[secdir] secdir review of draft-ietf-pkix-tamp-05

"Glen Zorn" <gwz@net-zen.net> Mon, 01 March 2010 14:09 UTC

Return-Path: <gwz@net-zen.net>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4172728C32C for <secdir@core3.amsl.com>; Mon, 1 Mar 2010 06:09:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.166
X-Spam-Level:
X-Spam-Status: No, score=-2.166 tagged_above=-999 required=5 tests=[AWL=0.434, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Eu9zwUGuJMM for <secdir@core3.amsl.com>; Mon, 1 Mar 2010 06:09:46 -0800 (PST)
Received: from p3plsmtpa01-10.prod.phx3.secureserver.net (p3plsmtpa01-10.prod.phx3.secureserver.net [72.167.82.90]) by core3.amsl.com (Postfix) with SMTP id 7898328C336 for <secdir@ietf.org>; Mon, 1 Mar 2010 06:09:46 -0800 (PST)
Received: (qmail 12378 invoked from network); 1 Mar 2010 13:43:07 -0000
Received: from unknown (124.120.216.211) by p3plsmtpa01-10.prod.phx3.secureserver.net (72.167.82.90) with ESMTP; 01 Mar 2010 13:43:06 -0000
From: Glen Zorn <gwz@net-zen.net>
To: iesg@ietf.org, pkix-chairs@ietf.org, secdir@ietf.org, housley@vigilsec.com, srashmo@radium.ncsc.mil, cwallace@cygnacom.com
Date: Mon, 01 Mar 2010 20:42:49 +0700
Organization: Network Zen
Message-ID: <00c101cab945$18bf9090$4a3eb1b0$@net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acq5RRVibn8mZ1OlS8ShoPDUlMwmoA==
Content-Language: en-us
Subject: [secdir] secdir review of draft-ietf-pkix-tamp-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2010 14:09:47 -0000

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.


EDITORIAL COMMENTS

Section 1.2.2 says:
   Management trust anchors are used in the management of cryptographic
   modules.  For example, the TAMP messages specified in this document
   are validated to a management trust anchor.  Likewise, a signed
   firmware package as specified in [RFC4108] is validated to a
   management trust anchor.
This might be better put as    
   Management trust anchors are used in the management of cryptographic
   modules.  For example, the TAMP messages specified in this document
   are validated by a management trust anchor.  Likewise, a signed
   firmware package as specified in [RFC4108] is validated by a
   management trust anchor.

In Section 1.3.4, s/The application-specific protocol processing MUST be
provided the/The application-specific protocol processing MUST provide the/

Section 3, paragraph 3 says "Certificates include a signature, which removes
the ability for relying parties to".  Just a question: should "relying" in
the sentence actually be "relaying"?  In any case, "ability for" should
probably be changed to "ability of".

Suggestion: Section 4.4 says in two places "The status codes appear in the
same order as the TrustAnchorUpdate structures to which they apply"; maybe
"The status codes MUST appear in the same order as the TrustAnchorUpdate
structures to which they apply" would be clearer.

In Section 7, s/if the signer is not representated/if the signer is not
represented/.

The Security Considerations section is remarkably clear and comprehensive.