Re: [Last-Call] [EXTERNAL] Artart last call review of draft-ietf-lamps-ocsp-nonce-update-04
Himanshu Sharma <himanshu@netskope.com> Tue, 02 April 2024 19:13 UTC
Return-Path: <himanshu@netskope.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3360BC14CEFA for <last-call@ietfa.amsl.com>; Tue, 2 Apr 2024 12:13:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.091
X-Spam-Level:
X-Spam-Status: No, score=-2.091 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netskope.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vQHgbM-5RXOy for <last-call@ietfa.amsl.com>; Tue, 2 Apr 2024 12:13:54 -0700 (PDT)
Received: from us-smtp-delivery-117.mimecast.com (us-smtp-delivery-117.mimecast.com [170.10.133.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B634CC14CF13 for <last-call@ietf.org>; Tue, 2 Apr 2024 12:13:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netskope.com; s=mimecast20210603; t=1712085233; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=lfY4vcm/lmTn+ivU2RY1iQwxPt6KwPJQ2ttBMNHk6QE=; b=cmLTK+n4WDAosXjY8ed6I0bIfqraE9iupAaCeusdp1YxKH16IXtJ6/XghB5alYMcibswnj Ocs98IEatZsZmiIX5OnYoYHPLJPsKxHUsaZR5kQu4CiyZ667Tj4LiPhlslWdZKbHrWCW7d Q7pW72/GK9UpNwoZCq4TTiv3vEwrELY=
Received: from mail-io1-f71.google.com (mail-io1-f71.google.com [209.85.166.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-266-xXlnMeSvNSK9AnfrcbfX6A-1; Tue, 02 Apr 2024 15:13:49 -0400
X-MC-Unique: xXlnMeSvNSK9AnfrcbfX6A-1
Received: by mail-io1-f71.google.com with SMTP id ca18e2360f4ac-7d0d7a903ceso147103739f.0 for <last-call@ietf.org>; Tue, 02 Apr 2024 12:13:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712085228; x=1712690028; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=hvE+Jxy4WmDGQbf7iG6ad1yGIqrYFV8GVPn6x2RLd8Q=; b=u/KeijnZCgmcrw/cPZ+2/fwGohwXYkP0+/Hh93iuLYf0dv8JZaM9OYbPXVGq1Kak/r C0gVSNoc3IclTpDGo19cZMxcSCNHFUEU/36YmmGVwVGfjTha1ZPpDzI/oAwfNlvpWsyt UggDxj3Lm60akFIHRZfcGC9ZUNPrzpEWann/XVlFgi1rG2tubS+4r//5uyrVRRXMZm9x 3lPcZci0UxfJpX2QGdJgE6Z5qtxEP8VnFG6FCsWqIexIZwfVI1klsSrzjA9S5J11CZKK ntFXwCzbvNzIGqCQaap9YPB+BSZVclNcmAF1i2aWgcAjnC/1gUOXVxcA8/TMRNRDE51f C3FQ==
X-Forwarded-Encrypted: i=1; AJvYcCVORpRW+4hdkpxxS0KWoGmTqmo2GkpjzKl98BKOUJZA0GlwnOl24Lgvk7gHnO4ErleQmi1YAVsvjQKTaM8+/srNKqk=
X-Gm-Message-State: AOJu0Ywark7UbuzIr05/jHvUlgqCi61lAIOKUafuODYi6XljoqJspeva Kd8cmTA+ErATbA97iND7wElTjQD97/1iJyvn6uh4BsOp/lBccTsBbzvSX13c7RpIbISrrE3PVYr Q4Ch43QxmOEcmVsQctQO0o72vzccmwx3aYgPqYQF5gm1jdz8AbY8NN8j5coI1fzMXcf6/8qilbB NUynWc50zVSD6dQCt1ENJnMDXG
X-Received: by 2002:a6b:590f:0:b0:7cc:6e4:1a59 with SMTP id n15-20020a6b590f000000b007cc06e41a59mr13959000iob.20.1712085228561; Tue, 02 Apr 2024 12:13:48 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGy4l76dUhHK2FxAXJaU3Qbv1UsRePPo2Q8UgYyAJ/giD3Q1oiEE8f+nGXRNif0OP3Z3GZPQgZqbJkb
X-Received: by 2002:a6b:590f:0:b0:7cc:6e4:1a59 with SMTP id n15-20020a6b590f000000b007cc06e41a59mr13958989iob.20.1712085228313; Tue, 02 Apr 2024 12:13:48 -0700 (PDT)
Received: from netskope.com ([163.116.128.167]) by smtp-relay.gmail.com with ESMTPS id f26-20020a02b79a000000b0047ec0e40a8bsm496387jam.6.2024.04.02.12.13.48 for <last-call@ietf.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Apr 2024 12:13:48 -0700 (PDT)
X-Relaying-Domain: netskope.com
Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-5c670f70a37so4319149a12.2 for <last-call@ietf.org>; Tue, 02 Apr 2024 12:13:47 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCXOHl34tsTkmHrXPDdfJVly/b9QmGmw0pYbN6PNMR5udPHXW3+ZiKsAF6QgP/jvBT+K1/COU7z/otX9Fa25pbzw1oQ=
X-Received: by 2002:a17:902:e543:b0:1e0:e8b7:1fa2 with SMTP id n3-20020a170902e54300b001e0e8b71fa2mr17824875plf.21.1712085227213; Tue, 02 Apr 2024 12:13:47 -0700 (PDT)
X-Received: by 2002:a17:902:e543:b0:1e0:e8b7:1fa2 with SMTP id n3-20020a170902e54300b001e0e8b71fa2mr17824863plf.21.1712085226951; Tue, 02 Apr 2024 12:13:46 -0700 (PDT)
