Re: [Last-Call] [EXTERNAL] Opsdir last call review of draft-ietf-lamps-ocsp-nonce-update-05
Himanshu Sharma <himanshu@netskope.com> Wed, 10 April 2024 18:26 UTC
Return-Path: <himanshu@netskope.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2783CC14F6B4 for <last-call@ietfa.amsl.com>; Wed, 10 Apr 2024 11:26:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.092
X-Spam-Level:
X-Spam-Status: No, score=-7.092 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netskope.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hqincRBn-LZe for <last-call@ietfa.amsl.com>; Wed, 10 Apr 2024 11:26:30 -0700 (PDT)
Received: from us-smtp-delivery-117.mimecast.com (us-smtp-delivery-117.mimecast.com [170.10.129.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E1BAC14F616 for <last-call@ietf.org>; Wed, 10 Apr 2024 11:26:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netskope.com; s=mimecast20210603; t=1712773588; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=sGe81NbahKfb4AVuqwxuvHNJ4J+9oABz4JYuQGdN/cA=; b=g0VaKsP8obKun1qtaQ+A9VTxoa0PRSrMFT6ynuuXhef4Y6TAeRq/s9ERdzKZTWUsIPFyra W4ITbqxiQVV/njMYBO5j1X83E4Ak22bF3jPv9zCKGwi2W2ZXomV4WxhMVrNAxlpYDTUGer wBtTJ8lCFjisPRXa3Wk/Hw1KniikdM0=
Received: from mail-yb1-f198.google.com (mail-yb1-f198.google.com [209.85.219.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-207-s4rMd3nfPTW2p7DXigoqlg-1; Wed, 10 Apr 2024 14:26:26 -0400
X-MC-Unique: s4rMd3nfPTW2p7DXigoqlg-1
Received: by mail-yb1-f198.google.com with SMTP id 3f1490d57ef6-dce775fa8adso12006739276.1 for <last-call@ietf.org>; Wed, 10 Apr 2024 11:26:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712773586; x=1713378386; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=JoiYONbid9DNIxeNclllQ0qYwJ5naGTcvRKOG8XnLhk=; b=NpvbqRtBGcoSOxg6wq2dVrmFjg9khSIXSx8erlXIZnkkVFy341majv6G4S3zTSnUXN A0NiI/Iy9j2Jy7rGFjTtE8u5m+01J9vnzK4CrxHizdMqyqm5hMh1VWQwkv384LKAIweK 3gZnQlpPdaEs+AtNqtSIMHP2+za/LvEIJitDigxRgWMqcRYaIViwafEGNPV/dfiUzkCL d/HjzYnZMDByVkk5yNsDfTZ0hCWrbeoOD3pN7UcbaCEd0zWQhr9KksRRv4RA6NQ06R7u 0MNPYHgh31yjL24FPo7EYP243BcwuUugzIFcuurtYjx2WaflL8joOqSZQSYhpDSR/laa 7M8Q==
X-Forwarded-Encrypted: i=1; AJvYcCXMstSrMdkjnqZMRg/g5HP4l1MzRnQTd3RSrjvuRb1G6fNsHq1t2IN8ddasGcvjoh2mjWxYfKUf5fmKcwCQKaN3JzA=
X-Gm-Message-State: AOJu0Yx+V6bg+5hMYtWxJ6RXM7hy9kDS8sY88RW9gDx1ETkvTi7DMxq3 JdjVYzPkoaHEhPdTtT4hZhfkbKWJhGZKfFQkXt0VRIma9zs5esFh9fPIq/zhJBIcFDeiGd72r/z nq6Z+Oixpjxnoh0oCM7CwjIr5tijOyLfN4eEtbToZ3of8CXoNxw8CX74E8yWUcjXlrNsNzlhQcy 6wZTeTWp5Z2XVbbSgdx1KO1x2J
X-Received: by 2002:a05:6902:2509:b0:dcb:aa26:50f9 with SMTP id dt9-20020a056902250900b00dcbaa2650f9mr4299752ybb.46.1712773586095; Wed, 10 Apr 2024 11:26:26 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEFhNg7kd2EQ/JvDCT4Zsm2ztSG2yVLRBTrr+ghLz4dZzcnMEELiqQVy3wHZ7eYbtiHqoHn/8jeV51h
X-Received: by 2002:a05:6902:2509:b0:dcb:aa26:50f9 with SMTP id dt9-20020a056902250900b00dcbaa2650f9mr4299724ybb.46.1712773585618; Wed, 10 Apr 2024 11:26:25 -0700 (PDT)
Received: from netskope.com ([163.116.128.212]) by smtp-relay.gmail.com with ESMTPS id dj9-20020a05690220c900b00dcbe413bc0esm573491ybb.4.2024.04.10.11.26.24 for <last-call@ietf.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Apr 2024 11:26:25 -0700 (PDT)
X-Relaying-Domain: netskope.com
Received: by mail-pl1-f199.google.com with SMTP id d9443c01a7336-1e428793b06so26655715ad.3 for <last-call@ietf.org>; Wed, 10 Apr 2024 11:26:20 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCUse+S62oaHDemHkmmS27cnEbjdOonbv11DcsusfjT4EOjSOUD6HBucDNrGO5IhOBCWEtBSghM39OhGYsdznz1oQV4=
