Re: [Jmap] [Last-Call] Genart last call review of draft-ietf-jmap-smime-07

Lars Eggert <lars@eggert.org> Mon, 11 October 2021 11:28 UTC

Return-Path: <lars@eggert.org>
X-Original-To: jmap@ietfa.amsl.com
Delivered-To: jmap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B20EA3A0E32; Mon, 11 Oct 2021 04:28:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eggert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s6pBtyifVj9x; Mon, 11 Oct 2021 04:28:34 -0700 (PDT)
Received: from mail.eggert.org (mail.eggert.org [IPv6:2a00:ac00:4000:400:211:32ff:fe22:186f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 428D13A0E52; Mon, 11 Oct 2021 04:28:34 -0700 (PDT)
Received: from smtpclient.apple (unknown [IPv6:2a00:ac00:4000:400:a867:7af:b73f:3db4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.eggert.org (Postfix) with ESMTPSA id 884B9600A84; Mon, 11 Oct 2021 14:28:25 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=eggert.org; s=dkim; t=1633951705; bh=1qkR0T8jxySox6q+k5a5BTGmu2xalmBCwLUZBxojG7U=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=kXtm15Q7qXkEi7TgfsTCC/BojevAPV/SRZeucFiK7DJQHoPhoZ+CRDIpnbWGS1cvV bAN41KRUSXWlK7KQMNw1+Sn55KOovarLPqrPQPjNPNTUJw4RkE86dFF8oF+6kZdVAt sB1Ypt6G7k57ZcfD+msmB0LYpuw8A1Tdb7nkSTcI=
From: Lars Eggert <lars@eggert.org>
Message-Id: <74858DC6-7891-43C5-97FA-B6A978203E63@eggert.org>
Content-Type: multipart/signed; boundary="Apple-Mail=_85597FB2-47A7-4F83-A9C2-193D0E26E9CD"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Date: Mon, 11 Oct 2021 14:28:24 +0300
In-Reply-To: <163099800356.27114.17325354179624408978@ietfa.amsl.com>
Cc: gen-art@ietf.org, jmap@ietf.org, draft-ietf-jmap-smime.all@ietf.org, last-call@ietf.org
To: Peter Yee <peter@akayla.com>
References: <163099800356.27114.17325354179624408978@ietfa.amsl.com>
X-MailScanner-ID: 884B9600A84.A235A
X-MailScanner: Found to be clean
X-MailScanner-From: lars@eggert.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/jmap/0UsXSOSatCqycGOqv1kq-sRUCIY>
Subject: Re: [Jmap] [Last-Call] Genart last call review of draft-ietf-jmap-smime-07
X-BeenThere: jmap@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: JSON Message Access Protocol <jmap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jmap>, <mailto:jmap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jmap/>
List-Post: <mailto:jmap@ietf.org>
List-Help: <mailto:jmap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jmap>, <mailto:jmap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Oct 2021 11:28:40 -0000

Peter, thank you for your review. I have entered a No Objection ballot for this document.

