Last Call Review of draft-ietf-lamps-rfc6844bis-06
review-ietf-lamps-rfc6844bis-06-genart-lc-yee-2019-05-15-00

Request Review of draft-ietf-lamps-rfc6844bis
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2019-05-08
Requested 2019-04-24
Draft last updated 2019-05-15
Completed reviews Genart Last Call review of -06 by Peter Yee (diff)
Secdir Last Call review of -06 by Stefan Santesson (diff)
Opsdir Telechat review of -06 by Qin Wu (diff)
Assignment Reviewer Peter Yee
State Completed
Review review-ietf-lamps-rfc6844bis-06-genart-lc-yee-2019-05-15
Posted at https://mailarchive.ietf.org/arch/msg/gen-art/BKK6BbfZtMEw09xEDRH2hIWeKlw
Reviewed rev. 06 (document currently at 07)
Review result Ready with Issues
Review completed: 2019-05-15

Review
review-ietf-lamps-rfc6844bis-06-genart-lc-yee-2019-05-15

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-lamps-rfc6844bis-06
Reviewer: Peter Yee
Review Date: 2019-05-15
IETF LC End Date: 2019-05-08
IESG Telechat date: Not scheduled for a telechat

Summary: Ready with Issues.  This draft is an update to RFC 6844 dealing with the CAA RR used to notify CAs as to which CA(s) are allowed to issue certificates for a particular domain.  The issues and nits I note are rather minor.  Apologies for the lateness of this review.

Major issues:

Minor issues:

Page 10, 2nd paragraph: the appearance of "sub.wild.example.com" presupposes that there was no other RRset that matched sub.wild.example.com (or a "deeper" domain name) already.  That assumption should be noted in this paragraph.

Page 13, section 5.6: a little context should be given here.  This abuse is only plausible if the domain owner is being given the RRset data by the CA rather than generating that data itself.

Nits/editorial comments:

Page 5, 1st partial paragraph: change "with" to "within".

Page 5, 1st full paragraph: regarding the reference to Section 4, shouldn't this actually be Section 3?

Page 8, definition of "Value", 2nd sentence: delete redundant "the".

Page 15, 1st partial paragraph, 1st partial sentence: change "use" to "used".

Page 15, section 7, 2nd paragraph: is there a reference available for the term "WebPKI"?

Page 15, section 7, 3rd paragraph, 1st sentence: insert "the" before "issue".