Skip to main content

Last Call Review of draft-ietf-acme-ari-07
review-ietf-acme-ari-07-genart-lc-hares-2024-12-08-00

Request Review of draft-ietf-acme-ari
Requested revision No specific revision (document currently at 07)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2024-12-06
Requested 2024-11-22
Authors Aaron Gable
I-D last updated 2024-12-08
Completed reviews Tsvart Last Call review of -06 by Michael Tüxen (diff)
Dnsdir Last Call review of -06 by Geoff Huston (diff)
Secdir Last Call review of -06 by Shawn M Emery (diff)
Genart Last Call review of -07 by Susan Hares
Dnsdir Telechat review of -07 by Geoff Huston
Secdir Telechat review of -07 by Shawn M Emery
Assignment Reviewer Susan Hares
State Completed
Request Last Call review on draft-ietf-acme-ari by General Area Review Team (Gen-ART) Assigned
Posted at https://mailarchive.ietf.org/arch/msg/gen-art/u2LfI36U4vd2KHLFim0BWSH3www
Reviewed revision 07
Result Ready w/issues
Completed 2024-12-08
review-ietf-acme-ari-07-genart-lc-hares-2024-12-08-00
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.

Document: draft-ietf-acme-ari-07

Reviewer: Susan Hares
Review Date: 2024-12-08
IETF LC End Date: 2024-12-06
IESG Telechat date: Not scheduled for a telechat


Summary: The document 2 issues and 2 NITs. 
The two issues are mentioned in the security considerations section.
However, these two issues should be reviewed again by Security ADs, or 
by another security review.  I am not a security expert. 
Major issues:

Minor Issues: 
1) What happens in the case of a large clock skew between the ACME Client and servers, and
2) Use of unauthenticated GET Requests. 
 
Nits/editorial comments:
1. Introduction, Paragraph 1, Use of ";", problem: Unclear sentence. 
reason: Grammar 
Old text:/ They may be configured to renew at
   a specific interval (e.g., via cron); they may parse the issued
   certificate to determine its expiration date and renew a specific
   amount of time before then; or they may parse the issued certificate
   and renew when some percentage of its validity period has passed./

What's wrong:  The grammar usage for semi-color is that the phrases 
separated by the ";" are equal restatements of the same information. 
A different form of the list would be a clearer statement. 

2.  Section 6, paragraph 2, 2nd sentence, Unclear sentence  

Text:/ For example, a server might place the suggested renewal
   window wholly in the past to encourage a client to renew immediately;
   but a client with a sufficiently slow clock might see the suggested
   window as still being in the future./ 

Option1: 
New text:/ For example, a server might place the suggested renewal
   window wholly in the past to encourage a client to renew immediately.
   However, a client with a sufficiently slow clock might see the suggested
   window as being in the future./