Re: [Last-Call] [EXTERNAL] Opsdir last call review of draft-ietf-lamps-ocsp-nonce-update-05

Susan Hares <shares@xxxxxxxx> · Wed, 10 Apr 2024 18:30:49 +0000

Himanshu: 

I’m glad I could be helpful! 

Sue 

From: Himanshu Sharma <himanshu@xxxxxxxxxxxx>

Sent: Wednesday, April 10, 2024 2:26 PM

To: Susan Hares <shares@xxxxxxxx>

Cc: ops-dir@xxxxxxxx; draft-ietf-lamps-ocsp-nonce-update.all@xxxxxxxx; last-call@xxxxxxxx; spasm@xxxxxxxx

Subject: Re: [EXTERNAL] Opsdir last call review of draft-ietf-lamps-ocsp-nonce-update-05

Thanks Susan for your time to review the I-D and providing the feedback.

I will work on the suggestion and update the I-D soon.

-Himanshu

On Tue, Apr 9, 2024 at 12:15 PM Susan Hares via Datatracker <noreply@xxxxxxxx> wrote:

Reviewer: Susan Hares

Review result: Has Nits

Status: Ready with NITs

General Statement: Excellent writing and clearly understood by a novice. 

I enjoyed reading the clear ASN.1 syntax in the appendices. 

operational summary:  The key point is that Clients switching from 

[RFC8954] to [draft-ietf-lamps-ocsp-nonce-update-06] will want to 

use a nonce of length 32, and accept an OCSP of 16 octets. 

4 NITS: Main Text (1) Appendix A.1 (1), and Appendix A.2 (2).  

Note that NITS are editorial suggestions. 

1 NITS in Main Text:

The example in section 2 starts with 

 30 2f 06 09 2b 06 01 05 05 07 30 01 02 [hex] 

    Sequence (30) length (2f) {   

       OBJECT Identifier (06) length (09) 

             oscpNonce (1 3 6 1 5 5 7 48 1 2 )

It might be good to explain that (1 3) is the 2b. 

------

#2 NITS in ASN.1 in Section 

It would help the ASN.1 reader to explain in a comment 

associated with the first usage of "generalizedTime" the format of the 

generalized time.  It is a well-defined ASN.1 concept, but 

the reader is assumed to be an IETF reader with less experience

in ASN.1. 

------

#NIT 3, use of ATTRIBUTE as an import. 

In my review of the ASN.1 in Appendix A.2, 

I cannot find a usage of ATTRIBUTE. 

If it is not used, why is it included? 

----- 

#NIT 4, use of @amp;

ResponseBytes ::=       SEQUENCE {

   responseType        RESPONSE.

                           &id ({ResponseSet}),

   response            OCTET STRING (CONTAINING RESPONSE.

                           &Type({ResponseSet}{@responseType}))}

AcceptableResponses ::= SEQUENCE OF RESPONSE.&id({ResponseSet})

I am not familiar with "&id" or "&Type" or @response. 

Please add a comment with the ISO reference for this syntax.

If you wish to be helpful to the reader, it would be  

to explain what this syntax means. 

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call