IETF Logo Mail Archive

Re: [sacm] [Last-Call] Artart last call review of draft-ietf-sacm-coswid-18

Francesca Palombini <francesca.palombini@ericsson.com> Tue, 15 February 2022 22:05 UTC

Return-Path: <francesca.palombini@ericsson.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7F53A0C53; Tue, 15 Feb 2022 14:05:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.675
X-Spam-Level:
X-Spam-Status: No, score=-7.675 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WVqR9pr9EEF8; Tue, 15 Feb 2022 14:05:08 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04on0620.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0c::620]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A5A23A0C45; Tue, 15 Feb 2022 14:05:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N6raF6uVFqHo81i3dFnerJJqRZacs0yl9V2cKPLKzA8YcyKSHbOSUmXNvbG+zA9gd5JCcB/ShMeXXHxEE9TVLpNLbmZb8CpZpG3dqkXleyKZmaAR0C/Sr0Zesjb6uSQA/F3y72mVwv+rLWZ9N9lu3Yi/arlz1Xf5an4LO2E5oCCMk14bMlpRv5tCv+bO4P3kRUqpaS7BnnRdx1QvJlG6xcH5OkqcrbRyNnzAHt1dt7uoIdFhh1Hz2N6OCNsRGBFBOr6x2OAz5mwzn0CgIOIu4r66R74zb9Xtnlb3JaZK0Hc5F8qDcoL6u3wuQB5Uldsi1plIbF1kjiCINWgY0jIl0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=a9conGBkbj8z6f+vUxPh+XljxpDrKLnqX0UzkFUTiSU=; b=e4yupC5EjZGAyE06I1xb4ZZSrGlpBWE2Ccu44lXoxfY/dcoxRuoABtcSiRaGnvyomXkpXxewKIvSOhTfIMk4YUo6VZah95Np0UnqNF3WWzXLsaN3kob9kohzcZcHUqalYQo/JKqAgEElMx2whciSOfe79/0xTGL5pcfs34QEALMt6q7HKh5F0A+hAdUBZEu9Pfj+S029VNTg3xJZchBcDDPG2p6rLIA/7QSavdmnLR9uVl3fSTdsM6uzM864AB9uMAhBJksOEMHVd2FZB1cDCJ4ax9PTdim559Oow9Pw6/H53ua29QVNyolXCiW+JHJti4phWX/08qDr1dF4BwU/sw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a9conGBkbj8z6f+vUxPh+XljxpDrKLnqX0UzkFUTiSU=; b=OFJ7B36HKNTwpBfpyXZo26cAy1cpXVCUDtb1u0YGCOM5oSv4gqqKACuCdS9lcP/I8p+XzsQ7zRuslmwFXCVvm5LVt3eos8NNdqBCKKRjy+KiIz0Js+3CNQG+SjHi7/2xBaF9B0Qq/5s1Eddzmy2aGW9BE6LKXRZTNHLQO/mTIxY=
Received: from VI1PR07MB4223.eurprd07.prod.outlook.com (2603:10a6:802:66::22) by AM6PR0702MB3831.eurprd07.prod.outlook.com (2603:10a6:209:e::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4995.14; Tue, 15 Feb 2022 22:04:59 +0000
Received: from VI1PR07MB4223.eurprd07.prod.outlook.com ([fe80::58e2:f0e3:627a:9770]) by VI1PR07MB4223.eurprd07.prod.outlook.com ([fe80::58e2:f0e3:627a:9770%4]) with mapi id 15.20.4995.013; Tue, 15 Feb 2022 22:04:58 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: Rich Salz <rsalz@akamai.com>, "art@ietf.org" <art@ietf.org>
CC: "sacm@ietf.org" <sacm@ietf.org>, "draft-ietf-sacm-coswid.all@ietf.org" <draft-ietf-sacm-coswid.all@ietf.org>
Thread-Topic: [Last-Call] Artart last call review of draft-ietf-sacm-coswid-18
Thread-Index: AQHXh9h3/J1821xnHEifHbj5oNMBIayWX8C1
Date: Tue, 15 Feb 2022 22:04:58 +0000
Message-ID: <VI1PR07MB422311B3C7F986AC3C8B4FC998349@VI1PR07MB4223.eurprd07.prod.outlook.com>
References: <162793413326.28486.5313832718804831776@ietfa.amsl.com>
In-Reply-To: <162793413326.28486.5313832718804831776@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 884731c3-9a3b-4054-6fe8-08d9f0cf3520
x-ms-traffictypediagnostic: AM6PR0702MB3831:EE_
x-microsoft-antispam-prvs: <AM6PR0702MB383129CEC5AAB5ABBEF5E84498349@AM6PR0702MB3831.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: xtN/9m5yabVRQXD4VCWOPDDnbPsQVGcYd3wJ6l3EHF+lcqpAIzkU3SnWjMfqAKTYNUNKunvjZHzOSKp/c5XFFtkRPQ8wAUZ24hmLeHLQzLqvDgBAZ8+CEM/fqohLAElYqoR37ucfJKiE8CWoedM/8WC0RtKwmOhOMGKr9Qn9qYNH6Uw0OGJDJSWEZ4n37AzjgyUL4cK6ICYMjcPrAu1qpz5atC9RDhYJYRrmYy7m4sXONrNlc6/Yo2ZqA8yWobhBTAzdua6zvl/8MzIIxktPqCggfFbraKooBlKAI/CF2oOUjtZ0hvMlg3/Rbr7dKezfTwRxo7DY0yC0mDn2Nwl8EabPwozNA4pXdyEMaB867BTGDPCqhehqtmk+vDCSTDgNP9PepdBmnFpwgB9+laIHsmtC9v/cFOvHzWsbbmqLrU6q5B8y28M20mLZaVa7YHrm1fOLV3xN69DNn0SEyHa5dgnevPBa4XFBldDeafi4D6vmRyCAKFkvS31kSZGH9gtw5hEz1x+G3rr02M8jhG4Ua9Umr1hoX6s0r3rMkHRRm5hMYHWQtvVj5PigcPXMkawCITMVoc2/EAchcQHCqamURSMjdDKdrRPKVt73g7DY+K1txrkLl8q0hF4M0O8kAhJSbOTkDAZVdVokoursjVKwq2aNvzsR+nBdzlomxym+GhGGpF4wyDltk2mRqswzuNQTGhkoYAo0Z+/tqjhJ9vdWoYVr1R6iLE9SgbQraXRyaR9Nnxn2uuFK6w70JOFcSoyNZ+BaYYFj6o/xRZMTHuJZRXD/S+bZWaH8d6pnGakzTbtqSYcPSt/SWTuqtuStvnveYSbabvT6/xttSdnmnkGPKA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB4223.