Thanks Russ, https://github.com/tlswg/sslkeylogfile/pull/11 and https://mailarchive.ietf.org/arch/msg/media-types/5IW3tN6mJkqZMyuYWLwoOMNVhgM/ should address those issues. Cheers, Martin On Fri, Apr 12, 2024, at 14:30, Russ Housley via Datatracker wrote: > Reviewer: Russ Housley > Review result: Ready > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please wait for direction from your > document shepherd or AD before posting a new version of the draft. > > For more information, please see the FAQ at > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Document: draft-ietf-tls-keylogfile-01 > Reviewer: Russ Housley > Review Date: 2024-04-12 > IETF LC End Date: 2024-04-18 > IESG Telechat date: unknown > > Summary: Ready > > > Major Concerns: > > None > > > Minor Concerns: > > Section 3: The text says: "Access to the content of a file in > SSLKEYLOGFILE format allows an attacker to break the > confidentiality protection on any TLS connections that are > included in the file." This is clearly true. However, the > attacker this access to the keys can also break the integrity > protections. > > Section 4: The registration of the new application/sslkeylogfile > media-type for all IETF registrations in the standards tree > requires a posting to the media-types@xxxxxxxx mail list. A search > of the mail archive id not uncover "sslkeylogfile". To avoid delay, > that mail list discussion should probably get started now. > > > Nits: > > Section 1: s/file format that logging/file format for logging/ -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
