Skip to main content

Last Call Review of draft-ietf-ace-dtls-authorize-12
review-ietf-ace-dtls-authorize-12-opsdir-lc-jaeggli-2020-07-28-00

Request Review of draft-ietf-ace-dtls-authorize
Requested revision No specific revision (document currently at 18)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2020-07-20
Requested 2020-07-06
Authors Stefanie Gerdes , Olaf Bergmann , Carsten Bormann , Göran Selander , Ludwig Seitz
Draft last updated 2020-07-28
Completed reviews Genart Last Call review of -12 by Paul Kyzivat (diff)
Secdir Last Call review of -14 by Russ Mundy (diff)
Opsdir Last Call review of -12 by Joel Jaeggli (diff)
Secdir Telechat review of -16 by Russ Mundy (diff)
Genart Telechat review of -16 by Paul Kyzivat (diff)
Assignment Reviewer Joel Jaeggli
State Completed
Review review-ietf-ace-dtls-authorize-12-opsdir-lc-jaeggli-2020-07-28
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/DNgfkGAas8RHKyCr2rnPJrIPumc
Reviewed revision 12 (document currently at 18)
Result Ready
Completed 2020-07-28
review-ietf-ace-dtls-authorize-12-opsdir-lc-jaeggli-2020-07-28-00
Greetings,

I have reviewed  draft-ietf-ace-dtls-authorize for operational considerations
related to constrained authentication and authorization.

While fall back to proxies becomes a bottleneck for passing security
information to devices. The apprach described here appears to be comprehensive
and probably the best that is achievable under the circumstances. the
recognition of the limitations of some of the weaker cipher suites employed
seem both well understood and adequately mitigated when used, they are still
weaker then some of the alternatives that are enumerated where possible but
seem adequate.