[secdir] secdir review of draft-ietf-lamps-rfc5280-i18n-update
Taylor Yu <tlyu@mit.edu> Thu, 12 October 2017 04:02 UTC
Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D608E134322; Wed, 11 Oct 2017 21:02:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.302
X-Spam-Level:
X-Spam-Status: No, score=-2.302 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JDU114lBf0IQ; Wed, 11 Oct 2017 21:02:08 -0700 (PDT)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79995126DFE; Wed, 11 Oct 2017 21:02:08 -0700 (PDT)
X-AuditID: 12074422-0f7ff70000007316-00-59dee93fb60d
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id 3C.D0.29462.F39EED95; Thu, 12 Oct 2017 00:02:07 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id v9C426Uw006347; Thu, 12 Oct 2017 00:02:06 -0400
Received: from localhost (nyc-02.triskelion.com [162.243.175.178]) (authenticated bits=0) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v9C424Ic029873; Thu, 12 Oct 2017 00:02:05 -0400
From: Taylor Yu <tlyu@mit.edu>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-lamps-rfc5280-i18n-update.all@ietf.org
Date: Thu, 12 Oct 2017 04:02:04 +0000
Message-ID: <ldva80xko8z.fsf@ubuntu-1gb-nyc1-01.localdomain>
Lines: 26
MIME-Version: 1.0
Content-Type: text/plain
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrEIsWRmVeSWpSXmKPExsUixCmqrWv/8l6kwb4ZChbzn99msZjxZyKz xYeFD1kcmD2WLPnJFMAYxWWTkpqTWZZapG+XwJVx7+UR5oIzHBX9706xNjC+Y+ti5OSQEDCR uPJsKmMXIxeHkMBiJomNF2axQDgbGSUmT5rFBOF8Y5SYt/kFexcjBwebgJzE5VvBIN0iAnES +1f3sYLYwgJ2Ejf3TWEHsVkEVCX2TO0Bs3kFbCQ6L/Ywg9g8ApwSL09uZISIC0qcnPmEBcRm FpCQOPjiBfMERp5ZSFKzkKQWMDKtYpRNya3SzU3MzClOTdYtTk7My0st0jXVy80s0UtNKd3E CAoYdhelHYwT/3kdYhTgYFTi4X2hdS9SiDWxrLgy9xCjJAeTkijvtXtAIb6k/JTKjMTijPii 0pzU4kOMEhzMSiK8/ruAcrwpiZVVqUX5MClpDhYlcd5tQbsihQTSE0tSs1NTC1KLYLIyHBxK ErwnnwM1ChalpqdWpGXmlCCkmTg4QYbzAA1/DlLDW1yQmFucmQ6RP8VozLHp5t0/TBwbvj/4 wyTEkpeflyolzlsEUioAUppRmgc3DRT1iz6v3/SKURzoOWGIgTzAhAE37xXQKiagVaJpd0BW lSQipKQaGCcYZrwvX51peLql91fQpmBe8fs5bqwX5v+ou5Ylk1o6/9eS6aEfF+xrj+u6tCM2 JGTHss6Om2bit2bEFD28090eczkoOuhPYMhh61Va+1JjXjdf9D7pnsVrsUT3+Ikj/1yb9Lrq Mi92tC3hOiW9oO3IKk7OR+y7T6x85BwhP+3sd/+zvndX7lBiKc5INNRiLipOBACAPJuV1QIA AA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/vVsVCARn7uxOTNJsU-yy9qmB5Xw>
Subject: [secdir] secdir review of draft-ietf-lamps-rfc5280-i18n-update
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2017 04:02:10 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is: Ready with Nits. This seems to be a useful incremental improvement to RFC 5280. The Security Considerations seem reasonable. The nits are minor and can likely be resolved as part of the RFC Editor process. Nits: * RFC3492 is listed as an Informative reference but section 2.3 (which modifies section 7.2 of RFC5280) is normative text that refers to it. (though not using an RFC2199 keyword) Arguably this might be OK because I think other normative references in this document transitively cite RFC3492. * RFC3629 is listed as an Informative reference but the new text in section 2.4 (which modifies section 7.5 of RFC5280) appears to refer to it normatively (about BOMs). Best regards, -Taylor