[Last-Call] Artart last call review of draft-ietf-lamps-cert-binding-for-multi-auth-05

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Robert Sparks
Review result: Ready

Summary: Ready for publication as a Proposed Standard RFC

I did not find any artart specific issues to point to in this document.

I did not re-verify the ASN, trusting that the shepherd (who has much sharper
skills there than I) got that right. (The shepherd report is very good - thank
you for that).

Some editorial suggestions:

More detail in the motivation would have been nice.

There is evidence in the security considerations section of earlier concern
expressed with the requirement that a CA processing a CSR MUST fetch a provided
URL. I'll add to that and suggest that framing the set of requirements more
carefully to "If the CA is willing to process the CSR" to leave room for common
sense operational decisions to not appear to conflict with the requirement.

I also found the "ED Note" calling out (I assume) the discussion of _not using_
SCVPCertID instead of this extension, but quoting the structure anyway, pretty
confusing. Please consider if it will stimulate implementor error.



-- 
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux