph. Why are not 'recommended' and 'may'
capitalized? The formulation 'is recommended in general' seems odd, and the
rest of the sentence does not clarify. What does 'a careful analysis of any
potential attacks' mean? Who is supposed to perform this analysis and who can
ensure it is 'careful enough' at any given point in time for any potential
attacks?

Nits/editorial comments:

1. I do not believe there is a need to mention in the Abstract that 'This
document updates RFCs 7252 and 8323.'. This is shown in the header of the text
on the front page, and also is part of the metadata.

2. Are the message formats defined in Appendix A for different transports
considered normative or examples? It would be useful to specify.

[Gen-art] Genart last call review of draft-ietf-c… Dan Romascanu via Datatracker
Re: [Gen-art] Genart last call review of draft-ie… Klaus Hartke
Re: [Gen-art] Genart last call review of draft-ie… Dan Romascanu
Re: [Gen-art] [core] Genart last call review of d… Klaus Hartke
Re: [Gen-art] [core] Genart last call review of d… Dan Romascanu
Re: [Gen-art] [core] Genart last call review of d… Alissa Cooper