Skip to main content

Last Call Review of draft-ietf-csi-send-name-type-registry-
review-ietf-csi-send-name-type-registry-secdir-lc-cain-2010-05-11-00

Request Review of draft-ietf-csi-send-name-type-registry
Requested revision No specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-05-18
Requested 2010-05-03
Authors Roque Gagliano , Ana Kukec , Suresh Krishnan
Draft last updated 2010-05-11
Completed reviews Secdir Last Call review of -?? by Patrick Cain
Assignment Reviewer Patrick Cain
State Completed
Review review-ietf-csi-send-name-type-registry-secdir-lc-cain-2010-05-11
Completed 2010-05-11
review-ietf-csi-send-name-type-registry-secdir-lc-cain-2010-05-11-00
Hi,

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

About this document:

SEcure Neighbor Discovery (SEND) defines the Name Type field in the
   Trust Anchor option.  This document request to IANA the creation and
   management of a registry for this field.  This document also
   specifies a new Name Type field based on a certificate Subject Key
   Identifier (SKI).

My comments:

The document has no major technical shortcomings that I could find.

I do note that the new registry value defined in this document relies on
SHA-1 (160).
This may be a good time to save a few RFC numbers and define a value for the
impending other SHA values, like SHA-2, although I'm not so sure they exist
in x.509
certificates yet.

Pat