Last Call Review of draft-ietf-dnssd-update-lease-07
review-ietf-dnssd-update-lease-07-secdir-lc-sahib-2023-06-13-00
Request | Review of | draft-ietf-dnssd-update-lease |
---|---|---|
Requested revision | No specific revision (document currently at 08) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2023-06-13 | |
Requested | 2023-05-30 | |
Authors | Stuart Cheshire , Ted Lemon | |
I-D last updated | 2023-06-13 | |
Completed reviews |
Dnsdir Last Call review of -07
by David C Lawrence
(diff)
Secdir Last Call review of -07 by Shivan Kaul Sahib (diff) Genart Last Call review of -07 by Dale R. Worley (diff) Tsvart Last Call review of -07 by Brian Trammell (diff) Dnsdir Telechat review of -08 by David C Lawrence Intdir Telechat review of -08 by Jean-Michel Combes |
|
Assignment | Reviewer | Shivan Kaul Sahib |
State | Completed | |
Request | Last Call review on draft-ietf-dnssd-update-lease by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/RC_NG5TCTrrsd8M5vAXE00W274M | |
Reviewed revision | 07 (document currently at 08) | |
Result | Has nits | |
Completed | 2023-06-13 |
review-ietf-dnssd-update-lease-07-secdir-lc-sahib-2023-06-13-00
A few minor issues for the Security Considerations section: 1. RFC 2119 keywords are used for some but not all bounds mentioned in this section. Is there a reason we don't use SHOULD and RECOMMEND for the maximum acceptable value for the LEASE values? 2. It would be useful for the document to also RECOMMEND a minimum interval between updates. 3. More broadly, ISTM that all the recommended values here (minimum interval between updates, lease renewal min and max) should be moved up into the main content of the document. A too-short lease, for e.g., has implications not just for security but operation in general. 4. Is the "public key signing" a reference to SIG(0) [RFC 2931]? 5. Again, the language is in the last para of the Security Considerations section around auth strategy is not very strong. Perhaps a reference to RFC 3007 would help. 6. "conver" in the last sentence of this section seems like a typo, I'm not sure what this sentence means.