Last Call Review of draft-ietf-pkix-rfc5280-clarifications-

Request Review of draft-ietf-pkix-rfc5280-clarifications
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2012-10-23
Requested 2012-08-23
Authors Peter Yee
Draft last updated 2012-10-16
Completed reviews Genart Last Call review of -?? by Vijay Gurbani
Genart Telechat review of -10 by Vijay Gurbani (diff)
Secdir Last Call review of -?? by Alexey Melnikov
Assignment Reviewer Vijay Gurbani 
State Completed
Review review-ietf-pkix-rfc5280-clarifications-genart-lc-gurbani-2012-10-16
Review result Ready
Review completed: 2012-10-16


I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at

Please resolve these comments along with any other Last Call comments
you may receive.

Document: draft-ietf-pkix-rfc5280-clarifications-10
Reviewer: Vijay K. Gurbani
Review Date: Oct-16-2012
IETF LC End Date: Not known
IESG Telechat date: Oct-25-2012

This document is ready as a Proposed Standard.

Major: 0
Minor: 0
Nits: 2


- S1: The fourth paragraph should be put right underneath the second
 paragraph since the former continues discussion started by the latter.

- S1: Last paragraph --- it will be good to provide some documentation
 regarding the "observed attacks".  Especially a link to relevant papers
 of archival quality discussing the attacks will be helpful.  If the
 attacks are related to the Diginotar and Comodo break-ins, then there
 is an archival paper [1] at a reasonably high level from IEEE that
 discusses this and provides a starting point for those who want to
 learn more.

[1] Neal Leavitt, "Internet security under attack: The undermining of
 digital certificates," pp. 17-20, IEEE Computer, December 2011.


- vijay
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg at {,} / vijay.gurbani at