Last Call Review of draft-ietf-tls-keylogfile-01
review-ietf-tls-keylogfile-01-genart-lc-housley-2024-04-12-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Document: draft-ietf-tls-keylogfile-01
Reviewer: Russ Housley
Review Date: 2024-04-12
IETF LC End Date: 2024-04-18
IESG Telechat date: unknown

Summary: Ready


Major Concerns:

None


Minor Concerns:

Section 3: The text says: "Access to the content of a file in
SSLKEYLOGFILE format allows an attacker to break the
confidentiality protection on any TLS connections that are
included in the file."  This is clearly true.  However, the
attacker this access to the keys can also break the integrity
protections.

Section 4: The registration of the new application/sslkeylogfile
media-type for all IETF registrations in the standards tree
requires a posting to the media-types@iana.org mail list.  A search
of the mail archive id not uncover "sslkeylogfile".  To avoid delay,
that mail list discussion should probably get started now.


Nits:

Section 1: s/file format that logging/file format for logging/