Telechat Review of draft-ietf-pkix-rfc5280-clarifications-10
review-ietf-pkix-rfc5280-clarifications-10-genart-telechat-gurbani-2012-10-16-00

Request Review of draft-ietf-pkix-rfc5280-clarifications
Requested rev. no specific revision (document currently at 11)
Type Telechat Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2012-10-23
Requested 2012-10-15
Authors Peter Yee
Draft last updated 2012-10-16
Completed reviews Genart Last Call review of -?? by Vijay Gurbani
Genart Telechat review of -10 by Vijay Gurbani (diff)
Secdir Last Call review of -?? by Alexey Melnikov
Assignment Reviewer Vijay Gurbani 
State Completed
Review review-ietf-pkix-rfc5280-clarifications-10-genart-telechat-gurbani-2012-10-16
Reviewed rev. 10 (document currently at 11)
Review result Ready with Nits
Review completed: 2012-10-16

Review
review-ietf-pkix-rfc5280-clarifications-10-genart-telechat-gurbani-2012-10-16

I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at
<

http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Please resolve these comments along with any other Last Call comments
you may receive.

Document: draft-ietf-pkix-rfc5280-clarifications-10
Reviewer: Vijay K. Gurbani
Review Date: Oct-16-2012
IETF LC End Date: Not known
IESG Telechat date: Oct-25-2012

This document is ready as a Proposed Standard.

Major: 0
Minor: 0
Nits: 2

Nits:

- S1: The fourth paragraph should be put right underneath the second
 paragraph since the former continues discussion started by the latter.

- S1: Last paragraph --- it will be good to provide some documentation
 regarding the "observed attacks".  Especially a link to relevant papers
 of archival quality discussing the attacks will be helpful.  If the
 attacks are related to the Diginotar and Comodo break-ins, then there
 is an archival paper [1] at a reasonably high level from IEEE that
 discusses this and provides a starting point for those who want to
 learn more.

[1] Neal Leavitt, "Internet security under attack: The undermining of
 digital certificates," pp. 17-20, IEEE Computer, December 2011.

Thanks,

- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg at {bell-labs.com,acm.org} / vijay.gurbani at alcatel-lucent.com
Web:   

http://ect.bell-labs.com/who/vkg/