Re: [lamps] Genart last call review of draft-ietf-lamps-documentsigning-eku-04
Sean Turner <sean@sn3rd.com> Mon, 22 August 2022 00:11 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94D78C1522AF for <spasm@ietfa.amsl.com>; Sun, 21 Aug 2022 17:11:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JfXcAmHtVPab for <spasm@ietfa.amsl.com>; Sun, 21 Aug 2022 17:11:36 -0700 (PDT)
Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48EE4C14CE45 for <spasm@ietf.org>; Sun, 21 Aug 2022 17:11:27 -0700 (PDT)
Received: by mail-ej1-x62e.google.com with SMTP id bj12so1195861ejb.13 for <spasm@ietf.org>; Sun, 21 Aug 2022 17:11:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc; bh=YoiNuxFJtO1Y3W4yadUSRojpsU9v5GwntyGDlNZGPho=; b=jNgwSAT2F6f6mToRhev3XUkDeWCTv4J3qiBKC09ybGGIE1NZ9tES2WJJuwk4gX/6PD YvBxVERSlqrHXzOEjVkYQHzY05ka9AJ94GDqrExnyO2qOIu+D83Jzw4RbBPeA6rPZmZD 93S0lvi/CBDj8CzNb9hd/o3vv0hsDTy9+la00=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc; bh=YoiNuxFJtO1Y3W4yadUSRojpsU9v5GwntyGDlNZGPho=; b=fPnhILeJxPeTNHhh+KdY+ZQkJOLx1EQ4d35qW82ddLtW+IOy1cLGyfX97kvcGSv1Cj Yeukg5AHSAgT4Ds4LTUrdxoKjmfyRiilZANg7WamoTisSyXkeSI29QwHk5hevAiZfxJp VjaWGbb6cXu0XFhlnKNJkFNb5iiA7gw6jVSqOMS/+HWUJaOy+zwd5Ok7yt4ZkNARUXCV GT4CMRRov3V7kxbfuaaZwWVelfKazA67sIGLj5+8wkv4w8C9hdSKCa77SJJzjVO2226m XnevVuKWfLFFygnIEHbgqQ19dT+mPgWV60XbWApWrqlD2ALfiBaLk+3QyzOOpN3GxthD Kcjw==
X-Gm-Message-State: ACgBeo3QfJ+cgAEiASEgl/w9U3Rp+8hIEYfbP0i3q8ZQWjOPYSA/8Zu7 W9QBy0LFAcIrtURnjCTgK0SWgA==
X-Google-Smtp-Source: AA6agR4eXqRl++c2p/bLoGlSqS/3NR0adiYbFyQb6HvE4T2yTn6bfiSBeFipLkjvny+4cgkLpJs4UA==
X-Received: by 2002:a17:906:fe46:b0:730:ca2b:cb7b with SMTP id wz6-20020a170906fe4600b00730ca2bcb7bmr11655095ejb.703.1661127085524; Sun, 21 Aug 2022 17:11:25 -0700 (PDT)
Received: from smtpclient.apple ([2607:fb00:28:241a:d2b:61d1:e3ca:e72a]) by smtp.gmail.com with ESMTPSA id 2-20020a170906200200b0072aa009aa68sm5453642ejo.36.2022.08.21.17.11.23 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 21 Aug 2022 17:11:25 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <165990512033.41551.11873246377263870533@ietfa.amsl.com>
Date: Sun, 21 Aug 2022 19:11:21 -0500
Cc: gen-art@ietf.org, draft-ietf-lamps-documentsigning-eku.all@ietf.org, last-call@ietf.org, spasm@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <60EE25B2-4470-42C2-AA5F-0F50EFE9084E@sn3rd.com>
References: <165990512033.41551.11873246377263870533@ietfa.amsl.com>
To: Dale Worley <worley@ariadne.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Z03Hh7cXPzQssuLJbPRKNvpek7k>
Subject: Re: [lamps] Genart last call review of draft-ietf-lamps-documentsigning-eku-04
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Aug 2022 00:11:40 -0000
Dale, Thanks for the review. Version -05 should address these: https://datatracker.ietf.org/doc/draft-ietf-lamps-documentsigning-eku/ https://www.ietf.org/rfcdiff?url1=draft-ietf-lamps-documentsigning-eku-04&url2=draft-ietf-lamps-documentsigning-eku-05&difftype=--html spt > On Aug 7, 2022, at 15:45, Dale Worley via Datatracker <noreply@ietf.org> wrote: > > Reviewer: Dale Worley > Review result: Ready with Nits > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-lamps-documentsigning-eku-04 > Reviewer: Dale R. Worley > Review Date: 2022-08-07 > IETF LC End Date: 2022-08-11 > IESG Telechat date: (none) > > Summary: > > This draft is basically ready for publication, but has nits that > should be fixed before publication. > > The technical content of the draft is quite good, but there is an > editorially critical issue regarding the allocation of the > identifiers. There are three places where "to be done" identifiers > are specified: > > 3.1. Including the Extended Key Purpose for Document Signing in > > id-kp-documentSigning OBJECT IDENTIFIER ::= { id-kp XX } > > 8.2. Informative References > > Appendix A. ASN.1 Module > DocSignEKU { iso(1) identified-organization(3) dod(6) internet(1) > security(5) mechanisms(5) pkix(7) id-mod(0) > id-mod-docsign-eku(TBD1) } > > id-kp-documentSigning OBJECT IDENTIFIER ::= { id-kp TBD2 } > > However, section 7 "IANA Considerations" does not explicitly mention > any of these substitutions. Compare with > e.g. draft-ietf-curdle-cms-chacha20-poly10305. Section 7 does say > that assignments need to be made to the appropriate registries but > provides no reference or "Note to the Editor" what substitutions need > to be made in the text. Also, "XX" must be the same as "TBD2", but > that is not specified. > > There is also a redundant specification at the end of section 7, > > No further action is necessary by IANA. > > Given that the previous sentences in the paragraph state that there > are two actions and then enumerate them, adding a statement that there > are no others is redundant. > > [END] > > >
- [lamps] Genart last call review of draft-ietf-lam… Dale Worley via Datatracker
- Re: [lamps] Genart last call review of draft-ietf… Sean Turner
- Re: [lamps] [Gen-art] Genart last call review of … Lars Eggert