[OPS-DIR]draft-ietf-rats-corim-09 early Opsdir review

Giuseppe Fioccola via Datatracker <noreply@ietf.org> Fri, 09 January 2026 15:42 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Giuseppe Fioccola via Datatracker <noreply@ietf.org>
To: ops-dir@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <176797333438.122976.2350110569273705736@dt-datatracker-5656579b89-r5kdq>
Date: Fri, 09 Jan 2026 07:42:14 -0800
Message-ID-Hash: ZW73XXFY2XJF4DAGQ6FQSNMRY4Y7DNKQ
CC: draft-ietf-rats-corim.all@ietf.org, rats@ietf.org
Reply-To: Giuseppe Fioccola <giuseppe.fioccola@huawei.com>
Subject: [OPS-DIR]draft-ietf-rats-corim-09 early Opsdir review
Archived-At: <https://mailarchive.ietf.org/arch/msg/ops-dir/Z57tvBfFPJ9mlRg27TPKqMFVZWc>

Document: draft-ietf-rats-corim
Title: Concise Reference Integrity Manifest
Reviewer: Giuseppe Fioccola
Review result: Has Issues

Hi,

I have been selected as the Operational Directorate (opsdir) reviewer for this
Internet-Draft.

The Operational Directorate reviews all operational and management-related
Internet-Drafts to ensure alignment with operational best practices and that
adequate operational considerations are covered.

A complete set of _"Guidelines for Considering Operations and Management in
IETF Specifications"_ can be found at
https://datatracker.ietf.org/doc/draft-opsarea-rfc5706bis/.

While these comments are primarily for the Operations and Management Area
Directors (Ops ADs), the authors should consider them alongside other feedback
received.

- Document: draft-ietf-rats-corim-09

- Reviewer: Giuseppe Fioccola

- Review Date: 2026-01-09

- Intended Status: Standards Track

---

## Summary

- Has Issues: I have some minor concerns about this document that I think
should be resolved before publication.

## General Operational Comments Alignment with RFC 5706bis

> This document specifies CoRIM (Concise Reference Integrity Manifest). It is a
data model which is used to realize a CBOR encoding suitable for cryptographic
operations and transmission over computer networks. Section 10 reports the
implementation status.

> The Operational Considerations section is missing and should be included,
according to draft-ietf-opsawg-rfc5706bis. In particular, it would be good to
add a description of how CoRIM is going to be deployed and managed, including
potential backward compatibility issues.

## Major Issues

> From an OPSDIR point of view, the addition of an Operational Considerations
section is recommended.

---

## Minor Issues

> Since Section 8 describes the appraisal of CoRIM-based inputs, it clarifies
the CoRIM usage and it is quite relevant. I think Section 8 (or part of it) can
be moved earlier in the document (e.g before Section 4) in order to allow the
reader to better understand the mechanism from the beginning.

---

## Nits

> In Section 2, it is mentioned that the document defines the ACS but I would
add a pointer to Section 9 where ACS and ARS are further detailed.

> I would also change the description of Table 1 in Section 2.2 in order to
explain how is it related with the ACS and ARS.

> In Section 3, Table 2 introduces the naming conventions but I suggest to
provide context for the reader. Maybe a reference to RFC 8610 is needed to
understand the types.

> Considering that the document also specifies CoMID tags in Section 5 and CoTL
tags in Section 6, I suggest to better highlight this point in the
Introduction. Maybe, since the document is quite long, a description of the
structure of document would be needed in the Introduction.

> Out of curiosity, did you consider to move the entire Section 9 to a separate
draft?

---

[OPS-DIR]draft-ietf-rats-corim-09 early Opsdir re… Giuseppe Fioccola via Datatracker