Genart last call review of draft-ietf-stir-oob-05
Suhas Nandakumar via Datatracker <noreply@ietf.org> Tue, 17 September 2019 05:08 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ietf@ietf.org
Delivered-To: ietf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B953F120105; Mon, 16 Sep 2019 22:08:27 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Suhas Nandakumar via Datatracker <noreply@ietf.org>
To: gen-art@ietf.org
Cc: draft-ietf-stir-oob.all@ietf.org, ietf@ietf.org, stir@ietf.org
Subject: Genart last call review of draft-ietf-stir-oob-05
X-Test-IDTracker: no
X-IETF-IDTracker: 6.101.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Suhas Nandakumar <suhasietf@gmail.com>
Message-ID: <156869690761.28164.11843685363887760517@ietfa.amsl.com>
Date: Mon, 16 Sep 2019 22:08:27 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/6W9Tjz4Erflzx2QHYb7PW77QxTo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2019 05:08:28 -0000
Reviewer: Suhas Nandakumar Review result: Almost Ready I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-stir-oob-?? Reviewer: Suhas Nandakumar Review Date: 2019-09-16 IETF LC End Date: 2019-09-17 IESG Telechat date: Not scheduled for a telechat Summary: Thanks for a lucid document. This document is Almost Ready with few minor issues / clarifications. Major issues: None Minor issues: 1. Section 7.2 para 2 states : "The CPS responds with any such PASSporTs (assuming they exist)." Given CPS will always respond with a dummy PASSporT, the statement in the parentheses doesn't hold. 2. Section 7.4 Call flow: "Call from CS (forged caller-id info)" . Since its the attacker making the call here, we probably need to change it as "Call from Attacker (forged caller-id info)". 3. Section 7.5 has the following: Sign(K_cps, K_temp) Sign(K_temp, E(K_receiver, PASSporT)) ---> This is a clarification question for my understanding. What happens when one of the 2 messages sent gets lost when storing the PASSporT. Should we need to add any clarifications to that extent ? 4. Section 77.5 last para: clarification question Since PASSporT is encrypted at CPS , how is it aged out based on the "iat" value. Is it a function to VS to age out PASSporTs at a given CPS ? 5. Section 8.2 last part has the sentence "This document does not prescribe any particular treatment of calls that have valid PASSporTs associated with them." I wasn't sure of the intent of this sentence. Nits/editorial comments: 1. Introduction para 1: Reference to PASSporT missing 2. Introduction para 2: Xalls -> Calls 3. Section 5.2 para 1: would be nice to add reference to Section 10 4. Section 7.2 Call Flow: "Store PASSporT" --> "Store Encrypted PASSporT" 5. Section 7.2 Call Flow: "Ring phone with callerid" --> "Ring phone with verified callerid" 6. Section 8.2 Step 3: "number number" --> "number" 7. Section 8.3 para 2: "Per Step 3" --> "Per Step 3 of Section 8.1" 8. Section 10 last para: The acronyms AS and VS are used first time 9. Section 11: missing references to subcert, VIPR
- Genart last call review of draft-ietf-stir-oob-05 Suhas Nandakumar via Datatracker