Last Call Review of draft-ietf-opsawg-9092-update-09
review-ietf-opsawg-9092-update-09-secdir-lc-hollebeek-2024-01-26-00
Request | Review of | draft-ietf-opsawg-9092-update |
---|---|---|
Requested revision | No specific revision (document currently at 11) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2023-11-06 | |
Requested | 2023-10-23 | |
Requested by | Joe Clarke | |
Authors | Randy Bush , Massimo Candela , Warren "Ace" Kumari , Russ Housley | |
I-D last updated | 2024-01-26 | |
Completed reviews |
Genart Last Call review of -09
by Christer Holmberg
(diff)
Intdir Last Call review of -06 by Sheng Jiang (diff) Opsdir Last Call review of -06 by Bo Wu (diff) Secdir Last Call review of -09 by Tim Hollebeek (diff) Artart Last Call review of -09 by Spencer Dawkins (diff) |
|
Assignment | Reviewer | Tim Hollebeek |
State | Completed | |
Request | Last Call review on draft-ietf-opsawg-9092-update by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/SsO_q2K_NaQaNwb6oBuuk6KkGhk | |
Reviewed revision | 09 (document currently at 11) | |
Result | Has nits | |
Completed | 2024-01-26 |
review-ietf-opsawg-9092-update-09-secdir-lc-hollebeek-2024-01-26-00
The document is extremely well written ... I didn't find too much to comment on, despite looking pretty closely at the key management and signing aspects. I just have two nits: (1) The following paragraph appears twice in the document (looks like just a copy/paste error when moving stuff around): "Identifying the private key associated with the certificate and getting the department that controls the private key (which might be stored in a Hardware Security Module (HSM)) to generate the CMS signature is left as an exercise for the implementor. On the other hand, verifying the signature has no similar complexity; the certificate, which is validated in the public RPKI, contains the needed public key." (2) Section 6, paragraph 5: is this intended to be a RFC 2119 "MAY"? If so, capitalize. If not, avoid the word.