X-Received: by 2002:a17:903:1247:b0:1dc:8eba:42c3 with SMTP id u7-20020a170903124700b001dc8eba42c3mr4902209plh.23.1712773580401; Wed, 10 Apr 2024 11:26:20 -0700 (PDT)
X-Received: by 2002:a17:903:1247:b0:1dc:8eba:42c3 with SMTP id u7-20020a170903124700b001dc8eba42c3mr4902187plh.23.1712773580096; Wed, 10 Apr 2024 11:26:20 -0700 (PDT)
MIME-Version: 1.0
References: <171269011520.2420.5933358132842531673@ietfa.amsl.com>
In-Reply-To: <171269011520.2420.5933358132842531673@ietfa.amsl.com>
From: Himanshu Sharma <himanshu@netskope.com>
Date: Wed, 10 Apr 2024 11:26:08 -0700
Message-ID: <CAL9pJ7mzW6QW_MXybbUHEg55387uL6Hq6w2+b87JsH5kGYE6iA@mail.gmail.com>
To: Susan Hares <shares@ndzh.com>
Cc: ops-dir@ietf.org, draft-ietf-lamps-ocsp-nonce-update.all@ietf.org, last-call@ietf.org, spasm@ietf.org
x-netskope-inspected: true
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: netskope.com
Content-Type: multipart/alternative; boundary="000000000000d2d24a0615c22c05"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/kXvLVjGTHjnvoLuhcuBYuyM1iUg>
Subject: Re: [Last-Call] [EXTERNAL] Opsdir last call review of draft-ietf-lamps-ocsp-nonce-update-05
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 18:26:34 -0000
Thanks Susan for your time to review the I-D and providing the feedback. I will work on the suggestion and update the I-D soon. -Himanshu On Tue, Apr 9, 2024 at 12:15 PM Susan Hares via Datatracker < noreply@ietf.org> wrote: > Reviewer: Susan Hares > Review result: Has Nits > > > Status: Ready with NITs > General Statement: Excellent writing and clearly understood by a novice. > I enjoyed reading the clear ASN.1 syntax in the appendices. > > operational summary: The key point is that Clients switching from > [RFC8954] to [draft-ietf-lamps-ocsp-nonce-update-06] will want to > use a nonce of length 32, and accept an OCSP of 16 octets. > > 4 NITS: Main Text (1) Appendix A.1 (1), and Appendix A.2 (2). > Note that NITS are editorial suggestions. > > 1 NITS in Main Text: > > The example in section 2 starts with > 30 2f 06 09 2b 06 01 05 05 07 30 01 02 [hex] > Sequence (30) length (2f) { > OBJECT Identifier (06) length (09) > oscpNonce (1 3 6 1 5 5 7 48 1 2 ) > > It might be good to explain that (1 3) is the 2b. > ------ > > #2 NITS in ASN.1 in Section > > It would help the ASN.1 reader to explain in a comment > associated with the first usage of "generalizedTime" the format of the > generalized time. It is a well-defined ASN.1 concept, but > the reader is assumed to be an IETF reader with less experience > in ASN.1. > > ------ > > #NIT 3, use of ATTRIBUTE as an import. > > In my review of the ASN.1 in Appendix A.2, > I cannot find a usage of ATTRIBUTE. > If it is not used, why is it included? > > ----- > #NIT 4, use of @amp; > > ResponseBytes ::= SEQUENCE { > responseType RESPONSE. > &id ({ResponseSet}), > response OCTET STRING (CONTAINING RESPONSE. > &Type({ResponseSet}{@responseType}))} > > AcceptableResponses ::= SEQUENCE OF RESPONSE.&id({ResponseSet}) > > I am not familiar with "&id" or "&Type" or @response. > Please add a comment with the ISO reference for this syntax. > If you wish to be helpful to the reader, it would be > to explain what this syntax means. > > > > > > > > >
- [Last-Call] Opsdir last call review of draft-ietf… Susan Hares via Datatracker
- Re: [Last-Call] [EXTERNAL] Opsdir last call revie… Himanshu Sharma
- Re: [Last-Call] [EXTERNAL] Opsdir last call revie… Susan Hares
- Re: [Last-Call] [EXTERNAL] Opsdir last call revie… Himanshu Sharma