Skip to main content

CDNI Metadata for Delegated Credentials
draft-ietf-cdni-https-delegation-subcerts-12

Revision differences

Document history

Date Rev. By Action
2024-10-31
(System)
Received changes through RFC Editor sync (changed state to RFC, created became rfc relationship between draft-ietf-cdni-https-delegation-subcerts and RFC 9677, changed IESG state to RFC …
Received changes through RFC Editor sync (changed state to RFC, created became rfc relationship between draft-ietf-cdni-https-delegation-subcerts and RFC 9677, changed IESG state to RFC Published)
2024-10-29
12 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2024-10-14
12 (System) RFC Editor state changed to AUTH48
2024-10-14
12 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2024-09-10
12 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2024-09-10
12 (System) IANA Action state changed to Waiting on RFC Editor from In Progress
2024-09-10
12 (System) IANA Action state changed to In Progress from Waiting on Authors
2024-09-09
12 (System) IANA Action state changed to Waiting on Authors from In Progress
2024-09-06
12 Barry Leiba Closed request for Last Call review by ARTART with state 'Overtaken by Events': Document has finished IESG processing
2024-09-06
12 Barry Leiba Assignment of request for Last Call review by ARTART to Cullen Jennings was marked no-response
2024-09-05
12 (System) RFC Editor state changed to EDIT
2024-09-05
12 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2024-09-05
12 (System) Announcement was received by RFC Editor
2024-09-05
12 (System) IANA Action state changed to In Progress
2024-09-05
12 Cindy Morgan IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2024-09-05
12 Cindy Morgan IESG has approved the document
2024-09-05
12 Cindy Morgan Closed "Approve" ballot
2024-09-05
12 Cindy Morgan Ballot approval text was generated
2024-09-05
12 (System) Removed all action holders (IESG state changed)
2024-09-05
12 Francesca Palombini IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup
2024-09-05
12 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-12.txt
2024-09-05
12 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-09-05
12 Christoph Neumann Uploaded new revision
2024-09-05
11 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-11.txt
2024-09-05
11 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-09-05
11 Christoph Neumann Uploaded new revision
2024-08-28
10 Francesca Palombini Changed action holders to Guillaume Bichot, Emile Stephan, Frédéric Fieau, Christoph Neumann (Waiting on authors to consider last of the AD feedback (reminder sent))
2024-08-17
10 Murray Kucherawy
[Ballot comment]
Thanks for fixing up my DISCUSS regarding Section 6.

The only part of my earlier comment remaining is this one:

The NOT RECOMMENDED …
[Ballot comment]
Thanks for fixing up my DISCUSS regarding Section 6.

The only part of my earlier comment remaining is this one:

The NOT RECOMMENDED in Section 4 is a reference to the one in Section 7.  I suggest using different language for the first one, e.g., "See Section 7 for constraints regarding ..."  I understand that the SECDIR review suggested this be included, but I think it's safer to have the actual normative statement in only one place and just refer to it from elsewhere rather than restating it.
2024-08-17
10 Murray Kucherawy Ballot comment text updated for Murray Kucherawy
2024-08-17
10 Murray Kucherawy
[Ballot comment]
Thanks for fixing up my DISCUSS regarding Section 6.

The only part of my earlier comment remaining is this one:

The NOT RECOMMENDED …
[Ballot comment]
Thanks for fixing up my DISCUSS regarding Section 6.

The only part of my earlier comment remaining is this one:

The NOT RECOMMENDED in Section 4 is a reference to the one in Section 7.  I suggest using different language for the first one, e.g., "See Section 7 for constraints regarding ..."
2024-08-17
10 Murray Kucherawy [Ballot Position Update] Position for Murray Kucherawy has been changed to No Objection from Discuss
2024-08-16
10 Paul Wouters [Ballot comment]
Thanks for addressing my concern. I have updated my ballot to "No Objection"
2024-08-16
10 Paul Wouters [Ballot Position Update] Position for Paul Wouters has been changed to No Objection from Discuss
2024-08-16
10 (System) Changed action holders to Francesca Palombini (IESG state changed)
2024-08-16
10 (System) Sub state has been changed to AD Followup from Revised I-D Needed
2024-08-16
10 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2024-08-16
10 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-10.txt
2024-08-16
10 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-08-16
10 Christoph Neumann Uploaded new revision
2024-08-08
09 (System) Changed action holders to Guillaume Bichot, Emile Stephan, Frédéric Fieau, Christoph Neumann (IESG state changed)
2024-08-08
09 Cindy Morgan IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation
2024-08-08
09 Zaheduzzaman Sarker [Ballot comment]
Thanks for working on this specification. I will support Murray's discuss.
2024-08-08
09 Zaheduzzaman Sarker [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker
2024-08-07
09 Murray Kucherawy
[Ballot discuss]
Roman also asked about this in his comment but I think it needs DISCUSSion, and I expect it will be easy to sort …
[Ballot discuss]
Roman also asked about this in his comment but I think it needs DISCUSSion, and I expect it will be easy to sort out (or just remove):

