Last Call Review of draft-ietf-tls-keylogfile-01
review-ietf-tls-keylogfile-01-genart-lc-housley-2024-04-12-00
Request | Review of | draft-ietf-tls-keylogfile |
---|---|---|
Requested revision | No specific revision (document currently at 02) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2024-04-18 | |
Requested | 2024-04-04 | |
Authors | Martin Thomson | |
I-D last updated | 2024-04-12 | |
Completed reviews |
Genart Last Call review of -01
by Russ Housley
(diff)
|
|
Assignment | Reviewer | Russ Housley |
State | Completed | |
Request | Last Call review on draft-ietf-tls-keylogfile by General Area Review Team (Gen-ART) Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/gen-art/QJhjo3AEyEU7ABRM-jKHsBM3b3M | |
Reviewed revision | 01 (document currently at 02) | |
Result | Ready | |
Completed | 2024-04-12 |
review-ietf-tls-keylogfile-01-genart-lc-housley-2024-04-12-00
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please wait for direction from your document shepherd or AD before posting a new version of the draft. For more information, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Document: draft-ietf-tls-keylogfile-01 Reviewer: Russ Housley Review Date: 2024-04-12 IETF LC End Date: 2024-04-18 IESG Telechat date: unknown Summary: Ready Major Concerns: None Minor Concerns: Section 3: The text says: "Access to the content of a file in SSLKEYLOGFILE format allows an attacker to break the confidentiality protection on any TLS connections that are included in the file." This is clearly true. However, the attacker this access to the keys can also break the integrity protections. Section 4: The registration of the new application/sslkeylogfile media-type for all IETF registrations in the standards tree requires a posting to the media-types@iana.org mail list. A search of the mail archive id not uncover "sslkeylogfile". To avoid delay, that mail list discussion should probably get started now. Nits: Section 1: s/file format that logging/file format for logging/