[TLS] Adam Roach's Yes on draft-ietf-tls-iana-registry-updates-04: (with COMMENT)

Adam Roach <adam@nostrum.com> Wed, 04 April 2018 04:09 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Adam Roach <adam@nostrum.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-tls-iana-registry-updates@ietf.org, Stephen Farrell <stephen.farrell@cs.tcd.ie>, tls-chairs@ietf.org, stephen.farrell@cs.tcd.ie, tls@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152281496113.23972.392506465427726208.idtracker@ietfa.amsl.com>
Date: Tue, 03 Apr 2018 21:09:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lilw637HJxjHwOBG8qcEdhN3aWI>
Subject: [TLS] Adam Roach's Yes on draft-ietf-tls-iana-registry-updates-04: (with COMMENT)

Adam Roach has entered the following ballot position for
draft-ietf-tls-iana-registry-updates-04: Yes

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-tls-iana-registry-updates/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for the work everyone put in on this document. I have a handful of
comments, ranging from nits to minor issues. They appear in document order.

---------------------------------------------------------------------------

Title:

Please expand "TLS" and "DTLS" in the title. See
https://www.rfc-editor.org/materials/abbrev.expansion.txt for guidance.

---------------------------------------------------------------------------

Abstract:

Please include the list of updated RFCs in the abstract. See
<https://www.ietf.org/standards/ids/checklist/> §3.1.D. The current formulation
of "This document updates many (D)TLS RFCs (see updates header)" is problematic
due to the factors described in the final paragraph of RFC 7322 §4.3.

---------------------------------------------------------------------------

§2:

>  Instead of listing the changes and their rationale in this,
>  the introductory, section each section provides rationale for the
>  proposed change(s).

There's something awkward with the commas here. Perhaps you mean:

>  Instead of listing the changes and their rationale in this,
>  the introductory section, each section provides rationale for the
>  proposed change(s).

---------------------------------------------------------------------------

§8:

This section doesn't indicate anything about the disposition of
"token_binding," which is due to (potentially) expire in 11 months. Given that
the temporary property of this registration is due only to the previous policy
that this document is obsoleting, it seems that this document should instruct
IANA to remove the temporary status from the "token_binding" TLS ExtensionType.

---------------------------------------------------------------------------

§8:

The table that adds a "Recommended" column to the TLS ExtensionType does not
indicate values for "token_binding" or "cached_info." I suggest either adding
them, or adding text to explain their omission.

---------------------------------------------------------------------------

§9:

>  assigned via Specification Required {{RFC8126}}.  Values with the
>  first byte 255 (decimal) are reserved for Private Use {{RFC8126}}.

Nit: the "{{...}}" citation style is probably not what you intended.

---------------------------------------------------------------------------

§13:

>  o  A "Recommended" column to the TLS Exporter Label registry.  The
>     table that follows has been generated by marking Standards Track
>     RFCs as "Yes" and all others as "No".

No rows are marked "No." Presumably, the text above should instead say "any
values not indicated in the table below [will be/have been] marked 'No'"

---------------------------------------------------------------------------

§14:

>  120   no_application_protocol  Y  [RFC7301]

Every other updated table is amended to also point to this document. I presume
that omitting it from this entry is an oversight, and that it should instead be:

>  120   no_application_protocol  Y  [RFC7301] [RFCthis]

---------------------------------------------------------------------------

§17:

>  o  [SHALL update/has updated] the TLS HashAlgorithm Registry to list
>     values 7-223 as "Reserved" and the TLS SignatureAlgorithm registry
>     to list values 4-223 as "Reserved".

HashAlgorithm 8 is already assigned, as are SignatureAlgorithms 7 and 8.
Presumably the reserved ranges should be "7 and 9-223" and "4-6 and 9-223",
respectively.

---------------------------------------------------------------------------

§17:

>  Despite the fact that the HashAlgorithm and SignatureAlgorithm
>  registries are orphaned, it is still import to warn implementers of

nit: "important"

>  pre-TLS1.3 implementations about the dangers of blinding implementing

nit: "blindly"

[TLS] Adam Roach's Yes on draft-ietf-tls-iana-reg… Adam Roach
Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana… Benjamin Kaduk
Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana… Sean Turner
Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana… Sean Turner