Reviewer: Mallory Knodel Review result: Ready I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://wiki.ietf.org/en/group/gen/GenArtFAQ>. Document: draft-ietf-cdni-https-delegation-subcerts-?? Reviewer: Mallory Knodel Review Date: 2024-06-25 IETF LC End Date: 2024-06-25 IESG Telechat date: Not scheduled for a telechat Summary: I found no major issues with the draft as it's written. Its specifications are concise and clear. I have only suggested adding one sentence to the privacy considerations section as a minor issue. Major issues: None Minor issues: The privacy considerations section might include the following sentence, to parallel the security considerations section and present a reasonable risk to implementers of this specification, "A single or systematic retrieval of delegated credentials and associated private keys would allow the attacker to decrypt any data sent by the end user intended for the end service, which may include PII." Nits/editorial comments: None. -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