What are Sections 6.1 and 6.2 for?  They don't appear to be related to the action described in Section 6, and I couldn't find any other related registry with these fields.
2024-08-07
09 Murray Kucherawy
[Ballot comment]
I suggest combining the two SHOULDs in Section 3.2.  They seem like they should be evaluated the same way, i.e., might you ever …
[Ballot comment]
I suggest combining the two SHOULDs in Section 3.2.  They seem like they should be evaluated the same way, i.e., might you ever reasonably do what one says but not the other?

Similarly, the NOT RECOMMENDED in Section 4 is a reference to the one in Section 7.  I suggest using different language for the first one, e.g., "See Section 7 for constraints regarding ..."
2024-08-07
09 Murray Kucherawy [Ballot Position Update] New position, Discuss, has been recorded for Murray Kucherawy
2024-08-07
09 Mahesh Jethanandani [Ballot Position Update] New position, No Objection, has been recorded for Mahesh Jethanandani
2024-08-07
09 Paul Wouters
[Ballot discuss]
One minor item to resolve:

    If despite this recommendation, the private key is communicated via the MI, the
    transported …
[Ballot discuss]
One minor item to resolve:

    If despite this recommendation, the private key is communicated via the MI, the
    transported private key MUST be encrypted within a JWE envelope using the encryption
    key (PrivateKeyEncryptionKey) provided within the FCI.DelegatedCredentials by the dCDN.

Please add some language that states that the JWE encryption key MUST have a strength equal or larger than
the private key it is encrypting for transport.
2024-08-07
09 Paul Wouters [Ballot Position Update] New position, Discuss, has been recorded for Paul Wouters
2024-08-04
09 Orie Steele
[Ballot comment]
# Orie Steele, ART AD, comments for draft-ietf-cdni-https-delegation-subcerts-09
CC @OR13

https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-cdni-https-delegation-subcerts-09.txt&submitcheck=True

## Comments

### key formats?

```
153       Description:  Base64-encoded …
[Ballot comment]
# Orie Steele, ART AD, comments for draft-ietf-cdni-https-delegation-subcerts-09
CC @OR13

https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-cdni-https-delegation-subcerts-09.txt&submitcheck=True

## Comments

### key formats?

```
153       Description:  Base64-encoded (as defined in Section 4 of
154         [RFC4648]) public key of the dCDN to be used by the uCDN to
155         encrypt private keys.
```

Base64 encoding implies a binary public key format.

Are there any details which should be added regarding the public keys?

EC Point compression? CBOR / COSE Key / JWK ?

Is there a risk of interoperability issues based on "double encoding" ?


