[Tsv-art] Tsvart last call review of draft-ietf-trans-rfc6962-bis-31
Jana Iyengar via Datatracker <noreply@ietf.org> Thu, 14 March 2019 00:10 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: tsv-art@ietf.org
Delivered-To: tsv-art@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 28001131110; Wed, 13 Mar 2019 17:10:39 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Jana Iyengar via Datatracker <noreply@ietf.org>
To: tsv-art@ietf.org
Cc: draft-ietf-trans-rfc6962-bis.all@ietf.org, trans@ietf.org, ietf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.94.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Jana Iyengar <jri.ietf@gmail.com>
Message-ID: <155252223906.24967.13703742248115518247@ietfa.amsl.com>
Date: Wed, 13 Mar 2019 17:10:39 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/ct3UuMO6yek4kcJPdzvtpLkBSbE>
Subject: [Tsv-art] Tsvart last call review of draft-ietf-trans-rfc6962-bis-31
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2019 00:10:39 -0000
Reviewer: Jana Iyengar Review result: Ready This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC tsv-art@ietf.org if you reply to or forward this review. This document is very clearly written and explains the goals of Certificate Transparency, the mechanisms by which the goals are accomplished, and details for implementing various CT components. My comments below are perhaps worth addressing in the draft, but they aren't critical. 1/ Section 4 discusses log format and operation, but it is predominantly about format. Section 4.13 is entirely an operational consideration, and it sticks out a bit. It left me thinking if it made sense to separate it out into an "Log Operational Considerations" section. It might be an overkill to have a separate section, but see below for more. 2/ Are there other operational considerations worth talking about? Are there, for instance, DoS vectors that a Log operator needs to be aware of that might be specific to running a Log? 3/ How many logs should a submitter submit a newly issued certificate to? What are the considerations here? I did not see any recommendations for submitters. Is this worth discussing in the document? 4/ I was wondering what might happen if cert lifetimes were too small. What are the consequences? Is there value in discussing this?
- [Tsv-art] Tsvart last call review of draft-ietf-t… Jana Iyengar via Datatracker