Last Call Review of draft-ietf-sidrops-rpki-rsc-08
review-ietf-sidrops-rpki-rsc-08-artart-lc-housley-2022-08-11-00

I am the assigned ARTART reviewer for this Internet-Draft.

Document: draft-ietf-sidrops-rpki-rsc-08
Reviewer: Russ Housley
Review Date: 2022-08-11
IETF LC End Date: 2022-08-24
IESG Telechat date: unknown

Summary: Ready with Nits

Major Concerns: None.

Minor Concerns: None.

Nits:

Abstract: The document says that it defines a CMS profile, but it is
really defining a CMS protected content type.  Suggestion:

   This document defines a Cryptographic Message Syntax (CMS) protected
   content type for use with the Resource Public Key Infrastructure
   (RPKI) to carry a general purpose listing of checksums (a
   'checklist').  The objective is to allow an attestation of a RPKI
   Signed Checklist (RSC), which contains one or more checksums of
   arbitrary digital objects (files) that are signed "with resources",
   and the allow for validation to confirm that a specific Internet
   Resource Holder produced the RSC.  The protected CMS content type is
   intended to provide for the signing of an arbitrary checksum listing
   with a specific set of Internet Number Resources.

In addition, similar changes should be made the the Introduction.

Section 2.1: s/CA/Certification Authority (CA)/

Section 2.1: s/EE/End-Entity (EE)/

Section 3 says:

   The ContentType for an RSC is defined as rpkiSignedChecklist, and has
   the numerical value of 1.2.840.113549.1.9.16.1.48.

This paragraph should say that 1.2.840.113549.1.9.16.1.48 is an object
identifier (OID).

Section 4: I compiled the ASN.1 module.  It compiles fine; however,
some of the lines exceed 73 characters.  It would be good to insert
line breaks so that the RFC Editor will not need to reformat the
module.