Thanks Ines. I entered a No Objection ballot. Alissa > On Aug 26, 2020, at 5:30 PM, Ines Robles via Datatracker <noreply@xxxxxxxx> wrote: > > Reviewer: Ines Robles > Review result: Ready with Issues > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-stir-cert-delegation-03 > Reviewer: Ines Robles > Review Date: 2020-08-26 > IETF LC End Date: 2020-08-26 > IESG Telechat date: Not scheduled for a telechat > > Summary: > > This specification details how that authority can be delegated from a parent > certificate to a subordinate certificate. This supports a number of use cases > where callers want to use a particular calling number, but for whatever reason, > their outbound calls will not pass through the authentication service of the > service provider that controls that numbering resource, it includes also those > where service providers grant credentials to enterprises or other customers > capable of signing calls with Secure Telephone Identity Revisited (STIR). > > I have some minor suggestions/questions to the authors. > > Major issues: None > > Minor issues: > > 1-Introduction Section: > > "..., including various forms of robocalling, voicemail hacking, and > swatting..." --> should a reference to RFC7375 be added here? > > 2- It would be nice to add in Terminology section: > > - delegation: the concept of delegation and its levels are defined in RFC8226. > - definition for "legitimate spoofing". I understand that the draft explain it > with an example. > > 3- It would be nice to add references to concepts, e.g. cA boolean --> cA > boolean [rfc5280#section-4.2.1.9] > > "x5u" link -> "x5u" (X.509 URL) [RFC7515#section-4.1.5] link > > 4- Section 4: It would be nice to add graphics explaining the process. > E.g. can be used as a model the images displayed in > https://access.atis.org/apps/group_public/download.php/47134/IPNNI-2019-00043R000.pdf > or https://niccstandards.org.uk/wp-content/uploads/2019/03/ND1522V1.1.1.pdf > > 5- Section 5:"Authentication service behavior for delegate certificates is > little > changed from [RFC8224] STIR behavior" --> It is not clear to me what are the > little changes. > > Additionally, how you quantify little/big changes?, maybe something like?: > "Authentication service behavior varies from STIR behavior [RFC8224] as > follows:...." > > 6- Section 8.1: Should the picture displayed in > https://www.ietf.org/proceedings/104/slides/slides-104-stir-certificate-delegation-00--Slide > 5 be added here? > > 7- Security Consideration section: should a reference to RFC7375 be added here? > > Nits/editorial comments: > > 8- Expand the first time: JWS -> JSON Web Signature (JWS) > > Thank you for this document, > > Ines. > > > > _______________________________________________ > Gen-art mailing list > Gen-art@xxxxxxxx > https://www.ietf.org/mailman/listinfo/gen-art -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
