IETF Last Call Review of draft-ietf-sidrops-manifest-numbers-07
review-ietf-sidrops-manifest-numbers-07-genart-lc-robles-2025-08-06-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.

Document: draft-ietf-sidrops-manifest-numbers-07
Reviewer: Ines Robles
Review Date: 2025-08-06
IETF LC End Date: 2025-08-06
IESG Telechat date: 2025-08-21

Summary:

This IETF draft updates the RPKI manifest-number rules from RFC 9286 by
providing guidance for the rare situation where a Certification Authority
(manifestNumber), a 20-octet counter that must increase with each new manifest,
reaches its maximum value. In such cases, the draft allows the CA to publish a
new manifest under a different filename, enabling Relying Party (RP) software
to treat it as a reset and accept the new manifest even if its number is lower,
provided the URI in the manifest Subject Information Access (SIA) extension
matches the one retrieved. To prevent misuse, the draft emphasizes that
filename changes should only be used as a recovery mechanism, not a regular
practice, and requires RPs to alert operators when such changes occur.

The document is well written.

Major issues: None

Minor issues: None

Nits/editorial comments: None

Thanks for this document,

Ines.