IETF Last Call Review of draft-ietf-tls-keylogfile-04
review-ietf-tls-keylogfile-04-opsdir-lc-combes-2025-05-06-00

Hi,

I have reviewed this document as part of the Ops area directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the Ops area directors.
Document editors and WG chairs should treat these comments just like any other
last-call comments.

Disclaimer: I am not a TLS expert.

Regarding the form, this document is well written, especially regarding the
security considerations.

Regarding the substance, IMHO, it looks like the promotion of a nightmare for
any operational security guy :) My main fear is to see the use of such feature
in a “production system” because (1) the border between “test system” and
“production system” is not always as clear as expected (2) forgetting to switch
off such a feature when pushing the system into production may become an easy
mistake. Now, IMHO and except if I missed something, it should be less complex
from an operational security point of view (i.e., rights management) to
debug/analyze protocols in configuring TLS with “NULL ENCRYPTION” (i.e.,
configuration rights) than logging/storing secrets (i.e., write rights, read
rights, export rights).

Now, as the intended status is Informational, it works for me.

Hope that helps.

Best regards,

JMC.