Last Call Review of draft-gont-numeric-ids-sec-considerations-09
review-gont-numeric-ids-sec-considerations-09-tsvart-lc-tuexen-2023-01-09-00
| Request | Review of | draft-gont-numeric-ids-sec-considerations |
|---|---|---|
| Requested revision | No specific revision (document currently at 11) | |
| Type | Last Call Review | |
| Team | Transport Area Review Team (tsvart) | |
| Deadline | 2023-01-09 | |
| Requested | 2022-12-12 | |
| Authors | Fernando Gont , Ivan Arce | |
| I-D last updated | 2023-01-09 | |
| Completed reviews |
Tsvart Last Call review of -06
by Dr. Bernard D. Aboba
(diff)
Genart Last Call review of -06 by Gyan Mishra (diff) Secdir Last Call review of -06 by Charlie Kaufman (diff) Dnsdir Last Call review of -10 by Nicolai Leymann (diff) Tsvart Last Call review of -09 by Michael Tüxen (diff) |
|
| Assignment | Reviewer | Michael Tüxen |
| State | Completed | |
| Request | Last Call review on draft-gont-numeric-ids-sec-considerations by Transport Area Review Team Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/tsv-art/GUeNtA83iwHBgxXb2Jg7-vPPzNU | |
| Reviewed revision | 09 (document currently at 11) | |
| Result | Ready w/nits | |
| Completed | 2023-01-09 |
review-gont-numeric-ids-sec-considerations-09-tsvart-lc-tuexen-2023-01-09-00
This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC tsv-art@ietf.org if you reply to or forward this review. I have one point which is more than a nit, but not really an issue: For some transport protocols transient numeric identifiers are covered by encryption (like in the QUIC case), sometimes they are not (like in the TCP case), sometimes it depends on the lower layer (like in the SCTP/IP versus SCTP/DTLS/UDP case). The introduction discusses that just encrypting the transient numeric identifiers does not solve all issues. Readers might focus on Section 5 and do not read the whole document. Therefore, it would be good, if Section 5 would also mention, that considerations for transient numeric identifiers have to be made even in the case where the transient numeric identifiers are protected by encryption.