Skip to main content

Last Call Review of draft-ietf-lamps-cmp-updates-18
review-ietf-lamps-cmp-updates-18-opsdir-lc-bhandari-2022-05-13-00

Request Review of draft-ietf-lamps-cmp-updates
Requested revision No specific revision (document currently at 23)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2022-05-11
Requested 2022-04-27
Authors Hendrik Brockhaus , David von Oheimb , John Gray
I-D last updated 2022-05-13
Completed reviews Genart Last Call review of -18 by Linda Dunbar (diff)
Opsdir Last Call review of -18 by Shwetha Bhandari (diff)
Assignment Reviewer Shwetha Bhandari
State Completed
Request Last Call review on draft-ietf-lamps-cmp-updates by Ops Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/1gBn8IFs4UuGSlICJ5GvadXRrSE
Reviewed revision 18 (document currently at 23)
Result Has nits
Completed 2022-05-13
review-ietf-lamps-cmp-updates-18-opsdir-lc-bhandari-2022-05-13-00
I have reviewed this document as part of the Operational directorate's
ongoing effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving the operational aspects of
the IETF drafts. Comments that are not addressed in last call may be included
in AD reviews during the IESG review.  Document editors and WG chairs should
treat these comments just like any other last call comments.

Summary:
This document updates Certificate Management Protocol (CMP) described in RFC
4210, RFC 5912, RFC 6712. It defines the syntax of the Certificate Management
Protocol(CMP) version 3. There is no change in operations or manageability
functions of the CMP in this update. Hence the changes look mostly fine from
the ops-dir review. A few questions:

1) Overall it is quite confusing on how these updates will be published - will
there be bis for each RFC4210, RFC5912 and RFC6712?

2) The sections that update RFC6712 - There seems to be circular dependency
between this draft and draft-ietf-lamps-lightweight-cmp-profile. Assuming the
RFC6712 updates will be published as RFC6712 bis, Section 3.6.  HTTP
Request-URI: "  Further path segments, e.g., as specified in the Lightweight CMP
   Profile [I-D.ietf-lamps-lightweight-cmp-profile], could indicate PKI
   management operations using an operationLabel <operation>.  A valid
   full CMP URI can look like this:..."
This text is redundant and confusing as the operationLabel <operation> is only
defined in draft-ietf-lamps-lightweight-cmp-profile. Why should it be
referenced in 6712 bis? 6712 bis with the text changes proposed in this draft
does not restrict extension of the URI path.

3) General question on CMP server operations and management - is there a
document that covers data model, APIs to configure and collect operational
statistics of a CMP server? I could not find one. IF there is one, how will
these updates impact that.