Re: [lamps] Opsdir last call review of draft-ietf-lamps-cmp-algorithms-12
"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Wed, 11 May 2022 12:56 UTC
Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7A33C1850DA; Wed, 11 May 2022 05:56:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LuesrbQ6b1lt; Wed, 11 May 2022 05:56:05 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on0603.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe06::603]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3C9AC1850CC; Wed, 11 May 2022 05:56:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KsRbEMf+sibv9giBBCV84sasOtx6ptB6RzKP8cVxkEjL8ViiNRoACgp07Cg/q9ODyRWPaRK5GzeCwH92Qzhc1CmqqKXVS73Mve1GDS1BuGfOhqMtRnDf4BowtS6D6BWrSDo6vvhaaJeINgE+33K9ulXcB29lRmGlE+HQKTJhDtgNfnCOg/Wlu2kBYsBPIf3rrOlo3WZDhYIiCECSe9o884LgSD4CimI0XWvVABkWvv64ugHyryMGv2inTXA7tZIC8USAD5bQZSkZlCGvh+RZ6R/i758oCOMoTYJIsTN4ycUmfj8xFT+F0Zrmr2W7p1KkhqvbMtT+REHIndJiPcauuw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UYX7NoNOHgnbO2c/ZTeqJvIts2x8KGv/dQTAvmgAuGA=; b=bvZsXpy7ZWTHrySEX9g0oyt4ZuzFBN4EaQr8dbPpLpVZ1PML4dHaSeDH4V7MrWA+1E8Qcr5f4OgZyQQEj2rcmFYoSCUY6GadzM1dumL2WFmmgJKMLvYVNGKJmb1Xp8omoRCkQhRunEgRXmTT8yzIIStebhtuPF1eDewUFqC+uR9XmgD6rKdvpCN21MxG/WnMnSHQDj8jRSqK6i6MWRJ9y6d0vAspUqZkXLFG/YNn1DOT9MxaXVPXVAxXI8X72TVu0CyY1MZLsEqsGVIrpyu3YSlaSHHcTQhTpoWwNjllghpDl+C1oB9qNsgiOz2jknF5zokBnZWGJG3/flKNRHbUXw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UYX7NoNOHgnbO2c/ZTeqJvIts2x8KGv/dQTAvmgAuGA=; b=pwSvKPFKvvK2HTdwq+HZGtKuV8LPy5uA3cRCeQ0soPOmMr5wkPQqIIf6OIWw4Cw0UOzXMKGm276RClzESre0Q46Cv+qHQfhzBlbjFAzOVyo5dNbsTj7NbzdoqFQTpNetwLKIO543Ihsuch36s00vkPs5jj5MyaLkwUMZjx3ehbfqByxwHoDIfYXk76w6ov8xSe2GOVtewA5c4UwI0d5kjx60MxZGp6bvcSAQqTZOOfjboLBCMllb5lE9aTvufIpTip8V/KecTFsfoG/pO7LjcN2z3iHgTs1YqW6Xt97AT6wOxMZy4Mrwsh5ik/369tHxikf9I7IQsl0RZQyKy4EYGA==
Received: from DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:4:b1::18) by VI1PR10MB2797.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:803:ec::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.21; Wed, 11 May 2022 12:55:54 +0000
Received: from DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM ([fe80::ed10:9fc:bb3f:bbb1]) by DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM ([fe80::ed10:9fc:bb3f:bbb1%12]) with mapi id 15.20.5227.023; Wed, 11 May 2022 12:55:53 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Qin Wu <bill.wu@huawei.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
CC: "draft-ietf-lamps-cmp-algorithms.all@ietf.org" <draft-ietf-lamps-cmp-algorithms.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: Opsdir last call review of draft-ietf-lamps-cmp-algorithms-12
Thread-Index: AQHYYtZej5UtRjnekkWMWtfj4Bhcl60Znxkg
Date: Wed, 11 May 2022 12:55:53 +0000
Message-ID: <DB6PR1001MB12698EA0681C87CED9839188FEC89@DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM>
References: <165201257958.20747.11298264075079955264@ietfa.amsl.com>
In-Reply-To: <165201257958.20747.11298264075079955264@ietfa.amsl.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2022-05-11T12:55:51Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=77dbce64-5438-4c49-901d-d790605c0e9b; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2d723195-0bc7-4747-06cb-08da334d956a
