RE: draft-ietf-smime-3851bis-02 (notes, part 1)
"Turner, Sean P." <turners@ieca.com> Tue, 03 June 2008 19:58 UTC
Return-Path: <owner-ietf-smime@mail.imc.org>
X-Original-To: ietfarch-smime-archive@core3.amsl.com
Delivered-To: ietfarch-smime-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 172393A6941 for <ietfarch-smime-archive@core3.amsl.com>; Tue, 3 Jun 2008 12:58:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eCPWioj4eYfH for <ietfarch-smime-archive@core3.amsl.com>; Tue, 3 Jun 2008 12:58:10 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 5E7473A67AD for <smime-archive@ietf.org>; Tue, 3 Jun 2008 12:58:09 -0700 (PDT)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id m53Jg4ZM053814 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 3 Jun 2008 12:42:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id m53Jg41Z053813; Tue, 3 Jun 2008 12:42:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp104.biz.mail.re2.yahoo.com (smtp104.biz.mail.re2.yahoo.com [206.190.52.173]) by balder-227.proper.com (8.14.2/8.14.2) with SMTP id m53Jg22a053806 for <ietf-smime@imc.org>; Tue, 3 Jun 2008 12:42:03 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 71823 invoked from network); 3 Jun 2008 19:42:02 -0000
Received: from unknown (HELO Wylie) (turners@ieca.com@96.231.124.17 with login) by smtp104.biz.mail.re2.yahoo.com with SMTP; 3 Jun 2008 19:42:02 -0000
X-YMail-OSG: 9syXZJoVM1nCPHOPwLg5HcaTDcxw2BNH9Yacfw0H1_mfpeWs1j8ReHHTvY3dnZKZTnSxS7zCZ3NgoomflOJaqNyMy4ywv6VKNKtrcxL_ob5KFPUeOgZUllgu7LhHUC37XnM-
X-Yahoo-Newman-Property: ymail-3
From: "Turner, Sean P." <turners@ieca.com>
To: ietf-smime@imc.org
References: <200805190921.LAA12918@TR-Sys.de>
Subject: RE: draft-ietf-smime-3851bis-02 (notes, part 1)
Date: Tue, 03 Jun 2008 15:41:54 -0400
Organization: IECA, Inc.
Message-ID: <BCB848B142AF43BDB45E178C44A95EB7@Wylie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
Thread-Index: Aci6acDbQCzqJFdbSIqytOgr/nmchQKgdIGw
In-Reply-To: <200805190921.LAA12918@TR-Sys.de>
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Alfred, Thanks for the review. Responses inline. All, Alfred suggests demoting UTCTime to a SHOULD- in his last comment. I think we should stay aligned with CMS/PKIX - curious what others think. spt >-----Original Message----- >(1) Conventions used ... > >- The RFC Editor will want to make that a proper (numbered) section. > I suggest to move it to between the current sub-sections 1.1 and 1.2. Fixed. >- The comments I sent on the same part of draft-ietf-smime-3850bis-02 > also apply. Fixed. >(2) Section 1 > >(2a) 1st paragraph > >For completeness (and matching of what is said in the >Abtract), I suggest to add a short note on message compression >to the end of the first paragraph of Section 1, for instance: > > As a supplementary service, S/MIME provides for message compression. Added the sentence. >(2b) 2nd paragraph > >Perhaps the most important usage scenario for S/MIME now is >bound to SIP (using the 'sips' URIs) to protect the >negotioation of multimedia session parameters (cf. RFC 3261). >Therefore, I suggest to replace in the second paragraph of >Section 1 the clause "such as HTTP" by "such as HTTP or SIP". Added the SIP reference. >(3) General -- terminology > >It has been generally recognized that the media type concept >defined in [MIME-SPEC] has outgrown the narrow context of >MIME, and RFC 4288 (BCP 13) has confirmed that the popular >sluggish term "MIME Type" >should not be used, in favor of the proper term "Media Type", >which already had been used throughout [MIME-SPEC]. > >Therefore, I recommend to also change in this draft all >occurrences of "MIME type" to "media type" (inclusive of the >title of Section 3.4.3.1). > >Also, when refering to MIME header fields, their names should >be quoted faithfully for clarity and precision; in particular, >the hyphen should always be included after "Content", e.g., > "Content type" --> "Content-type". Agreed >(4) Section 1.1 > >(4a) 1st paragraph > >The draft says: > > This document describes a protocol for adding cryptographic >signature > and encryption services to MIME data. The MIME standard [MIME-SPEC] >| provides a general structure for the content type of Internet >| messages and allows extensions for new content type applications. > >There are two issues with the use of "content type": > >- "structure of the content type" is a slight abuse of language; > "structure of content" is the proper