Re: [lamps] [EXTERNAL] Opsdir last call review of draft-ietf-lamps-ocsp-nonce-update-05
Himanshu Sharma <himanshu@netskope.com> Wed, 10 April 2024 18:26 UTC
Return-Path: <himanshu@netskope.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEC5DC14F616 for <spasm@ietfa.amsl.com>; Wed, 10 Apr 2024 11:26:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.091
X-Spam-Level:
X-Spam-Status: No, score=-2.091 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netskope.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7z9qZVcURYCQ for <spasm@ietfa.amsl.com>; Wed, 10 Apr 2024 11:26:29 -0700 (PDT)
Received: from us-smtp-delivery-117.mimecast.com (us-smtp-delivery-117.mimecast.com [170.10.129.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFB3FC14F60C for <spasm@ietf.org>; Wed, 10 Apr 2024 11:26:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netskope.com; s=mimecast20210603; t=1712773588; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=sGe81NbahKfb4AVuqwxuvHNJ4J+9oABz4JYuQGdN/cA=; b=g0VaKsP8obKun1qtaQ+A9VTxoa0PRSrMFT6ynuuXhef4Y6TAeRq/s9ERdzKZTWUsIPFyra W4ITbqxiQVV/njMYBO5j1X83E4Ak22bF3jPv9zCKGwi2W2ZXomV4WxhMVrNAxlpYDTUGer wBtTJ8lCFjisPRXa3Wk/Hw1KniikdM0=
Received: from mail-io1-f72.google.com (mail-io1-f72.google.com [209.85.166.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-651-KILsKZtjNJqpu6UEKHKGXg-1; Wed, 10 Apr 2024 14:26:26 -0400
X-MC-Unique: KILsKZtjNJqpu6UEKHKGXg-1
Received: by mail-io1-f72.google.com with SMTP id ca18e2360f4ac-7d5db4db531so436369039f.2 for <spasm@ietf.org>; Wed, 10 Apr 2024 11:26:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712773586; x=1713378386; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=JoiYONbid9DNIxeNclllQ0qYwJ5naGTcvRKOG8XnLhk=; b=eMw1flYmwlV6GrL9YbwHoSvftFXO5b4lyCA9gHpv9mPTjozbV7g4b0vpmPYJhHzps8 mB4DJnQxp57VbGyp9gfJz4LKJUe5ZbS5oIMM00BDl2NI1Zr0CJFtTIPmTIN9gANvdeAQ 3gLpNLLj73ddhUTCmWWlb0/EbSKv7BimV1h2EKQZend43hHSM8zQnThIYthniIq4KrE4 HF+YSVLEFR27bVXX69OULcIT4V3K+Ddfm1SH1jJoj5L5T8Vn/Wqr91zzxs7JafYVGxZY CDZejhSjgwAy9h/9nD45S6/61KpfkjbAOc1DmmVp6NoI3j4a1zbhgMCI88TZO5LO9yTA TZCQ==
X-Forwarded-Encrypted: i=1; AJvYcCWv+WdvQnU8L3rBHHx/9Nyi4n7BuxFHY5VmNdMzGyr4sWiC/oT+mMkJ8xWs4M8W2XmqA9QL2lIp5twXhZ+cMQ==
X-Gm-Message-State: AOJu0YxiVAP3T6LT6kPTcR3GfP4axPzV8qpWSCofys2FLztC1X/oZVsL UA2i27oLsFZensHhAU4p/Ed0ETQMsB4FpLZWF3V0Vx84ii88RD93OoWExhLe6Vy43Gd55IweAhg 3qbniKR+a8K+Za6cPoop0jkykuwng6+xLIiZ7i9Q/d0Yib1VP+K28PnJwZM+Nio7rzgLO8iw585 uO4bRRpNujJQjzRwwssc8=
X-Received: by 2002:a05:6602:4186:b0:7d5:f591:2cc7 with SMTP id bx6-20020a056602418600b007d5f5912cc7mr4608360iob.9.1712773586008; Wed, 10 Apr 2024 11:26:26 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGXvQB2L++InNUPsNeYizi+wGJDuuhojUwfzF4PvM96a80DpFkerJUfA3+ObexIvYD/RRCAIy0vyPF3
X-Received: by 2002:a05:6602:4186:b0:7d5:f591:2cc7 with SMTP id bx6-20020a056602418600b007d5f5912cc7mr4608350iob.9.1712773585720; Wed, 10 Apr 2024 11:26:25 -0700 (PDT)
Received: from netskope.com ([163.116.128.168]) by smtp-relay.gmail.com with ESMTPS id fs10-20020a056602608a00b007d0c05abd35sm467550iob.16.2024.04.10.11.26.24 for <spasm@ietf.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Apr 2024 11:26:25 -0700 (PDT)
X-Relaying-Domain: netskope.com
Received: by mail-pl1-f198.google.com with SMTP id d9443c01a7336-1e2b3a09a62so67797755ad.2 for <spasm@ietf.org>; Wed, 10 Apr 2024 11:26:21 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCVr5elc/ZMD8d/CGC+CRFbSbua9i5t8pkvXkgMZJ9e1Wk2Obe/4Q6vyu4cRjKiMBw+maijm2lPFQZ+A/rK7zw==
