Last Call Review of draft-ietf-hip-dex-11
review-ietf-hip-dex-11-secdir-lc-eastlake-2020-01-23-00

Request Review of draft-ietf-hip-dex
Requested revision No specific revision (document currently at 24)
Type IETF Last Call Review
Team Security Area Directorate (secdir)
Deadline 2019-11-14
Requested 2019-10-31
Authors Robert Moskowitz , Rene Hummen , Miika Komu
I-D last updated 2024-12-18 (Latest revision 2021-01-19)
Completed reviews Genart IETF Last Call review of -06 by Francis Dupont (diff)
Secdir IETF Last Call review of -06 by David Waltermire (diff)
Opsdir IETF Last Call review of -06 by Qin Wu (diff)
Iotdir IETF Last Call review of -11 by Michael Richardson (diff)
Secdir IETF Last Call review of -11 by Donald E. Eastlake 3rd (diff)
Genart IETF Last Call review of -11 by Francis Dupont (diff)
Secdir Telechat review of -20 by Donald E. Eastlake 3rd (diff)
Assignment Reviewer Donald E. Eastlake 3rd
State Completed
Request IETF Last Call review on draft-ietf-hip-dex by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/lLsgqmAoTKwpGa22q__vZ_LBO3U
Reviewed revision 11 (document currently at 24)
Result Has nits
Completed 2020-01-20
review-ietf-hip-dex-11-secdir-lc-eastlake-2020-01-23-00
I have reviewed this document as (a very late) part of the security
directorate's ongoing effort to review all IETF documents being
processed by the IESG.

The summary of the review is Ready with Nits.

Sorry to get this review in so late but, while approved by the IESG,
the draft is still in revised draft needed state so this may do some
good. On the security front, although the draft is pretty complex and
I am not that familiar with HIP, I did not see any significant
security issues that were not already called out in the draft. So I
concentrated on possible editorial issues.

Editorial:

Section 1.1, 3rd paragraph, page 5. Delete "However," a the beginning
of the 2nd sentence. It doesn't make sense.

Section 2.3, Definitions should be in alphabetic order.

Section 2.3: It seems to me that people who are puzzled about what
something means are most likely to be puzzled by the acronym. So I
would put the acronym first, where there is an acronym or acronym-like
term to use, then the expansion in parenthesis or in the body of the
definition. This done for a couple of entries like CMAC and CKDF but
most are the other way.

Section 3 last paragraph and Section 12.10 5th bullet: "to use" -> "use of"

I think OGA  and KEYMAT should be in the Definitions list and KEYMAT,
which I assume just is short for "keying material", should be expanded
on first use in Section 6.3. Alternatively, you could just replace all
occurrences of KEYMAT with "Keying Material".

Section 5.3.2, page 23. The first sentence of the first paragraph
starting on that page has problems. Maybe "chose" should be "choses"
but I'm not sure:
  "The DH_GROUP_LIST parameter contains the Responder's order of
   preference based on which the Responder chose the ECDH key contained
   in the HOST_ID parameter (see below)."

Appendix A, first sentence, "allows to identify" -> "allows identifying"

Appendix B, "IEDG" -> "IESG"

Appendix B, around the middle of page 51, right after the line
beginning with "Section 6," there are three line with a blank line
before and after. I found this confusing at first. I suggest those
three line also be indented.

Appendix B, page 52, "SHOUDS" -> "SHOUDs"

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com