Last Call Review of draft-ietf-cdni-https-delegation-subcerts-08
review-ietf-cdni-https-delegation-subcerts-08-genart-lc-knodel-2024-06-26-00
| Request | Review of | draft-ietf-cdni-https-delegation-subcerts |
|---|---|---|
| Requested revision | No specific revision (document currently at 12) | |
| Type | Last Call Review | |
| Team | General Area Review Team (Gen-ART) (genart) | |
| Deadline | 2024-06-25 | |
| Requested | 2024-06-11 | |
| Authors | Frédéric Fieau , Emile Stephan , Guillaume Bichot , Christoph Neumann | |
| I-D last updated | 2024-06-26 | |
| Completed reviews |
Genart Last Call review of -08
by Mallory Knodel
(diff)
Secdir Early review of -06 by Mike Ounsworth (diff) Opsdir Last Call review of -09 by Jouni Korhonen (diff) |
|
| Assignment | Reviewer | Mallory Knodel |
| State | Completed | |
| Request | Last Call review on draft-ietf-cdni-https-delegation-subcerts by General Area Review Team (Gen-ART) Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/gen-art/8NHQpGNZaOCztcGxIAMFXUa4Uic | |
| Reviewed revision | 08 (document currently at 12) | |
| Result | Ready | |
| Completed | 2024-06-26 |
review-ietf-cdni-https-delegation-subcerts-08-genart-lc-knodel-2024-06-26-00
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://wiki.ietf.org/en/group/gen/GenArtFAQ>. Document: draft-ietf-cdni-https-delegation-subcerts-?? Reviewer: Mallory Knodel Review Date: 2024-06-25 IETF LC End Date: 2024-06-25 IESG Telechat date: Not scheduled for a telechat Summary: I found no major issues with the draft as it's written. Its specifications are concise and clear. I have only suggested adding one sentence to the privacy considerations section as a minor issue. Major issues: None Minor issues: The privacy considerations section might include the following sentence, to parallel the security considerations section and present a reasonable risk to implementers of this specification, "A single or systematic retrieval of delegated credentials and associated private keys would allow the attacker to decrypt any data sent by the end user intended for the end service, which may include PII." Nits/editorial comments: None.