x-ms-traffictypediagnostic: VI1PR10MB2797:EE_
x-microsoft-antispam-prvs: <VI1PR10MB2797E584DDB472F2C92A178FFEC89@VI1PR10MB2797.EURPRD10.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /PLfXK1Li8mB0yEzJlhwn05AYCADm6hnVApmKshDKNAED2z9gH+Gp2kGrta0myaKfNjczNFcXxPNf1srRPE31Cnas8I8SFB63mspz2IVl9CRa7e957S61qoHp2ZnZmY1S95/NS3dj21V+CwotZhg7/41FI5FFB3kqL9tcuBW04XDtr9lJzZM7SlrreRqPrkyinu4BuMbIfceFB9TvVqr1xjFXbbugSGB8kYlbCaqPZf/ElkGQLeuRt6z6tKTEpwe/dmHr9pZ5tZE8F7YAP60xrY45D9yFiGjz2RI/eYv0a7G5klHEXCbtxHpwitqi8+9SXlp73BodH/OypEFGp7j4AfFC8S19CKobJp19m5Jw49MI0lj9cLKLY7Fwj0TPlTNA/JKD9H7gqzybqKIDbifPHWZBHVYGwmmm4J700MHBZVHLrDawV6+BmC0vbcDbEMDXMLF9HHFsXu6XqIq7AbwQ08jt3D+bUD8RaM8evW7WnWrrQKHiB1BZ2pSRkKyPF3iTn6wEeUVTmsz57A+QYtytshF8wWeBaGYHl3/TNOXnWItxd9+6npgNvHfyrjTv1qHGH4Fh6a0ToI1N0U1S8NqeYGFW187ptMiH/sesQQik2kBYWzr3pXAX3ip4SSMc/xl/2YUYwsTo7qI9hEhBX8qT7lLPh4YJjta6i5LSKcmvzB0SWXnHGYGoOIBp592h0QriiqDkPtfECMlNbZlEH7dEA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(316002)(66556008)(66946007)(76116006)(9686003)(508600001)(82960400001)(64756008)(66476007)(55016003)(66446008)(110136005)(7696005)(2906002)(86362001)(26005)(186003)(4326008)(54906003)(8676002)(71200400001)(122000001)(38100700002)(33656002)(8936002)(38070700005)(6506007)(52536014)(83380400001)(5660300002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 26ih3PPWS4us4VpmqrSkFP5yZP6B0CVDjT0UqpK8mv1FkTefH4WWiOzhZEozkk52zDIbrf5DUNK35RdRXLDmh+58tTJXSZI8p6+ZD4EPij5Z5fjSYn4QDb3TFZ0ZeTUvbGFv9tZCwjKlHiR6lMxP9MVhIb0CaetHJtmxkBeK+KqaffVonCpM0TMfHNPOaLibMpewZmXPXHjK9DNxjCTdPzQO3st+geSV+UP0snnjxqcyP3pD2fk7PZODpo6sPGqeaQag1wnhrunZbZanR9UHY8+k5hzgTdZdUNWdDiY7llT5mRuTsuI6yUA9XjGo6jRv9/oMB46w9oL6n9pCfchuaAz3eDUMEDqM7r/caJ8/Jq79CIzXhytDJ23TqOu7ckqEMkaFWpzG1RaO1f3iNZknc81XIvTxqXtk6rdYdkhHVLhkX6vdCmAmlBWdscJ2l1vGLveWFuNaqs2pOqcquBdJGOYhh7eokAxX5KFU16fcVfzcu6XeOow+c2blAXekHdtF0pOSx8KSJC+rXyw6JxU5NQi9IlE7i03/TRFYWMeth88uhw7xBp5j+xPjoEDIEVOBLA56hd9GZ3Ybo4u2cG6YmvtLY6a1HsmURfu9LNf6huTFWHfKIlzgsTGeyN9U1KnD2YiA0wGv5G1LBYOhAGpi3vyylEU3bNnEhrDC/8uCA5GsThlOiEbT4K//KnQVyB3c8X33uiX+EA1ODHVCvTt9Syp4yzTlD0ieF3NHGJQAat4v5JIiVkA44t2fP8rRm9unwxNzEZoAsE3mjnWB4IKvkkCpMnjgvWRFvJb7AgegwGOX2muGhe0dKffOFhUe4pgqZFkuaz9rjK0QPvmRtUyC46q8ywmtBFloQWdfnY9TdH8g77plPOLJ3VvjMhr6ILOSJErKkYCPCKzL40wFWdVk3z9G6aEwd39wusnhqetOb85I/Neg1+oUkBtRfZkl6JrZTfF5iLxseNIoxBKJTwmQZQJGsokSiaoO+jTfQKcl30dT1Cl8B229LYwE7XTgHyNWiG3kH0C//5UXNFjpf/RiH4hrdX/6dhOfFvMoHTZ+o6WzFjdmtCQcAzINP0vM4J6RZEnLvSd3yZ1uCWGwS3Q9oO6RtdpLDlLRRQEFJg+NdmQG1F3UIo1ch7l35O6r9hGjCx9v35HP7oTnF80OqlwJxIYwzg3za+yJ8buRGg9QWkopYe/dFKLvEsbBDVJjwgwAkLTFCRI5jL1E89HL8mu6y+tUok31GzRPL3hXJ5potdFIG3rd1SKjlVL/JD591CPMiDbkpXfK+RI8VYr7kc+zwSAKJPNBsGspqI6Z0OkMlUV3cXA0VKziEipdSE6KDT6o5dZsX+hJTKpEO3trt70wCVPgvCA0+Ku80c6CaH/5UmAtJ9esqdh3wkVnj7PhILu2XCVdPF2LgeFpdRm46ddF9RJ/wZiRly4cFqKrRohiE79xduGQ/R0yyYW3wAewrJ+K5NvbbkT+37exVAS6un9hhdvgIn82Uv/xPeGTJb/x1o/33jP4RPi8h09/LEWId1V9MRnNHqJb3UgGMviJqSQn6kpoowBGFO7YORrN9lEvki3WL1PeGN10JGWtjIjnj2w5QUYhJElmPQsPxkDlML7BjxaHdv65Vy3eZ+ShVMKIP4MMeMjErFbwr70C6PcheVfo5gp5BeCQtk+xAvWTwXu73AW0mQTmt3JVgraaDDtj0JAk8MjgixlmzeIDQzUA+cECBJcEmbgh4NHARbTHmXyVPgLBgf85MnwYKZUNODMubDY=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 2d723195-0bc7-4747-06cb-08da334d956a
