Telechat Review of draft-ietf-rats-eat-21
review-ietf-rats-eat-21-intdir-telechat-song-2023-09-05-00
Request | Review of | draft-ietf-rats-eat |
---|---|---|
Requested revision | No specific revision (document currently at 31) | |
Type | Telechat Review | |
Team | Internet Area Directorate (intdir) | |
Deadline | 2023-09-05 | |
Requested | 2023-08-25 | |
Authors | Laurence Lundblade , Giridhar Mandyam , Jeremy O'Donoghue , Carl Wallace | |
I-D last updated | 2023-09-05 | |
Completed reviews |
Opsdir Last Call review of -21
by Linda Dunbar
(diff)
Opsdir Last Call review of -27 by Linda Dunbar (diff) Genart Last Call review of -21 by Ines Robles (diff) Intdir Telechat review of -21 by Haoyu Song (diff) Secdir Last Call review of -13 by Hilarie Orman (diff) Iotdir Last Call review of -13 by Eliot Lear (diff) |
|
Assignment | Reviewer | Haoyu Song |
State | Completed | |
Request | Telechat review on draft-ietf-rats-eat by Internet Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/int-dir/O02PYc84RS-l-LndjmugGkZ-5sQ | |
Reviewed revision | 21 (document currently at 31) | |
Result | Ready w/issues | |
Completed | 2023-09-05 |
review-ietf-rats-eat-21-intdir-telechat-song-2023-09-05-00
This review is done as requested by the Internet Area Directorate. Document editors and WG chairs should treat these comments just like any other last-call comments. The document needs an introduction or references to the background and related work pertaining to the problem domain. Without understanding the status quo and the state-of-the-art solutions, it’s difficult to evaluate what the proposed framework has improved and the value of it compared to the existing solutions. More than 30% of the document content is in the appendix. Are these topics considered non-essential and can be ignored? How do the authors plan to treat these materials in the published RFC? P8 “The claims set includes a nonce or some other means to assure freshness.” Should these means be explained in more detail? The concept and mechanisms are not obvious to readers. The document supplies a set of claims and profiles for EAT. As long as EAT is motivated as necessary in real use cases, I don’t see a reason to block the advance of this document. Some editorial suggestions: Acronyms should be spelled out on first use. It’s better to also provide references. This applies to all the acronyms throughout the draft (e.g., TEE, CDDL, COSE, JOSE, ...) P9 “For example, measurements in evidence may be compared to reference values [and?] the results of which are represented as a simple pass/fail in attestation results.”