Telechat Review of draft-ietf-lamps-rfc6712bis-09
review-ietf-lamps-rfc6712bis-09-secdir-telechat-kaufman-2024-12-12-00

Reviewer: Charlie Kaufman
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

This document describes existing deployments of CMP over HTTP, and I found
nothing objectionable in it from a security standpoint. I found two issues that
others might find objectionable and the authors might consider, so I'll mention
them here:

1) It says that "Implementations MUST support HTTP/1.0 [RFC1945] and SHOULD
support HTTP/1.1 [RFC9112]." That statement will be out of date someday, and
it's not clear what benefit there is to including it.

2) The protocol does not require use of TLS. In fact, the strongest statement
it makes is "might want to consider using HTTP over TLS according to [RFC9110]
or virtual private networks created, for example, by utilizing Internet
Protocol Security according to [RFC4301]." While there is no cryptographically
secret information communicated over CMP, someone impersonating a server could
impose serious delays and perhaps confusion to clients. Further, the names from
certificates being requested might be sensitive in some scenarios. The authors
might want to consider stronger language on this subject.

      —Charlie