[Uta] Review of, and recommendation to adopt, draft-tschofenig-uta-tls13-profile
Barry Leiba <barryleiba@computer.org> Tue, 26 March 2019 10:55 UTC
Return-Path: <barryleiba@gmail.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80A171202BD for <uta@ietfa.amsl.com>; Tue, 26 Mar 2019 03:55:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rTfQ1DvflQ_s for <uta@ietfa.amsl.com>; Tue, 26 Mar 2019 03:55:57 -0700 (PDT)
Received: from mail-it1-f169.google.com (mail-it1-f169.google.com [209.85.166.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 437DE1202A4 for <uta@ietf.org>; Tue, 26 Mar 2019 03:55:57 -0700 (PDT)
Received: by mail-it1-f169.google.com with SMTP id g17so18774199ita.2 for <uta@ietf.org>; Tue, 26 Mar 2019 03:55:57 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=Xb/SyAcwbohap5bqUUDm1+kNetOyP9qrSj625EOQBdw=; b=Jc2Fm/ArO9EmdWaVZRVxQ2Dja8Z2jPQBeEVCUhqMm7b5uowYVFWUIxjDWnLoRyZaL+ QIGDN/WWre9lW7Cn7S/XtQz3iLDMvOWm89vkegzY14afsp4jRcP4plb+jBAIKjWc2wjl cGYkV5iXuzXSU2N5yTVrOPQqUDkAKGUV4NbTVe2aIvkz1myb259tik+p1TBlEyLlyKGA FSMSMUSh5rwoPLqAcRDJ4sj0ATr2LRFllzTonps+/QbxrXqCkJ3ByQzDmfImRU3Tghus DV8y52aZ4/yD37nK8Rb4uhMFZ5htUwM6yEKqp2rvtSoNPD7+vBjBbRzXUQSQxlMTdtNv +5lA==
X-Gm-Message-State: APjAAAXr8TKpqq0L0CjNBWv/TSRNyjC0Nwang0HzgR1p6weWJZLY6e4s wkdLZRIIJCZfxqmTdpsl4DyhgEh/WZFojMuqa2lN28bVLos=
X-Google-Smtp-Source: APXvYqyGl/9KlSBplDV2o60e+eJCCEhBg3/pkp66O0UX6djE83YZ606Lop3lrK/+DRDN2vPHBDQqseRLADohrq9KgWE=
X-Received: by 2002:a02:1185:: with SMTP id 127mr22315558jaf.136.1553597755674; Tue, 26 Mar 2019 03:55:55 -0700 (PDT)
MIME-Version: 1.0
From: Barry Leiba <barryleiba@computer.org>
Date: Tue, 26 Mar 2019 11:55:44 +0100
Message-ID: <CALaySJ+V7iU+u2ykKHjeUzs_JJHq32YGK9A-TEfzOKY7kibedA@mail.gmail.com>
To: uta@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/_YXgd46aDrzBLL0OwQupwt5RHAU>
Subject: [Uta] Review of, and recommendation to adopt, draft-tschofenig-uta-tls13-profile
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2019 10:55:59 -0000
I think draft-tschofenig-uta-tls13-profile represents work that UTA should take on, and that it is a good starting point for the working group to use. Review of version -01: Section 2: Please change to the RFC 8174 boilerplate and add a normative reference to RFC 8174. Section 3, last paragraph: a nit, but I would change this to active voice: NEW TLS/DTLS clients and servers implementing raw public keys and/or certificates MUST follow the guidance for mandatory-to-implement extensions described in Section 9.2 of [RFC8446]. END Section 4: The last sentence has a typo and doesn’t make sense. I think you mean this: NEW Hence, it is more important for a developer to find out from which situations the device can recover and which situations are hopeless. END (And you might consider whether the word “more” is actually useful.) For Sections 8, 9, 10, 13, and 14 (and the first paragraph of Section 3), we should consider whether this document should be stand-alone (consider a future when TLS 1.3 is ubiquitous and 1.2 fades away), and copy the text from 7925 rather than refer to it, even though that makes this document longer. One could do that along with adding a note that the RFC Editor will remove, which says that the text is verbatim from RFC 7925, to help reviewers. Section 9: Change “this document” to “that document”. Section 10: Nit… “any more” should be two words. Section 15: draft-ietf-http-replay is now RFC 8470, published in September. Another unnecessary passive voice to change to active: OLD It is RECOMMENDED that origin servers allow resources to explicitly configure whether early data is appropriate in requests. NEW Origin servers SHOULD allow resources to explicitly configure whether early data is appropriate in requests. END You say, ‘This specification defines a new CoAP option "timestamp" ‘. Why is that defined in Appendix A, and not here in Section 15? -- Barry
- [Uta] Review of, and recommendation to adopt, dra… Barry Leiba
- Re: [Uta] Review of, and recommendation to adopt,… Loganaden Velvindron