[Suit] Secdir last call review of draft-ietf-suit-architecture-11
Rich Salz via Datatracker <noreply@ietf.org> Thu, 27 August 2020 16:11 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: suit@ietf.org
Delivered-To: suit@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D29E3A0FE9; Thu, 27 Aug 2020 09:11:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rich Salz via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: last-call@ietf.org, draft-ietf-suit-architecture.all@ietf.org, suit@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.14.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <159854468417.31349.14137152546699566319@ietfa.amsl.com>
Reply-To: Rich Salz <rsalz@akamai.com>
Date: Thu, 27 Aug 2020 09:11:24 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/IS23icuWQHTVfuCuezgiBDWeDd0>
Subject: [Suit] Secdir last call review of draft-ietf-suit-architecture-11
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2020 16:11:25 -0000
Reviewer: Rich Salz Review result: Ready The security directorate tries to review all IETF documents prior to IESG review. This should be considered as input to the security AD's, or otherwise general Last Call comments. I apologize for the lateness of this review. Hopefully since a new draft is expected, this might be useful anyway. This is READY (reasonable folks may disagree of course). There are no nits that aren't already covered. I have some suggestions: - I wish the terminology were in alphabetical order. - The requirements list should say "each is covered in more detail in the following subsections" or similar. The topic, updating firmware on IoT devices, is very important. The document defines requirements, explains why, and then describes an architecture that could meet those requirements. Examples cover a variety of instantiations. I think this is the first time I have seen a ladder diagram for processing steps, as opposed to protocol interchanges. This is a very well-written document.
- [Suit] Secdir last call review of draft-ietf-suit… Rich Salz via Datatracker