[secdir] Secdir telechat review of draft-ietf-drip-arch-24

Valery Smyslov via Datatracker <noreply@ietf.org> Mon, 20 June 2022 14:47 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Valery Smyslov via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-drip-arch.all@ietf.org, last-call@ietf.org, tm-rid@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <165573642902.3855.12136038089100959017@ietfa.amsl.com>
Reply-To: Valery Smyslov <valery@smyslov.net>
Date: Mon, 20 Jun 2022 07:47:09 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/t2xTW6MfLdvXwSkMx3SugJYhrEc>
Subject: [secdir] Secdir telechat review of draft-ietf-drip-arch-24

Reviewer: Valery Smyslov
Review result: Has Nits

I reviewed earlier the -22 version of the draft. The current -24 version
addresses most of my concerns. However, one piece of text that I thought we
have agreed upon with the authors (based on mail exchange
https://mailarchive.ietf.org/arch/msg/secdir/BMK4BuVWfECtHu34qikE9XmKTK0/) is
still missing in this version.

More specific: assertion that "It is well within current server array
technology to compute another key pair that hashes to the same HHIT." is only
true if the size of the the public key hash is small. I understand that this is
probably the case for the DRIP architecture, but the assertion in the draft is
generic with no mention of the actual hash size. I asked the authors to prepend
the sentence with the text like "If the size of the public key hash in the HHIT
is not large enough,", but for some reason this text didn't get into the -24
version.

I don't think this is a serious issue, but I would prefer the assertions in the
draft to be accurate.

[secdir] Secdir telechat review of draft-ietf-dri… Valery Smyslov via Datatracker
Re: [secdir] Secdir telechat review of draft-ietf… shuai zhao
Re: [secdir] [Last-Call] Secdir telechat review o… Valery Smyslov