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 May 2022 12:55:53.8442 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: AVxZ5NF0+JUxa1TRUCgLaXP4xR2JhN5umOMSgLGJlRhXe1TBT442pimCIQMZ/xri6Grdzs4s1Gf7l+ZxejmfC5NHVmZed0/AqngqgzTAbvw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR10MB2797
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/38HJRaTP5kbZ1o1sISGo8iOX854>
Subject: Re: [lamps] Opsdir last call review of draft-ietf-lamps-cmp-algorithms-12
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 May 2022 12:56:09 -0000
Dear Quin Wu Many thanks for your review. Please find my proposal below. > Von: Qin Wu via Datatracker <noreply@ietf.org> > > Reviewer: Qin Wu > Review result: Has Nits > > I have reviewed this document as part of the Operational directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written with the intent of improving the operational aspects of > the IETF drafts. Comments that are not addressed in last call may be included in > AD reviews during the IESG review. Document editors and WG chairs should > treat these comments just like any other last call comments. > > RFC4210 describes CMP protocol and specifies CMP algorithm use profile as part > of PKI Management Message profile in the appendix. This document describes > CMP algorithms and provides CMP algorithms classification and use profiles. > > I believe this document is well written and ready for publication. > > Major issue: > No > > Minor issues: > 1.One thing is not clear to me is the exact relation between RFC4210 and this > document. It seems this document separates CMP algorithm use profile > discussion from Appendix of RFC4210 and expands it as a new document. If the > answer is yes, I think it is worth clarifying this in the introduction. 2.Abstract > highlights this document focuses on describing the convention for using > algorithm with CMP. I feel most CMP algorithms use convention have already > been documented in other specifications or RFCs, e.g., SHA2,SHAKE,RSA, ECDSA, > etc. > Therefore I am not sure abstract catches the essence of the content in this > document. I feel this document can be seen as recipe book or playbook for > developers. Maybe the abstract can be polished a little bit to reflect what it is. > Old text: This document updates RFC 4210 describing the conventions for using concrete cryptographic algorithms with the Certificate Management Protocol (CMP). CMP is used to enroll and further manage the lifecycle of X.509 certificates. New text: This document describes the conventions for using several cryptographic algorithms with the Certificate Management Protocol (CMP). CMP is used to enroll and further manage the lifecycle of X.509 certificates. This document also updates the algorithm use profile from RFC 4210 Appendix D.2. Does this change sufficiently address your comment? Hendrik
- [lamps] Opsdir last call review of draft-ietf-lam… Qin Wu via Datatracker
- Re: [lamps] Opsdir last call review of draft-ietf… Brockhaus, Hendrik