[secdir] Secdir telechat review of draft-ietf-drip-arch-24
Valery Smyslov via Datatracker <noreply@ietf.org> Mon, 20 June 2022 14:47 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DE4BC15AAC2; Mon, 20 Jun 2022 07:47:09 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Valery Smyslov via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-drip-arch.all@ietf.org, last-call@ietf.org, tm-rid@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 8.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <165573642902.3855.12136038089100959017@ietfa.amsl.com>
Reply-To: Valery Smyslov <valery@smyslov.net>
Date: Mon, 20 Jun 2022 07:47:09 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/t2xTW6MfLdvXwSkMx3SugJYhrEc>
Subject: [secdir] Secdir telechat review of draft-ietf-drip-arch-24
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2022 14:47:09 -0000
Reviewer: Valery Smyslov Review result: Has Nits I reviewed earlier the -22 version of the draft. The current -24 version addresses most of my concerns. However, one piece of text that I thought we have agreed upon with the authors (based on mail exchange https://mailarchive.ietf.org/arch/msg/secdir/BMK4BuVWfECtHu34qikE9XmKTK0/) is still missing in this version. More specific: assertion that "It is well within current server array technology to compute another key pair that hashes to the same HHIT." is only true if the size of the the public key hash is small. I understand that this is probably the case for the DRIP architecture, but the assertion in the draft is generic with no mention of the actual hash size. I asked the authors to prepend the sentence with the text like "If the size of the public key hash in the HHIT is not large enough,", but for some reason this text didn't get into the -24 version. I don't think this is a serious issue, but I would prefer the assertions in the draft to be accurate.
- [secdir] Secdir telechat review of draft-ietf-dri… Valery Smyslov via Datatracker
- Re: [secdir] Secdir telechat review of draft-ietf… shuai zhao
- Re: [secdir] [Last-Call] Secdir telechat review o… Valery Smyslov