```
267   If the private-key property is used, the transported private key MUST
268   be encrypted using the PrivateKeyEncryptionKey specified in
269   FCI.DelegatedCredentials.  The base64 envelope format for this
270   property MUST use JWE [RFC7516], whereas the private key is included
271   as JWE Ciphertext in the JWE.
```

Same question here for private key formats.

You might consider adding some references to media types for MUST support and MAY support key formats.

Especially given the requirement to use JWE for encryption, because there exists the `content type` parameter.
2024-08-04
09 Orie Steele [Ballot Position Update] New position, No Objection, has been recorded for Orie Steele
2024-08-02
09 (System) IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2024-07-31
09 Roman Danyliw
[Ballot comment]
Thank you to Mallory Knodel for the GENART review.

** Section 3.1.  FCI.DelegatedCredentials.  Per the PrivateKeyEncryptionKey that is Base64-encoded, how does one know …
[Ballot comment]
Thank you to Mallory Knodel for the GENART review.

** Section 3.1.  FCI.DelegatedCredentials.  Per the PrivateKeyEncryptionKey that is Base64-encoded, how does one know what type if public key it is (e.g., RSA? ECC?)

** Section 6.1 and 6.2.  What role does this text play in any IANA registry action?  Could the role of this text be clarified?
2024-07-31
09 Roman Danyliw [Ballot Position Update] New position, No Objection, has been recorded for Roman Danyliw
2024-07-23
09 Chris Lemmons Added to session: IETF-120: cdni  Tue-2000
2024-07-22
09 Gunter Van de Velde
[Ballot comment]
Gunter Van de Velde, RTG AD, comments for draft-ietf-cdni-https-delegation-subcerts-09

Please find https://www.ietf.org/blog/handling-iesg-ballot-positions/ documenting the handling of ballots.

Please find for your convenience a …
[Ballot comment]
Gunter Van de Velde, RTG AD, comments for draft-ietf-cdni-https-delegation-subcerts-09

Please find https://www.ietf.org/blog/handling-iesg-ballot-positions/ documenting the handling of ballots.

Please find for your convenience a few non-blocking review comments about this draft handling some textual enhancements.

#DETAILED COMMENTS
#=================
##classified as [minor] and [major]

74   Content delivery over HTTPS using one or more CDNs along the path
75   requires credential management.  This specifically applies when an
76   entity delegates to another trusted entity delivery of content via
77   HTTPS.

79   This document defines the CDNI Metadata interface to setup HTTPS
80   delegation using delegated credentials (as defined by [RFC9345])
81   between an upstream CDN (uCDN) and downstream CDN (dCDN).

[minor]
From a readability perspective, what about the following alternate textblob?

"
Content delivery over HTTPS utilizing one or more Content Delivery Networks (CDNs) along the delivery path necessitates the management of credentials. This requirement is particularly pertinent when an entity delegates the delivery of content via HTTPS to another trusted entity.

This document specifies the CDNI Metadata interface for establishing HTTPS delegation through the use of delegated credentials, as defined in [RFC9345], between an upstream CDN (uCDN) and a downstream CDN (dCDN).
"

101   in [RFC8008].  The FCI.Metadata object allows a dCDN to advertise its
102   capabilities and the Metadata interface (MI) objects supported by the
103   dCDN.  Accordingly, to announce the support for delegated
104   credentials, the dCDN should announce the support of
105   MI.DelegatedCredentials as shown in the example below.

[minor]
From a readability perspective, what about the following alternate textblob:

"
The FCI.Metadata object enables a dCDN to communicate its capabilities and the Metadata Interface (MI) objects it supports. To indicate support for delegated credentials, the dCDN should announce the support for MI.DelegatedCredentials, as illustrated in the example below.
"

124   This document also defines an object that announces to the delegating
125   entity how many delegated credentials the downstream supports such
126   that the delegating entity can provide the corresponding number of
127   delegated credentials.  For that purpose we introduce the FCI object
128   FCI.DelegationCredentials.

[minor]
From a readability perspective, what about the following alternate textblob:

"
This document also defines an object that informs the delegating entity of the number of delegated credentials supported by the downstream entity, enabling the delegating entity to supply the appropriate number of delegated credentials. To this end, the FCI object, FCI.DelegationCredentials, is introduced.
"

Kind Regards,
G/
2024-07-22
09 Gunter Van de Velde [Ballot Position Update] New position, No Objection, has been recorded for Gunter Van de Velde
2024-07-22
09 Jim Guichard [Ballot Position Update] New position, No Objection, has been recorded for Jim Guichard
2024-07-09
09 Éric Vyncke
[Ballot comment]
Thanks for the work done in this document.

I have only one non-blocking COMMENT

## Section 3.2

The 2nd paragraph has a mix …
[Ballot comment]
Thanks for the work done in this document.

I have only one non-blocking COMMENT

