IETF Last Call Review of draft-ietf-uta-tls13-iot-profile-21
review-ietf-uta-tls13-iot-profile-21-opsdir-lc-dodge-2026-06-04-00

Request Review of draft-ietf-uta-tls13-iot-profile
Requested revision No specific revision (document currently at 21)
Type IETF Last Call Review
Team Ops Directorate (opsdir)
Deadline 2026-06-09
Requested 2026-05-29
Requested by Mohamed Boucadair
Authors Hannes Tschofenig , Thomas Fossati , Michael Richardson , Daniel Migault
I-D last updated 2026-06-03 (Latest revision 2026-05-25)
Completed reviews Dnsdir IETF Last Call review of -21 by Scott Rose
Opsdir IETF Last Call review of -21 by Menachem Dodge
Genart IETF Last Call review of -21 by Russ Housley
Artart IETF Last Call review of -21 by Martin Thomson
Assignment Reviewer Menachem Dodge
State Partially completed
Request IETF Last Call review on draft-ietf-uta-tls13-iot-profile by Ops Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/PYXvXhbyYrkLTcwrcty0tX1Xt_0
Reviewed revision 21
Result Has nits
Completed 2026-06-04
review-ietf-uta-tls13-iot-profile-21-opsdir-lc-dodge-2026-06-04-00
Hi,

I have been selected as the Operational Directorate (opsdir) reviewer for this
Internet-Draft.

The Operational Directorate reviews all operational and management-related
Internet-Drafts to ensure alignment with operational best practices and that
adequate operational considerations are covered.

A complete set of _"Guidelines for Considering Operations and Management in
IETF Specifications"_ can be found at
https://datatracker.ietf.org/doc/draft-ietf-opsawg-rfc5706bis/.

While these comments are primarily for the Operations and Management Area
Directors (Ops ADs), the authors should consider them alongside other feedback
received.

- Document: draft-ietf-uta-tls13-iot-profile-21

- Reviewer: Menachem Dodge

- Review Date: 4th June 2026

- Intended Status: Standards Track

---

## Summary

- Has Nits: This document is basically ready for publication but has nits that
should be considered prior to publication.

This document is a companion to RFC 7925, defining TLS/DTLS 1.3 profiles for
IoT devices. Additionally, it updates RFC 7925 with respect to the X.509
certificate profile and ciphersuite requirements. This document offers
comprehensive guidance for deploying secure communication in
resource-constrained IoT environments. It outlines best practices for
configuring TLS/DTLS 1.3 to meet the unique needs of IoT devices. The document
aims to facilitate the development of secure and efficient IoT deployments and
promote the broad adoption of secure communication standards.

Unfortunately I do not have a background in TLS / DTLS or their profiles.
It may well be due to my lack of background that I find the document very hard
to read and that it did not flow for me. Thus I request an additional reviewer.

---

## Nits

A terminology section would be very helpful or at least a reference to one in
another RFC.

The introduction provides background to the subject and a heads-up of what
should be expected in the document, which is very helpful. I assume that
sections 4 to 16 cover the best practices mentioned and section 17 to 20 cover
the X.509 certificate profile and ciphersuite requirements. In my opinion if
the introduction would explicitly state the aim of each of the following
paragraphs this would make the document more readable.

As a general comment when there are references to other RFC documents it is
very helpful if the paragraph in that document is explicitly stated.  Where the
paragraphs were quoted I found it much easier to find the information in the
other RFCs.

Some specific examples:
1. Section 17.2.1 should refer to the paragraph within RFC 5280 which states
that "root CS certificates must have a non-empty subject field". 2. Similarly,
section 17.2.4 should refer to the paragraph in RFC 5280. 3. Same for section
17.2.5 should refer to the paragraph in RFC 5280 4. Same for section 17.3.4
should refer to the paragraph in RFC 5280

Thank you kindly.

Best Regards,
Menachem