Lars


> On 2021-9-7, at 10:00, Peter Yee via Datatracker <noreply@ietf.org> wrote:
> 
> Reviewer: Peter Yee
> Review result: Ready with Issues
> 
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair.  Please treat these comments just
> like any other last call comments.
> 
> For more information, please see the FAQ at
> 
> <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
> 
> Document: draft-ietf-jmap-smime-07
> Reviewer: Peter Yee
> Review Date: 2021-09-06
> IETF LC End Date: 2021-09-06
> IESG Telechat date: Not scheduled for a telechat
> 
> Summary: This document provides a JMAP extension that allows the JMAP server to
> provide its thoughts on the verification of a messages S/MIME signature.  While
> the details of the extension seem fine, I'm not convinced that the rationale
> for it and the consequences of trusting the server to perform the verification
> are well described. [Ready with issues]
> 
> Major issues: None
> 
> Minor issues:
> 
> Page 2, section 1: There really ought to be a description of why a client would
> want to do this and why it would trust the results. This is taking a decision
> on something that is normally an end-to-end property of a message and
> delegating its verification to a server. Is signature verification so onerous?
> 
> Page 4, smimeErrors, 3rd sentence: the error may also be in the certificate
> chain.
> 
> Page 5 and 6 examples: Put an introduction before each example so the reader
> knows that it is an example and what it intends to show.
> 
> Page 7, section 6: I think a stronger description of the implications of doing
> server-side verification is merited. The document is written as though it is a
> forgone conclusion that a client would want to do this without much explanation.
> 
> Nits/editorial comments:
> 
> General:
> 
> The use of asterisks and underscores for emphasis or for offsetting various
> items is not explained. The usage is also inconsistent. I note that RFC 8621
> does some of this as well, but I think it would be preferable to abstain from
> extravagant use of these characters unless their significance is explained.
> Sometimes items are marked with asterisks, other times with quotation marks. I
> find it all rather off-putting and could not find anything in the RFC Editor's
> Style Guide indicating a standardized meaning for the characters.
> 
> Do not put a colon after the title of each example (e.g., "Example 1:")
> 
> Specific:
> 
> Page 2, section 1, 2nd paragraph: insert "the" before "multipart/signed media"
> and "application/pkcs7-mime".
> 
> Page 2, section 3, 1st sentence: change "the JMAP spec" to "[RFC8621]". This
> obviates the need to use underscores around the following "this".
> 
> Page 3, section 4, 1st paragraph, 1st sentence: insert "the" before "Email/get".
> 
> Page 3, *smimeStatus*: insert "the" before the final '"smimeStatus"'.
> 
> Page 3, *smimeErrors*: insert "the" before the final '"smimeErrors"'.
> 
> Page 3, *smimeVerifiedAt*: insert "the" before the final '"smimeVerifiedAt"'.
> 
> Page 3, *smimeStatusAtDelivery*, 1st sentence: insert "the" before the final
> '"smimeStatusAtDelivery"'.
> 
> Page 3, *smimeStatusAtDelivery*, 2nd sentence: insert "is" before "effectively
> ". Insert "the" before '"smimeStatus"'. Change "deliver" to "delivery".
> 
> Page 3, smimeStatus, 2nd real sentence: change "This" to "Otherwise, this".
> 
> Page 3, smimeStatus, 4th real sentence: change "Client" to "Clients".
> 
> Page 3, smimeStatus, unknown, 1st sentence: delete the comma after "signed".
> 
> Page 3, smimeStatus, unknown, 2nd sentence: insert "an" before "unknown".
> 
> Page 3, smimeStatus, signed, 2nd sentence: insert "a" before "signature".
> 
> Page 3, smimeStatus, signed/verified: insert "the" before "sender matches".
> Append a comma after "field".
> 
> Page 4, 1st non-status paragraph, 1st sentence: delete the comma after
> '"smimeStatus"'. Insert "is" before "calculated".
> 
> Page 4, 1st non-status paragraph, 2nd sentence: insert "the" before "S/MIME".
> Change "it helps to" to "to help".
> 
> Page 4, smimeErrors, 1st sentence: insert "the" before "S/MIME".
> 
> Page 4, smimeErrors, 2nd sentence: append a comma after "I.e.".
> 
> Page 4, smimeErrors, 3rd sentence: insert "the" before "Content-Language ".
> 
> Page 4, smimeErrors, 6th sentence: insert "a" before "CRL".
> 
> Page 4, smimeVerifiedAt, 2nd sentence: insert "the" before "S/MIME".
> 
> Page 4, smimeVerifiedAt, 3rd sentence: insert "an" before "S/MIME".
> 
> Page 4, last paragraph, 1st sentence: change "it's" to "its".
> 
> Page 5, 1st paragraph: append a comma after "server".
> 
> Page 6, 1st paragraph after Example 2, 1st sentence: insert "the" before
> "Email/query".
> 
> Page 7, section 6, 1st paragraph, 1st sentence: change "Server side" to
> "Server-side". Insert "the" before "server".
> 
> Page 7, section 6, 2nd paragraph, 1st sentence: insert "a" before "Denial".
> 
> Page 7, section 6, 2nd paragraph, 2nd sentence: append a comma after "reason".
> 
> 
> --
> last-call mailing list
> last-call@ietf.org
> https://www.ietf.org/mailman/listinfo/last-call