## Section 3.2

The 2nd paragraph has a mix of `may` and BCP14 `MAY`. Is it on purpose ?
2024-07-09
09 Éric Vyncke [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke
2024-07-07
09 Erik Kline [Ballot Position Update] New position, No Objection, has been recorded for Erik Kline
2024-07-03
09 Jouni Korhonen Request for Last Call review by OPSDIR Completed: Has Nits. Reviewer: Jouni Korhonen. Sent review to list.
2024-07-01
09 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2024-07-01
09 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-09.txt
2024-07-01
09 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-07-01
09 Christoph Neumann Uploaded new revision
2024-06-26
08 Jenny Bui Placed on agenda for telechat - 2024-08-08
2024-06-26
08 Mallory Knodel Request for Last Call review by GENART Completed: Ready. Reviewer: Mallory Knodel. Sent review to list.
2024-06-26
08 Francesca Palombini Ballot has been issued
2024-06-26
08 Francesca Palombini [Ballot Position Update] New position, Yes, has been recorded for Francesca Palombini
2024-06-26
08 Francesca Palombini Created "Approve" ballot
2024-06-26
08 Francesca Palombini IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead
2024-06-25
08 (System) IESG state changed to Waiting for AD Go-Ahead from In Last Call
2024-06-24
08 (System) IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed
2024-06-24
08 David Dong
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

IANA has completed its review of draft-ietf-cdni-https-delegation-subcerts-08. If any part of this review is inaccurate, please let us know.

IANA …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

IANA has completed its review of draft-ietf-cdni-https-delegation-subcerts-08. If any part of this review is inaccurate, please let us know.

IANA understands that, upon approval of this document, there is a single action which we must complete.

In the CDNI Payload Types registry in the Content Delivery Network Interconnection (CDNI) Parameters registry group located at:

https://www.iana.org/assignments/cdni-parameters/

two new registrations will be made as follows:

Payload Type: MI.DelegatedCredentials
Reference: [ RFC-to-be ]

Payload Type: FCI.DelegatedCredentials
Reference: [ RFC-to-be ]

As this document requests registrations in an Expert Review or Specification Required (see RFC 8126) registry, we have completed the required Expert Review via a separate request.

We understand that this is the only action required to be completed upon approval of this document.

NOTE: The action requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the action that will be performed.

For definitions of IANA review states, please see:

https://datatracker.ietf.org/help/state/draft/iana-review

Thank you,

David Dong
IANA Services Sr. Specialist
2024-06-22
08 Carlos Pignataro Request for Last Call review by OPSDIR is assigned to Jouni Korhonen
2024-06-13
08 David Dong IANA Experts State changed to Expert Reviews OK
2024-06-12
08 Jean Mahoney Request for Last Call review by GENART is assigned to Mallory Knodel
2024-06-11
08 Barry Leiba Request for Last Call review by ARTART is assigned to Cullen Jennings
2024-06-11
08 Jenny Bui IANA Review state changed to IANA - Review Needed
2024-06-11
08 Jenny Bui
The following Last Call announcement was sent out (ends 2024-06-25):

From: The IESG
To: IETF-Announce
CC: cdni-chairs@ietf.org, cdni@ietf.org, draft-ietf-cdni-https-delegation-subcerts@ietf.org, francesca.palombini@ericsson.com, kevin.j.ma.ietf@gmail.com …
The following Last Call announcement was sent out (ends 2024-06-25):

From: The IESG
To: IETF-Announce
CC: cdni-chairs@ietf.org, cdni@ietf.org, draft-ietf-cdni-https-delegation-subcerts@ietf.org, francesca.palombini@ericsson.com, kevin.j.ma.ietf@gmail.com
Reply-To: last-call@ietf.org
Sender:
Subject: Last Call:  (CDNI Metadata for Delegated Credentials) to Proposed Standard


The IESG has received a request from the Content Delivery Networks
Interconnection WG (cdni) to consider the following document: - 'CDNI
Metadata for Delegated Credentials'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2024-06-25. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


  The delivery of content over HTTPS involving multiple CDNs raises
  credential management issues.  This document defines metadata in the
  CDNI Control and Metadata interface to setup HTTPS delegation using
  delegated credentials from an Upstream CDN (uCDN) to a Downstream CDN
  (dCDN).




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-cdni-https-delegation-subcerts/



No IPR declarations have been submitted directly on this I-D.


The document contains these normative downward references.
See RFC 3967 for additional information:
    rfc7337: Content Distribution Network Interconnection (CDNI) Requirements (Informational - Internet Engineering Task Force (IETF))



2024-06-11
08 Jenny Bui IESG state changed to In Last Call from Last Call Requested
2024-06-11
08 Francesca Palombini Last call was requested
2024-06-11
08 Francesca Palombini Last call announcement was generated
2024-06-11
08 Francesca Palombini Ballot approval text was generated
2024-06-11
