Hi! I submitted an issue to track this review: https://github.com/tlswg/external-psk-design-team/issues/80 spt > On Nov 15, 2021, at 13:41, Rich Salz via Datatracker <noreply@xxxxxxxx> wrote: > > Reviewer: Rich Salz > Review result: Has Nits > > I'm the SECDIR reviewer for this document. This is a TLS WG draft, so everyone > reading this should know what that means. If not, ask. :) > > As the opening sentence says, "This document provides usage guidance for > external Pre-Shared Keys (PSKs) in Transport Layer Security (TLS) 1.3 as > defined in RFC 8446." > > PSKs are useful and important for those who do not wish to deploy a PKI or for > whom symmetric trust is useful. I like section 4.1 which goes into detail about > the problems with sharing keys among more than two parties. Section 6 is a good > summary of use-cases with references. These sections should prove as valuable > as section 7, which is presumably the heart of the document. > > Section 7.1 is not common for an IETF RFC, and shows evidence that the authors > have some scars from experiments or deployments. It is nice to see. > > Section 8 says "The unique identifier can, for example, be one of its MAC > addresses..." I thought we are moving away from that and I would prefer to > see an explicit justification of why this is okay. I think this is a nit-level > issue, and the only one I found. > > I also do suggest, however, that the draft be sent to the UTA working group and > ask for comments from them as they're more application-focused like this > document it. > > > -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
