Last Call Review of draft-ietf-tls-downgrade-scsv-03

Request Review of draft-ietf-tls-downgrade-scsv
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2015-01-23
Requested 2015-01-15
Draft last updated 2015-01-19
Completed reviews Genart Last Call review of -03 by Russ Housley (diff)
Secdir Last Call review of -03 by Yoav Nir (diff)
Opsdir Last Call review of -03 by Al Morton (diff)
Assignment Reviewer Russ Housley
State Completed
Review review-ietf-tls-downgrade-scsv-03-genart-lc-housley-2015-01-19
Reviewed rev. 03 (document currently at 05)
Review result Almost Ready
Review completed: 2015-01-19


I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at

This review is in response to a request for early Gen-ART review.

Document: draft-ietf-tls-downgrade-scsv-03
Reviewer: Russ Housley
Review Date: 2015-01-19
IETF LC End Date: 2015-01-23
IESG Telechat date: unknown

Summary: Almost Ready.

Major Concerns:


Minor Concerns:

The upper-right corner of the title page and the abstract disagree.  One
says that this document updates 3 RFCs, and the other says that it
updates 4 RFCs.  I think that both are wrong based on this text from the

   This specification applies to implementations of TLS 1.0 [RFC2246],
   TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246], and to implementations of
   DTLS 1.0 [RFC4347] and DTLS 1.2 [RFC6347].

Please correct the title page header and the abstract.

Other Comments:

In the introduction, I suggest the following editorial change to improve


   ... they can be particularly critical if they mean losing the
   TLS extension feature (when downgrading to SSL 3.0).


   ... they can be particularly harmful when the result is loss of the
   TLS extension feature by downgrading to SSL 3.0.

Further down in the introduction, there is a missing word:


   ... is not suitable substitute ...


   ... is not a suitable substitute ...