Last Call Review of draft-ietf-emu-eaptlscert-06
review-ietf-emu-eaptlscert-06-secdir-lc-santesson-2020-10-29-00
| Request | Review of | draft-ietf-emu-eaptlscert |
|---|---|---|
| Requested revision | No specific revision (document currently at 08) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2020-10-28 | |
| Requested | 2020-10-14 | |
| Authors | Mohit Sethi , John Preuß Mattsson , Sean Turner | |
| I-D last updated | 2020-10-29 | |
| Completed reviews |
Genart Last Call review of -05
by Elwyn B. Davies
(diff)
Secdir Last Call review of -06 by Stefan Santesson (diff) |
|
| Assignment | Reviewer | Stefan Santesson |
| State | Completed | |
| Request | Last Call review on draft-ietf-emu-eaptlscert by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/RORLtuSIIoD9c6XOu4f2jtiLejM | |
| Reviewed revision | 06 (document currently at 08) | |
| Result | Has nits | |
| Completed | 2020-10-29 |
review-ietf-emu-eaptlscert-06-secdir-lc-santesson-2020-10-29-00
The document in general is good and well written. Some nits needs attention before publication as the general review also points out. Ex in the abstract "This document looks at the this problem" Some abbreviations needs to be spelled out at first usage, such as MTU (Maximum Transmission Unit) On the content itself I have two questions: - Wouldn't it be relevant to also discuss the risks with regard to introduction of quantum safe crypto, if that leads to significantly increased key sizes? It could be troublesome if transition to a safer crypto is made impossible due to size limitations. - Would it be relevant to discuss usage of AIA extension as means of possibly excluding intermediary certs from the path as they could be located using AIA? Finally, I agree with the general review that this document reference quite some work in progress. If this document is to be published before these referenced works are concluded, are there alternatives to make the same point?