[sidr] Opsdir last call review of draft-ietf-sidr-rpki-validation-reconsidered-08

Will LIU <liushucheng@huawei.com> Wed, 30 August 2017 12:44 UTC

Return-Path: <liushucheng@huawei.com>
X-Original-To: sidr@ietf.org
Delivered-To: sidr@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C92A1331A7; Wed, 30 Aug 2017 05:44:06 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Will LIU <liushucheng@huawei.com>
To: <ops-dir@ietf.org>
Cc: draft-ietf-sidr-rpki-validation-reconsidered.all@ietf.org, ietf@ietf.org, sidr@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.59.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150409704619.21582.12831904999110291317@ietfa.amsl.com>
Date: Wed, 30 Aug 2017 05:44:06 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/zBQV9FhX2jmmHef2rm3uMcW9G6Y>
Subject: [sidr] Opsdir last call review of draft-ietf-sidr-rpki-validation-reconsidered-08
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Aug 2017 12:44:06 -0000

Reviewer: Will LIU
Review result: Ready

I have reviewed draft-ietf-sidr-rpki-validation-reconsidered-08 as part of the
Operational directorate's ongoing effort to review all IETF documents being
processed by the IESG.  These comments were written with the intent of
improving the operational aspects of the IETF drafts. Comments that are not
addressed in last call may be included in AD reviews during the IESG review.
Document editors and WG chairs should treat these comments just like any other
last call comments.

"This document specifies an alternative to the certificate validation procedure
specified in RFC 6487 that reduces aspects of operational fragility in the
management of certificates in the RPKI, while retaining essential security
features. The use of this updated procedure is signalled by form of a set of
alternative Object Identifiers (OIDs) indicating that the alternative version
of RFC 3779 X.509 Extensions for IP Addresses and AS Identifiers, and
certificate policy for the Resource Public Key Infrastructure (RFC 6484)
defined in this document should be used. Furthermore this document provides an
alternative to ROA↓ (RFC 6482), and BGPSec↓ Router Certificate (BGPSec↓ PKI
Profiles - publication requested) validation."

My overall view of the document is 'Ready' for publication.

One small comment is that we usually add a section for terminology for such a
document with so many terms. This can also solve the issue that some of the
acronyms were not given the full name.