[Last-Call] Secdir last call review of draft-ietf-opsawg-9092-update-09

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Tim Hollebeek
Review result: Has Nits

The document is extremely well written ... I didn't find too much to comment
on, despite looking pretty closely at the key management and signing aspects.

I just have two nits:

(1) The following paragraph appears twice in the document (looks like just a
copy/paste error when moving stuff around):

"Identifying the private key associated with the certificate and
   getting the department that controls the private key (which might be
   stored in a Hardware Security Module (HSM)) to generate the CMS
   signature is left as an exercise for the implementor.  On the other
   hand, verifying the signature has no similar complexity; the
   certificate, which is validated in the public RPKI, contains the
   needed public key."

(2) Section 6, paragraph 5: is this intended to be a RFC 2119 "MAY"?  If so,
capitalize.  If not, avoid the word.



-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux