Re: [TLS] [Last-Call] Genart last call review of draft-ietf-tls-subcerts-12
Lars Eggert <lars@eggert.org> Wed, 25 May 2022 09:20 UTC
Return-Path: <lars@eggert.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDA3AC14F74F; Wed, 25 May 2022 02:20:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eggert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9o5--dGLfq7H; Wed, 25 May 2022 02:20:54 -0700 (PDT)
Received: from mail.eggert.org (mail.eggert.org [91.190.195.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F636C14F739; Wed, 25 May 2022 02:20:33 -0700 (PDT)
Received: from smtpclient.apple (unknown [IPv6:2a00:ac00:4000:400:e91e:c034:a8d7:562e]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.eggert.org (Postfix) with ESMTPSA id 91D751DB77D; Wed, 25 May 2022 12:20:19 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=eggert.org; s=dkim; t=1653470419; bh=A4JIEJU5k2B9raFCA9+HGqK1HyaHJJEnAj3Jc8f8aMc=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=H62KeVfcA2lXqJibK/OTCbjl7rhEOY+SEYIbROUz1xHbdPqHmmnthPj9mOTo9zgvH 2ND9wKpMtoRmc1WVDcHKcq1GVYJ0PS8KNnaWktCZ2fwdPMJ4JS2RnJpYBFDvDL5HE1 CETsAEu2X+v3P938bQS37TbMiDe8p83g0CPRn2Fw=
Content-Type: multipart/signed; boundary="Apple-Mail=_97FC5595-8929-478A-94D8-0F6E53560234"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
From: Lars Eggert <lars@eggert.org>
In-Reply-To: <164946350444.3243.13599547539306150042@ietfa.amsl.com>
Date: Wed, 25 May 2022 12:20:18 +0300
Cc: General Area Review Team <gen-art@ietf.org>, last-call@ietf.org, draft-ietf-tls-subcerts.all@ietf.org, tls@ietf.org
Message-Id: <B475925D-F0C2-4402-9B78-BDAD9B32F6CB@eggert.org>
References: <164946350444.3243.13599547539306150042@ietfa.amsl.com>
To: Elwyn Davies <elwynd@dial.pipex.com>
X-MailScanner-ID: 91D751DB77D.A4556
X-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details
X-MailScanner-From: lars@eggert.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2DL8lTxrWCWyg2Hg54P6sskTYBE>
Subject: Re: [TLS] [Last-Call] Genart last call review of draft-ietf-tls-subcerts-12
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2022 09:20:57 -0000
Elwyn, thank you for your review. I have entered a No Objection ballot for this document. Lars > On 2022-4-9, at 3:18, Elwyn Davies via Datatracker <noreply@ietf.org> wrote: > > Reviewer: Elwyn Davies > Review result: Ready with Nits > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-tls-subcerts-?? > Reviewer: Elwyn Davies > Review Date: 2022-04-08 > IETF LC End Date: 2022-04-08 > IESG Telechat date: Not scheduled for a telechat > > Summary: > Ready with nits. Just a few editrial level nits. > > Major issues: > None > > Minor issues: > None. > > Nits/editorial comments: > Abstract: The exact form of the abbreviation (D)TLS is not in the set of > well-known abbreviations. I assume it is supposed to mean DTLS or TLS - This > ought to be expanded on first use. > > Abstract: s/mechanism to to/mechanism to/ > > s1, para 2: CA is used before its expansion in para 3. > > s1, next to last para: "this document proposes" Hopefully when it becomes an > RFC it will do more than propose. Suggest "this document introduces". > > s1, next to last para: "to speak for names" sounds a bit anthropomorphic to > me, but I can't think of a simple alternative word. > > s1, last para: s/We will refer/This document refers/ [Not an academic paper!] > > s3.1, 2nd bullet: s/provide are not necessary/provide is not necessary/ > > s4, definition of expected_cert_verify_algorithm: " Only signature algorithms > allowed for use in CertificateVerify message are allowed." Does this need a > reference to the place where the list of such algorithms is recorded? > > s4.1.1 and s4.1.2: In s4.1.1: "the client SHOULD ignore delegated credentials > sent as extensions to any other certificate." I would have though this ought > to be a MUST. There is an equivalent in s4.1.2. I am not sure what the > client/server might do if it doesn't ignore the DC. > > s4.1.3, para 1: s/same way that is done/same way that it is done/ > > s4.2, para 1: s/We define/This docuent defines/ > > sS/s5.1: RFC conventions prefer not to have sections empty of text: Add > something like: "The following operational consideration should be taken into > consideration when using Delegated Certificates:" > > > > -- > last-call mailing list > last-call@ietf.org > https://www.ietf.org/mailman/listinfo/last-call
- [TLS] Genart last call review of draft-ietf-tls-s… Elwyn Davies via Datatracker
- Re: [TLS] [Last-Call] Genart last call review of … Lars Eggert
- Re: [TLS] [Last-Call] Genart last call review of … Nick Sullivan