Telechat Review of draft-ietf-lamps-automation-keyusages-06
review-ietf-lamps-automation-keyusages-06-opsdir-telechat-liu-2025-04-02-00
| Request | Review of | draft-ietf-lamps-automation-keyusages |
|---|---|---|
| Requested revision | No specific revision (document currently at 08) | |
| Type | Telechat Review | |
| Team | Ops Directorate (opsdir) | |
| Deadline | 2025-03-24 | |
| Requested | 2025-03-09 | |
| Requested by | Mohamed Boucadair | |
| Authors | Hendrik Brockhaus , Dr. David Goltzsche | |
| I-D last updated | 2025-07-11 (Latest revision 2025-04-09) | |
| Completed reviews |
Secdir IETF Last Call review of -04
by Carl Wallace
(diff)
Genart IETF Last Call review of -04 by Stewart Bryant (diff) Opsdir Telechat review of -06 by Bing Liu (diff) |
|
| Comments |
Please focus on the clarity/lack/need of deployment/deployabilty + management considerations. Thank you. |
|
| Assignment | Reviewer | Bing Liu |
| State | Completed | |
| Request | Telechat review on draft-ietf-lamps-automation-keyusages by Ops Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/ops-dir/_E-jvkGERfnV7q-TI-m4qJylMkU | |
| Reviewed revision | 06 (document currently at 08) | |
| Result | Ready | |
| Completed | 2025-04-02 |
review-ietf-lamps-automation-keyusages-06-opsdir-telechat-liu-2025-04-02-00
Hi Dear author, I'm assigned to review draft-ietf-lamps-automation-keyusages-06. General status: Ready This document is a concrete proposal of defining 4 new KeyPurposeIds of a certificate. The definition and the use case/background are well described, and ready for publish. My only minor comment is regarding to the title, that the usage of the 4 new KeyPurposeIds is summarized as “Automation”. I think 3 of them (id-kp-configSignin, id-kp-trustanchorSigning, id-kp-updateSigning) are pretty general and theoretically could be used in any network systems/nodes. I can understand it’s not easy to summarize the usage. If there is consensus on changing the title, maybe considering simply list the key purposes in the title? (E.g. “X.509 Certificate Extended Key Usage (EKU) for trust anchor configuration files, software and firmware update, and safety-critical communication”); if not, pls ignore this comment. B.R. Bing