Last Call Review of draft-ietf-lamps-rfc6844bis-06
review-ietf-lamps-rfc6844bis-06-secdir-lc-santesson-2019-05-29-00

Request Review of draft-ietf-lamps-rfc6844bis
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2019-05-08
Requested 2019-04-24
Draft last updated 2019-05-29
Completed reviews Genart Last Call review of -06 by Peter Yee (diff)
Secdir Last Call review of -06 by Stefan Santesson (diff)
Opsdir Telechat review of -06 by Qin Wu (diff)
Assignment Reviewer Stefan Santesson
State Completed
Review review-ietf-lamps-rfc6844bis-06-secdir-lc-santesson-2019-05-29
Posted at https://mailarchive.ietf.org/arch/msg/secdir/yaK6za7pztDjnztZfeAkOYiGBp8
Reviewed rev. 06 (document currently at 07)
Review result Ready
Review completed: 2019-05-29

Review
review-ietf-lamps-rfc6844bis-06-secdir-lc-santesson-2019-05-29

This document is well written and in general I do not have any comment on the content beyond the previous reviews.

One thing do come to my mind though.
A common aspect of standards documents is that they only are relevant to those who declare compliance to the standard.
This document is different as it relies on that all parties (CA:s) are aware of this standard and performs the stipulated checks.

In the end I assume that this may affect relying parties and how they determine wether a particular certificate is valid, even if that is not the intention of this standard.
I sort of miss a discussion on this in the security considerations section.

But that is nothing that should prevent this document from being accepted.