X-Received: by 2002:a17:903:1247:b0:1dc:8eba:42c3 with SMTP id u7-20020a170903124700b001dc8eba42c3mr4902207plh.23.1712773580400; Wed, 10 Apr 2024 11:26:20 -0700 (PDT)
X-Received: by 2002:a17:903:1247:b0:1dc:8eba:42c3 with SMTP id u7-20020a170903124700b001dc8eba42c3mr4902187plh.23.1712773580096; Wed, 10 Apr 2024 11:26:20 -0700 (PDT)
MIME-Version: 1.0
References: <171269011520.2420.5933358132842531673@ietfa.amsl.com>
In-Reply-To: <171269011520.2420.5933358132842531673@ietfa.amsl.com>
From: Himanshu Sharma <himanshu@netskope.com>
Date: Wed, 10 Apr 2024 11:26:08 -0700
Message-ID: <CAL9pJ7mzW6QW_MXybbUHEg55387uL6Hq6w2+b87JsH5kGYE6iA@mail.gmail.com>
To: Susan Hares <shares@ndzh.com>
Cc: ops-dir@ietf.org, draft-ietf-lamps-ocsp-nonce-update.all@ietf.org, last-call@ietf.org, spasm@ietf.org
x-netskope-inspected: true
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: netskope.com
Content-Type: multipart/alternative; boundary="000000000000d2d24a0615c22c05"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/6_soF4feRjAC7GTPL4O-YtrQ9OU>
Subject: Re: [lamps] [EXTERNAL] Opsdir last call review of draft-ietf-lamps-ocsp-nonce-update-05
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 18:26:34 -0000
Thanks Susan for your time to review the I-D and providing the feedback. I will work on the suggestion and update the I-D soon. -Himanshu On Tue, Apr 9, 2024 at 12:15 PM Susan Hares via Datatracker < noreply@ietf.org> wrote: > Reviewer: Susan Hares > Review result: Has Nits > > > Status: Ready with NITs > General Statement: Excellent writing and clearly understood by a novice. > I enjoyed reading the clear ASN.1 syntax in the appendices. > > operational summary: The key point is that Clients switching from > [RFC8954] to [draft-ietf-lamps-ocsp-nonce-update-06] will want to > use a nonce of length 32, and accept an OCSP of 16 octets. > > 4 NITS: Main Text (1) Appendix A.1 (1), and Appendix A.2 (2). > Note that NITS are editorial suggestions. > > 1 NITS in Main Text: > > The example in section 2 starts with > 30 2f 06 09 2b 06 01 05 05 07 30 01 02 [hex] > Sequence (30) length (2f) { > OBJECT Identifier (06) length (09) > oscpNonce (1 3 6 1 5 5 7 48 1 2 ) > > It might be good to explain that (1 3) is the 2b. > ------ > > #2 NITS in ASN.1 in Section > > It would help the ASN.1 reader to explain in a comment > associated with the first usage of "generalizedTime" the format of the > generalized time. It is a well-defined ASN.1 concept, but > the reader is assumed to be an IETF reader with less experience > in ASN.1. > > ------ > > #NIT 3, use of ATTRIBUTE as an import. > > In my review of the ASN.1 in Appendix A.2, > I cannot find a usage of ATTRIBUTE. > If it is not used, why is it included? > > ----- > #NIT 4, use of @amp; > > ResponseBytes ::= SEQUENCE { > responseType RESPONSE. > &id ({ResponseSet}), > response OCTET STRING (CONTAINING RESPONSE. > &Type({ResponseSet}{@responseType}))} > > AcceptableResponses ::= SEQUENCE OF RESPONSE.&id({ResponseSet}) > > I am not familiar with "&id" or "&Type" or @response. > Please add a comment with the ISO reference for this syntax. > If you wish to be helpful to the reader, it would be > to explain what this syntax means. > > > > > > > > >
- [lamps] Opsdir last call review of draft-ietf-lam… Susan Hares via Datatracker
- Re: [lamps] [EXTERNAL] Opsdir last call review of… Himanshu Sharma
- Re: [lamps] [EXTERNAL] Opsdir last call review of… Susan Hares
- Re: [lamps] [EXTERNAL] Opsdir last call review of… Himanshu Sharma