MIME-Version: 1.0
References: <171199463982.27279.13238273687080929241@ietfa.amsl.com> <CAL9pJ7mQg_eWye9OVV2w192Jcuchzcs_es6moFmSo=05DOLKsQ@mail.gmail.com>
In-Reply-To: <CAL9pJ7mQg_eWye9OVV2w192Jcuchzcs_es6moFmSo=05DOLKsQ@mail.gmail.com>
From: Himanshu Sharma <himanshu@netskope.com>
Date: Tue, 02 Apr 2024 12:13:34 -0700
Message-ID: <CAL9pJ7n4gkYQSTRzC-ZH-dpEtDUzTvN9f8tTyPW73AZeh+QfhQ@mail.gmail.com>
To: Jim Fenton <fenton@bluepopcorn.net>
Cc: art@ietf.org, draft-ietf-lamps-ocsp-nonce-update.all@ietf.org, last-call@ietf.org, spasm@ietf.org, Joseph Salowey <joe@salowey.net>
x-netskope-inspected: true
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: netskope.com
Content-Type: multipart/alternative; boundary="000000000000c72c99061521e712"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/iCpZ6mNBdog9ZQ-iiZvT3ZpOeMk>
Subject: Re: [Last-Call] [EXTERNAL] Artart last call review of draft-ietf-lamps-ocsp-nonce-update-04
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2024 19:13:59 -0000
Hi Jim
Thanks for all the suggestions and pointing you the IDNITS errors.
I have changed the content according to your suggestions, corrected the
reference, and moved RFC 5912 to the informative reference section from
normative reference section.
Russ has verified the ASN.1 module and it compiles fine.
Now this draft has 0 errors reported from IDNITS.
Meanwhile I have reached out to Joseph Salowey and am working with him to
address the feedback he has provided.
Himanshu
On Mon, Apr 1, 2024 at 3:12 PM Himanshu Sharma <himanshu@netskope.com>
wrote:
> Thanks Jim for your time to review the Draft.
> I will work on the suggestions and update the draft accordingly.
>
>
>
> On Mon, Apr 1, 2024 at 11:04 AM Jim Fenton via Datatracker <
> noreply@ietf.org> wrote:
>
>> Reviewer: Jim Fenton
>> Review result: Almost Ready
>>
>> I am the designated ART ART reviewer for
>> draft-ietf-lamps-ocsp-nonce-update-04.
>>
>> Status: Almost ready
>>
>> Comments:
>>
>> Section 1, suggest replacing "[RFC8954] enforce the maximum" to "[RFC8954]
>> limits the maximum"
>>
>> Section 2, suggest replacing "enforce" with "limit".
>>
>> Section 2.1 paragraph 1 can be deleted since this is replacing RFC8954 in
>> its
>> entirety.
>>
>> Section 2.1 paragraph 3: "An OCSP client that implements this document
>> SHOULD
>> use a minimum length of 32 octets..." while RFC 8954 says, "Newer OCSP
>> clients
>> that support this document MUST use a length of 32 octets..." It seems
>> like
>> this requirement has been weakened; is there a reason for that? Also in
>> that
>> paragraph, rather than "in excess of what is permitted by RFC 8954"
>> suggest
>> saying "in excess of the limit of 32 octets that was specified in RFC
>> 8954."
>>
>> Section 2.1 paragraph 4: replace "...MUST accept Nonce octets length of at
>> least 16 octets..." with "...MUST accept Nonce lengths of at least 16
>> octets..."
>>
>> Section 2.1 paragraph 5: replace "Nonce octet length" with "Nonce length"
>>
>> In the example, the object identifier, in addition to Offset and Length,
>> is in
>> decimal.
>>
>> I don't have the expertise in ASN.1 to fully review Appendix A; hopefully
>> another reviewer can check that.
>>
>> IDNITS points out that you have a normative reference to RFC 5912, which
>> is
>> informational. I'm not sure the reference is really normative, though.
>>
>>
>>
- [Last-Call] Artart last call review of draft-ietf… Jim Fenton via Datatracker
- Re: [Last-Call] [EXTERNAL] Artart last call revie… Himanshu Sharma
- Re: [Last-Call] [EXTERNAL] Artart last call revie… Himanshu Sharma
- Re: [Last-Call] [EXTERNAL] Artart last call revie… Himanshu Sharma
- Re: [Last-Call] [EXTERNAL] Artart last call revie… Jim Fenton