08 Francesca Palombini IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2024-06-11
08 (System) Changed action holders to Francesca Palombini (IESG state changed)
2024-06-11
08 (System) Sub state has been changed to AD Followup from Revised I-D Needed
2024-06-11
08 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-08.txt
2024-06-11
08 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-06-11
08 Christoph Neumann Uploaded new revision
2024-05-21
07 Francesca Palombini Ad review submitted: https://mailarchive.ietf.org/arch/msg/cdni/YoIgbuG0A4IGIoMPSs2y_TluJXY/
2024-05-21
07 (System) Changed action holders to Francesca Palombini, Frédéric Fieau, Emile Stephan, Guillaume Bichot, Christoph Neumann (IESG state changed)
2024-05-21
07 Francesca Palombini IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested
2024-05-21
07 Francesca Palombini Ballot writeup was changed
2024-05-18
07 Kevin Ma
Document Shepherd: Kevin J. Ma

Responsible AD: Francesca Palombini

This draft defines/registers a CDNI Metadata object to enable credential delegation between an upstream and a …
Document Shepherd: Kevin J. Ma

Responsible AD: Francesca Palombini

This draft defines/registers a CDNI Metadata object to enable credential delegation between an upstream and a downstream CDN. The CDNI Metadata Interface (RFC8006) and Footprint and Capabilities Interface (RFC8008) were designed to be extensible and registries are defined for new metadata and capabilities objects to which the DelegatedCredentials objects are being added.

The content of draft-cdni-https-delegation-subcerts has broad concensus within the WG.  The content was originally part of the HTTP delegation draft that was split into two separate drafts, the other having been recently published as RFC9538.  The original draft was created seven years ago, but had to wait for the underlying protocols (i.e., RFC9345 and RFC9115) to solidify.  The draft was split to decouple those waiting periods.

There were no major controversies.  CDNI is not chartered to create security protocols, its only goal is to communicate the necessary metadata between CDNs to enable existing security protocols to work properly across CDNs.  Much of the discussion was around making sure that the draft is only using the constructs provided by RFC9345 and not creating any additional interfaces or security constructs.  Special attention was paid to the security section, to clarify proper usage of the metadata.

The one major concern was the inclusion of support for an in-band private key.  The chairs requested an early SECDIR review for the private key issue.  Mike Ounsworth provided valuable (and much appreciated) feedback on protecting the private key.  Though use of the private key is NOT RECOMMENDED, for those that choose to use it, JWE encapsulation is now required, to keep it secure.

Having reviewed the document, I feel it is clear, complete, correct, and ready for AD handoff.  There are no idnits, downrefs, or pending normative references.

The draft is being submitted as a proposed standard as it extends the capabilities of proposed standard RFC8006 and RFC8008.

The authors have confirmed that there is no undisclosed IPR to their knowledge.  Though authors do have implementations for RFC9345, they have not yet implemented this draft.

The normative references are all freely available and normative.  There are no downrefs or unpublished RFC references.

Publication of this draft does not change the status of any other RFCs.

The draft does not create any new IANA registries but does register a new CDNI payload type.  I am one of the designated experts for the registry and I have reviewed the draft, json object definition, and IANA registration request.  I have no major concerns, but I have requested additional JSON examples (using the optional fields) for clarity and completeness.
2024-05-18
07 Kevin Ma IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up
2024-05-18
07 Kevin Ma IESG state changed to Publication Requested from I-D Exists
2024-05-18
07 (System) Changed action holders to Francesca Palombini (IESG state changed)
2024-05-18
07 Kevin Ma Responsible AD changed to Francesca Palombini
2024-05-18
07 Kevin Ma Document is now in IESG state Publication Requested
2024-05-18
07 Kevin Ma
Document Shepherd: Kevin J. Ma

Responsible AD: Francesca Palombini

This draft defines/registers a CDNI Metadata object to enable credential delegation between an upstream and a …
Document Shepherd: Kevin J. Ma

Responsible AD: Francesca Palombini

This draft defines/registers a CDNI Metadata object to enable credential delegation between an upstream and a downstream CDN. The CDNI Metadata Interface (RFC8006) and Footprint and Capabilities Interface (RFC8008) were designed to be extensible and registries are defined for new metadata and capabilities objects to which the DelegatedCredentials objects are being added.

The content of draft-cdni-https-delegation-subcerts has broad concensus within the WG.  The content was originally part of the HTTP delegation draft that was split into two separate drafts, the other having been recently published as RFC9538.  The original draft was created seven years ago, but had to wait for the underlying protocols (i.e., RFC9345 and RFC9115) to solidify.  The draft was split to decouple those waiting periods.