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(316002)(2906002)(82960400001)(66556008)(83380400001)(5660300002)(33656002)(38100700002)(110136005)(508600001)(54906003)(966005)(66446008)(91956017)(66946007)(64756008)(76116006)(9686003)(71200400001)(55016003)(7696005)(38070700005)(66476007)(4326008)(44832011)(52536014)(8676002)(122000001)(86362001)(166002)(6506007)(8936002)(186003)(53546011); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 2
x-ms-exchange-antispam-messagedata-0: vlJjCI0vLXbz89DCAFXzM5QguW4QB7CBtDUJQ6D4xWmgFLQWSbD6H9tKgjAxoSGYWJc5FYSBE+vyfE6EQx4LHxrgqHawaO+kt2XCiEVTSsWXDF9jIaWoa0wdV3vbAORtdOPFgDWHe3JksKBTuws8j7UGk+wuMrC9SOmo0Afgz5O+dCtUGnbm1kZCxFywqY5N4PiAXuTDleiKI1HN0drmeZGinrXuGzuDe3Rkwp0SrMSsJUiWNx2GPbdKITdBRBaax0agSEFFYuSjXNMyn61CA1t48foHIUQt2UanYDm5Xhlm7teXi039GvmivAxmobXw/Px19LyqiMTaaagU4Hb/rAeX6Y3AR5HC4XX1EI86GK5hjFOKVlRhP5V7egyHk8JUSmRvduW8azo6D9tduBrzs4e1S1ItUlUW5TgncIeKYXLslVFrfzgsY0SBs2/8Z3wYWNazKSq2/9ljyFYUnDz/evsZKFWkGPcEKkaEhryuF9QPI3BlMkWwmcG+DE+r840l7wSiGj0PwXtjcqvxGYD8WtygkUVPnbLqGEY/Bk+O4Sgqu5g131UnmNM+2PIdaK1UOG0/penxoKaTzUV0A+SHw1xlikguB5CSjZgOg9tSZPprTzS/Z2RdEAodptlVCBpiM3/fiXbchYTIGftXrSTpXUH4RU6jyCcRVFGuqqOOqwkYpDI00YkMT8S/yLEKrth4fuw1/Ttpy83utxL8UoaNPgyhTW4XAiIlvxh4LLmo3NWcvjI2vefvzI8SDHU4tG7Vvyz+mJD1lr4geVaPdtqlR9LgKRiuUTbwdPDNa6DYjskP8D6lOMHcJF5cf/2fQn10QoL42zj9O7UTf93nzo3DgAITfE72DaFRyGbtqRGNGTV4vtUjyH+tCBm6dZeE7XS6EuI6TlAxyjjHxrWoCMDG3H6VsV60XARSf/MvFnO0EgP1lEJECZqUwlBkmVtKpJMjo73rDpoX/j/buCYkewuRp/SHmb9qzteUT8af7QswNzntngdxaKKuPzjJFilnXddm6sEcxnI1UPFtKONTFvQjTw0Gg/98e9ILvWz29BHYiCx5aWnXM++Gpa1W+Vnxdy2Z3KuqjtB8L249Bra2PGoOietK3yHU2sEeHBFhQ1RyYkjOA0hwpw4ESAfDftuyV0Dt/GBoZTHBVa1RkS62oresFo+iZtfVqbXhuON0+E3nP82k7oyc2BtEIfD5/UFE8kxcB3mmKdC82xzDPJm3oUrNMEeF6hjPfQ8PfmvQfkuEiK87FLTkP4OxXWYoYbtRobNY1tRAzGWLTpN/VljFMZA2o/EI7kF/s+PTRMALPWbXz5XLw4PV/0ZrFTA1/PK9wUui2mKlSN+OEah1IlAXIRBHHvErU7kinnVDm1bPEYnNS2r0Bxn4J1fJodCT/lf2x8ySLdYrKmnDWUE/PlhH+TBEuNo1eow/9xELXYTmzxD7BT6axZsp0Mn65tkV6cQZGsfMe2L4d5PQ9jm+ii5h8nPA4Mscs2ME49sxKmDGDTM3a1hjfElUToBeo5WUkuLHpAVCYYpccSWq4gC1rzGbJd1WVpqFI4ivVJ76ekl6PysxF23m4n1/PeTk57CMmtQCWjitNn+P3k94QVoskaJKuCXATU7ZksenIogrwuAp2JyutqQFdjBoVah/pIie/ubLxp1lA+cOZjoMaKfUorHEeWQ2O0oPnlc5Lxdx8p81P/o4Df8n0O0dbqi13El7gmTU3cdbqmdgTSplFwlVHeMduiTTGAxzkbCu+4feSVE+MukhBk+Ofu9xHkEBsmchryw6fe+IglWfm8z0
x-ms-exchange-antispam-messagedata-1: VeN6MkUjwlN8qcDnLPQJ9rCn+Sgf4ZTZl2Q=
Content-Type: multipart/alternative; boundary="_000_VI1PR07MB422311B3C7F986AC3C8B4FC998349VI1PR07MB4223eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB4223.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 884731c3-9a3b-4054-6fe8-08d9f0cf3520
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Feb 2022 22:04:58.8756 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DGN9+RR4NmNUXseET+cgvhJUIebAw+3R+OdQsVzxqZBtuZimrzU+Qdy9ZA3jWziNKSewe1oujmH9cI8Ak9MoF/JGQJp+9gzQw7nHQxvRhaquxDA2WkenStTDr7onH+XZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR0702MB3831
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/BavpTWoO3oHL5YoHiqC8-Kdnm3I>
Subject: Re: [sacm] [Last-Call] Artart last call review of draft-ietf-sacm-coswid-18
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2022 22:05:16 -0000

