Skip to main content

Last Call Review of draft-ietf-opsawg-hmac-sha-2-usm-snmp-new-01

Request Review of draft-ietf-opsawg-hmac-sha-2-usm-snmp-new
Requested revision No specific revision (document currently at 05)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2016-01-18
Requested 2016-01-07
Authors Johannes Merkle , Manfred Lochter
I-D last updated 2016-01-25
Completed reviews Genart Last Call review of -01 by Dan Romascanu (diff)
Genart Telechat review of -04 by Dan Romascanu (diff)
Secdir Last Call review of -01 by Donald E. Eastlake 3rd (diff)
Opsdir Last Call review of -01 by Will (Shucheng) LIU (diff)
Assignment Reviewer Will (Shucheng) LIU
State Completed
Request Last Call review on draft-ietf-opsawg-hmac-sha-2-usm-snmp-new by Ops Directorate Assigned
Reviewed revision 01 (document currently at 05)
Result Has nits
Completed 2016-01-25

Hi all,

I have reviewed draft-ietf-opsawg-hmac-sha-2-usm-snmp-new-01 as part of the
Operational directorate's ongoing effort to review all IETF documents being
processed by the IESG.  These comments were written with the intent
 of improving the operational aspects of the IETF drafts. Comments that are not
 addressed in last call may be included in AD reviews during the IESG review. 
 Document editors and WG chairs should treat these comments just like any other
 last call comments.

“This memo specifies new HMAC-SHA-2 authentication protocols for the 
User-based Security Model (USM) for SNMPv3 defined in RFC 3414.”

My overall view of the document is 'Ready with nits' for publication.

** Technical **

Have you considered deprecating the use of HMAC-MD5-96 and HMAC-SHA-96
specified in RFC 3414?

** Editorial **

* Section 2, page 3:

> This memo specifies a MIB

>    module that is compliant to the SMIv2, which is described in STD 58,

>    RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580

>    [RFC2580].

This sentence should be rewritten like:

     This memo specifies a MIB module that is compliant to the SMIv2,

     which is described in STD 58, [RFC2578], [RFC2579] [RFC2580].

Note: STD58 is repeated multiple times (the author may consider to refer to it
by RFC number, rather than by STD number?). In addition, you don't need to
include the RFC number in "prose" and then add the reference
 (just add the reference) since the reference conveys both. Just IMHO.

* Section 4.2.1, page 5:

> RFC 3417 [RFC3417]

As noted before, just use the reference. And apply this change to other
instances of this.


Will (Shucheng LIU)