Last Call Review of draft-ietf-acme-authority-token-07
review-ietf-acme-authority-token-07-secdir-lc-nystrom-2021-11-18-00

Request Review of draft-ietf-acme-authority-token
Requested revision No specific revision (document currently at 09)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2021-11-16
Requested 2021-10-26
Authors Jon Peterson , Mary Barnes , David Hancock , Chris Wendt
I-D last updated 2021-11-18
Completed reviews Opsdir Last Call review of -07 by Ron Bonica (diff)
Secdir Last Call review of -07 by Magnus Nyström (diff)
Genart Last Call review of -07 by Linda Dunbar (diff)
Assignment Reviewer Magnus Nyström
State Completed
Request Last Call review on draft-ietf-acme-authority-token by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/oj24ozlByi7hHzTyCi7HwWrGxRE
Reviewed revision 07 (document currently at 09)
Result Has issues
Completed 2021-11-15
review-ietf-acme-authority-token-07-secdir-lc-nystrom-2021-11-18-00
 I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other comments.

This document describes use of "authority tokens" in the context of ACME,
their purpose, use and format.

The document is straightforward and the Security Considerations section
seems adequate.Generally, iIt may help readers to include a summary of all
the options and any recommended values. for the tokens, e.g. lifetime of
issued tokens. For the Security Considerations section, shouldn't mandated
supported algorithms and key sizes be specified?

Editorial: The document is in need of a grammar / wording polish but I
expect the rfc-editors to handle this.For example, "defines a the" in the
Introduction section, and "in the way" in Section 5.1.

Thanks,
-- Magnus




-- 
-- Magnus