Rich: thank you very much for this review! Following the author’s response (on a different thread: https://mailarchive.ietf.org/arch/msg/sacm/aoMc3Y5ZaY5HiMcnQkxORfoNBgU/ ), I have balloted No Objection.

Francesca

From: last-call <last-call-bounces@ietf.org> on behalf of Rich Salz via Datatracker <noreply@ietf.org>
Date: Monday, 2 August 2021 at 21:56
To: art@ietf.org <art@ietf.org>
Cc: last-call@ietf.org <last-call@ietf.org>, sacm@ietf.org <sacm@ietf.org>, draft-ietf-sacm-coswid.all@ietf.org <draft-ietf-sacm-coswid.all@ietf.org>
Subject: [Last-Call] Artart last call review of draft-ietf-sacm-coswid-18
Reviewer: Rich Salz
Review result: Ready with Nits

I am the ART directorate reviewer for this document. The comments are mainly
for the ADs, but others should treat them like any other last-call comments.

I did not shell at the 187 CHF for the SWID specification.  Kudo's to the
authors for doing something that seems (claims?) to be compatible, in an
infoset way, and is also much more compact.  A couple of minor things.

In 2.3, why are there three separate bools for corpus/patch/supplemental as
opposed to a single enumeration? Can the tag-id be a digest of the source file?
What are the implications of it not being unique? That should be listed in the
security considerations.

The expert review guidelines seem like "specification required" with some
additional requirements on things like what the specification must say.

I was surprised to see Carsten's full contact information given, as if he were
a co-author.



--
last-call mailing list
last-call@ietf.org
https://www.ietf.org/mailman/listinfo/last-call

v2.23.0 | Report a Bug | By Email