designation. It does say "structure for the content type :) I changed it to ...structure for the content of Internet messages... >- "content type applications" seems to be vague and unclear. > I suggest to use "content type specific applications" or > "content type based applications" instead Choose the later >(4b) 2ns and 3rd paragraph > >Please apply (3) -- 3 occurrences. I did a search for MIME type and replaced them with media type >(5) Section 1.3 > >For clarity, please add another comma after the first instance >of "inclusive", or place this word in parentheses. I tweaked it a bit but I think it's fixed now. >(6) Section 1.4 > >(6a) section title > >The legacy section title obviously is outdated, turning it ambiguous. >It should better be changed: > > 1.4. Changes Since S/MIME v3 >--- >| 1.4. Changes From S/MIME v3 to S/MIME v3.1 > >This should properly complement the correctly entitled new section, > > 1.5. Changes Since S/MIME v3.1 Fixed >(6b) last two paragraphs > >Please apply (3) -- two occurrences. Fixed >(7) Section 1.5 -- typo > >Please replace "in parantheticals" by either "parenthetical" >or "in parenthesis". I deleted "in parantheticals" - it wasn't needed. >(7) Section 1.5 -- typo > >Please replace > vv v > "AES-CBC" in parantheticals. >by either: > parenthetical "AES-CBC". >or: > parenthetic "AES-CBC". >or: > "AES-CBC" in parenthesis. Accepted - I just removed the in parenthesis. >(8) Section 2 -- clarification of the role of [ESS] > >I suggest to add a note to the text in Section 2 clarifying >that RFC 2634 [ESS] is applicable for S/MIME v3.2 as well. > >This is intended to complement the remarks in Section 1.3 >stating that RFC 2634 is part of the S/MIME v3 and S/MIME v3.1 >specification. ESS gets pulled in in section 2.5 when discussing attributes. I did add text to address ESS in section 2. >(9) Section 2.3 > >Please replace > using rsaEncryption algorithm. >by either: > using the rsaEncryption algorithm. >or: > using rsaEncryption. Accepted >(10) Section 2.4.1 > >The draft says: > > vvvvvvvvvvvv > ... the MIME content MUST be stored in the SignedData > encapContentInfo eContent OCTET STRING ... > >This is misleading; the Content-Type has to be stored there, >not the "content". >In line with (3) above, I suggest to use the phrase: > > vvvvvvvvvvv >| ... the media type MUST be stored in the SignedData > encapContentInfo eContent OCTET STRING ... Accepted >(11) Section 2.4.4, 1st paragraph > >I suggest to insert the article "the" giving "reduce the message size". Accepted >(12) Section 2.5 > >(12a) 1st paragraph > >The draft says, using redundant/replicated wording: > > vvvvvvvvvvvvv > The SignerInfo type allows the inclusion of unsigned and signed > attributes to be included along with a signature. > ^^^^^^^^^^^^^^ >I suggest to simplify the wording to: > > The SignerInfo type allows the inclusion of unsigned and signed >| attributes along with a signature. > ^ Accepted >(12b) 2nd-to-last paragraph > >The draft says: > > [..]. Receiving agents SHOULD handle attributes or > values that it does not recognize in a graceful manner. > >The wording "receiving agents ... it does not" should be improved upon. >I suggest either to turn to singular: > > vv vv >| [..]. A Receiving agent SHOULD handle >attributes or > values that it does not recognize in a graceful manner. > >or substitute "they" in the last line: > > [..]. Receiving agents SHOULD handle attributes or >| values they do not recognize in a graceful manner. > ^^^^^^^ Accepted (used the 2nd one) >(13) Section 2.5.1 > >The rules for UTCTime vs. GeneralizedTime are unfortunate for >several reasons, as I have pointed out in recent comments on >RFC 5280. They violate the lessons learned during Y2K that >4 decimal digits should *always* be encoded for year numbers, >and they cause general non-exercising of 'MUST implement' >code, generating a new security risk. > >I strongly recommend to, at a minimum, demote the "MUST" to >encode signing-time through 2049 as UTCTime to a "MUST-", >preferably "SHOULD", to promote starting general migration to >GeneralizedTime. I think we should stay aligned with CMS & PKIX on this. But, I think we should add that receiving agents must support both UTCTime and GeneralizedTime. spt
- draft-ietf-smime-3851bis-02 (notes, part 1) (fwd) Alfred Hönes
- RE: draft-ietf-smime-3851bis-02 (notes, part 1) Turner, Sean P.
- Re: draft-ietf-smime-3851bis-02 (notes, part 1) Blake Ramsdell