Last Call Review of draft-ietf-acme-dtnnodeid-07
review-ietf-acme-dtnnodeid-07-secdir-lc-smyslov-2021-11-29-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments.

The draft specifies an extension to the Automated Certificate Management
Environment (ACME) protocol that allows to automatically issue and manage
certificates for nodes in the Delay-Tolerant Networking (DTN) networks.

Issues.

I was hesitating whether it is a real issue or just the lack of my
understanding of the protocol, but finally decided to mark it as an issue.
Section 5.1 states that CSR MAY contain a mixed set of SAN claims, including
combinations of "ip", "dns", and "bundleEID" claims. However, this document
only defines how ACME server can validate "bundleEID" claim. I think that the
document should at least mention how "dns" and "ip" claims should be validated
(pointing to the appropriate specs).

Nits.

The document uses both MUST and SHALL keywords. Not a problem, but I think
readability of the document would increase if only one of these forms were used.

Section 7.6.
I think that it should be mentioned more explicitly that these channels must
provide mutual authentication of ACME client/server and corresponding BP
agents, and that the channels must protect integrity and authenticity of the
messages, and in some situations (when client account key thumbprint is
transmitted) also their confidentiality. These are standard security services
and I think it's better to use these terms.