Hi Russ, >Section 2.3 of RFC 8446 explains that the security provided to early data is >weaker than >the security provided to other kinds of TLS data. This is the reason that >PCEPS MUST NOT >make use of early data. Will a note with a pointer to this text (or a >pointer to the same part >of draft-ietf-tls-rfc8446bis) resolve this minor issue? The second Note already points to the text in Section 2.3 of 8446. My issue is not the fact that early data security is weaker, but why that is an issues for PCEPS. Is there some specific property of requirement for PCEPS behind the MUST NOT? Regards, Christer > On Dec 8, 2023, at 6:51 AM, Christer Holmberg via Datatracker > <noreply@xxxxxxxx> wrote: > > Reviewer: Christer Holmberg > Review result: Almost Ready > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed by > the IESG for the IETF Chair. Please treat these comments just like > any other last call comments. > > For more information, please see the FAQ at > > <https://wiki.ietf.org/en/group/gen/GenArtFAQ>. > > Document: draft-ietf-pce-pceps-tls13-02 > Reviewer: Christer Holmberg > Review Date: 2023-12-08 > IETF LC End Date: 2023-12-19 > IESG Telechat date: Not scheduled for a telechat > > Summary: The document is well written, and easy to understand. I do > have one Minor issue/question and a few Editorial issues/questions > that I would like the authors to address. > > Major issues: N/A > > Minor issues: > > Q1:Section 3 adds text saying that PCEPS implementations MUST NOT use > early data, and there are a couple of notes about what early data is. > However, I cannot find text which explains the "MUST NOT use". If the > case where early media is permitted does not apply to PCEPS it would > be good to add text which explains it. It would also be good to > explain the reason in the Introduction of this document. > > Nits/editorial comments: > > Q2:In a few places the text says "TLS protocol", and in other places "TLS". > Would it be possible to use "TLS" everywhere? > > Q3: Section 6 indicates that there are no known implementations when > version > -02 of the draft was posted. If that is still the case when the RFC is > published, could the whole section be removed? > > Q4: Related to Q3, if the section remains (e.g., because there are > known implementations), I suggest to say "time of publishing this > document" instead of "time of posting of this Internet-Draft". > > > -- > last-call mailing list > last-call@xxxxxxxx > https://www.ietf.org/mailman/listinfo/last-call
<<attachment: smime.p7s>>
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
