Last Call Review of draft-ietf-secevent-subject-identifiers-14
review-ietf-secevent-subject-identifiers-14-genart-lc-holmberg-2022-10-28-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-secevent-subject-identifiers-14
Reviewer: Christer Holmberg
Review Date: 2022-10-28
IETF LC End Date: 2022-11-17
IESG Telechat date: Not scheduled for a telechat

Summary: The document is well structured, and easy to read, but I have an
editorial issue that I ask the authors to address.

Major issues: N/A

Minor issues: N/A

Nits/editorial comments:

The definition of Subject is a little unclear to me. RFC 8417 states that a
subject might be e.g., an IP address, or the issuer of the SET, and that SETs
are used to indicate state changes in the subject.

draft-ietf-secevent-subject-identifiers-14 gives an example where the subject
is an account, that might be identified using an IP address. From the 8417
language, I assume the account would be considered "an issuer of the SET".

Now, does that mean that a SET will be sent if the account change state, but
not if the IP address identifiying the account changes - as the IP address is
not a subject, only a subject identifier?

I guess what I am saying is that I find it difficult to differentiate between a
subject and a subject identifier, as e.g., an IP address can be both :)