There were no major controversies.  CDNI is not chartered to create security protocols, its only goal is to communicate the necessary metadata between CDNs to enable existing security protocols to work properly across CDNs.  Much of the discussion was around making sure that the draft is only using the constructs provided by RFC9345 and not creating any additional interfaces or security constructs.  Special attention was paid to the security section, to clarify proper usage of the metadata.

The one major concern was the inclusion of support for an in-band private key.  The chairs requested an early SECDIR review for the private key issue.  Mike Ounsworth provided valuable (and much appreciated) feedback on protecting the private key.  Though use of the private key is NOT RECOMMENDED, for those that choose to use it, JWE encapsulation is now required, to keep it secure.

Having reviewed the document, I feel it is clear, complete, correct, and ready for AD handoff.  There are no idnits, downrefs, or pending normative references.

The draft is being submitted as a proposed standard as it extends the capabilities of proposed standard RFC8006 and RFC8008.

The authors have confirmed that there is no undisclosed IPR to their knowledge.  Though authors do have implementations for RFC9345, they have not yet implemented this draft.

The normative references are all freely available and normative.  There are no downrefs or unpublished RFC references.

Publication of this draft does not change the status of any other RFCs.

The draft does not create any new IANA registries but does register a new CDNI payload type.  I am one of the designated experts for the registry and I have reviewed the draft, json object definition, and IANA registration request.  I have no major concerns, but I have requested additional JSON examples (using the optional fields) for clarity and completeness.
2024-05-06
07 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-07.txt
2024-05-06
07 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-05-06
07 Christoph Neumann Uploaded new revision
2024-04-07
06 Kevin Ma IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call
2024-03-10
06 Kevin Ma Changed consensus to Yes from Unknown
2024-03-10
06 Kevin Ma Intended Status changed to Proposed Standard from None
2024-03-10
06 Kevin Ma Notification list changed to kevin.j.ma.ietf@gmail.com because the document shepherd was set
2024-03-10
06 Kevin Ma Document shepherd changed to Kevin J. Ma
2024-03-10
06 Kevin Ma IETF WG state changed to In WG Last Call from WG Document
2024-03-01
06 Mike Ounsworth Request for Early review by SECDIR Completed: Ready. Reviewer: Mike Ounsworth. Review has been revised by Mike Ounsworth.
2024-02-19
06 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-06.txt
2024-02-19
06 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2024-02-19
06 Christoph Neumann Uploaded new revision
2024-01-02
05 Mike Ounsworth Request for Early review by SECDIR Completed: Has Nits. Reviewer: Mike Ounsworth. Review has been revised by Mike Ounsworth.
2023-10-05
05 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-05.txt
2023-10-05
05 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2023-10-05
05 Christoph Neumann Uploaded new revision
2023-09-06
04 Mike Ounsworth Request for Early review by SECDIR Completed: Not Ready. Reviewer: Mike Ounsworth. Sent review to list. Submission of review completed at an earlier date.
2023-09-06
04 Mike Ounsworth Request for Early review by SECDIR Completed: Not Ready. Reviewer: Mike Ounsworth.
2023-08-26
04 Tero Kivinen Request for Early review by SECDIR is assigned to Mike Ounsworth
2023-08-19
04 Kevin Ma Requested Early review by SECDIR
2023-08-17
04 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-04.txt
2023-08-17
04 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2023-08-17
04 Christoph Neumann Uploaded new revision
2023-05-04
03 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-03.txt
2023-05-04
03 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2023-05-04
03 Christoph Neumann Uploaded new revision
2023-03-24
02 Sanjay Mishra Added to session: IETF-116: cdni  Mon-0400
2023-03-07
02 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-02.txt
2023-03-07
02 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2023-03-07
02 Christoph Neumann Uploaded new revision
2022-12-07
01 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-01.txt
2022-12-07
01 Christoph Neumann New version accepted (logged-in submitter: Christoph Neumann)
2022-12-07
01 Christoph Neumann Uploaded new revision
2022-07-09
00 Kevin Ma This document now replaces draft-cdni-https-delegation-subcerts instead of None
2022-07-09
00 Christoph Neumann New version available: draft-ietf-cdni-https-delegation-subcerts-00.txt
2022-07-09
00 Kevin Ma WG -00 approved
2022-07-08
00 Christoph Neumann Set submitter to "Christoph Neumann ", replaces to draft-cdni-https-delegation-subcerts and sent approval email to group chairs: cdni-chairs@ietf.org
2022-07-08
00 Christoph Neumann Uploaded new revision