[TLS] Genart last call review of draft-ietf-tls-keylogfile-01

Russ Housley via Datatracker <noreply@ietf.org> Fri, 12 April 2024 18:30 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: tls@ietf.org
Delivered-To: tls@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C485C151062; Fri, 12 Apr 2024 11:30:49 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Russ Housley via Datatracker <noreply@ietf.org>
To: gen-art@ietf.org
Cc: draft-ietf-tls-keylogfile.all@ietf.org, last-call@ietf.org, tls@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.10.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <171294664943.62605.7873105311521971417@ietfa.amsl.com>
Reply-To: Russ Housley <housley@vigilsec.com>
Date: Fri, 12 Apr 2024 11:30:49 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2lG2RiODgR98TJP3IvagWjh3Zx0>
Subject: [TLS] Genart last call review of draft-ietf-tls-keylogfile-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2024 18:30:49 -0000

Reviewer: Russ Housley
Review result: Ready

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Document: draft-ietf-tls-keylogfile-01
Reviewer: Russ Housley
Review Date: 2024-04-12
IETF LC End Date: 2024-04-18
IESG Telechat date: unknown

Summary: Ready


Major Concerns:

None


Minor Concerns:

Section 3: The text says: "Access to the content of a file in
SSLKEYLOGFILE format allows an attacker to break the
confidentiality protection on any TLS connections that are
included in the file."  This is clearly true.  However, the
attacker this access to the keys can also break the integrity
protections.

Section 4: The registration of the new application/sslkeylogfile
media-type for all IETF registrations in the standards tree
requires a posting to the media-types@iana.org mail list.  A search
of the mail archive id not uncover "sslkeylogfile".  To avoid delay,
that mail list discussion should probably get started now.


Nits:

Section 1: s/file format that logging/file format for logging/