[Last-Call] Re: [Rats] Genart last call review of draft-ietf-rats-uccs-10

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Peter,

thanks for the review and comments. Please find our responses reflected in PR about the usage of "leaflet" below. All nits are covered in this PR: https://github.com/ietf-rats-wg/draft-ietf-rats-uccs/pull/32.


Viele Grüße,

Henk for the UCCS editors

On 26.09.24 02:07, Peter Yee via Datatracker wrote:
Reviewer: Peter Yee
Review result: Ready with Issues

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.

Document: draft-ietf-rats-uccs-10
Reviewer: Peter Yee
Review Date: 2024-09-25
IETF LC End Date: 2024-09-18
IESG Telechat date: 2024-10-03

Summary: This is a well-written specification for the substitution of a Secure
Channel for the COSE envelope normally employed with a CWT Claim Set to protect
a CWT, here specified for RATS uses cases. There are some minor issues with the
introductory text that might be addressed to clarify the case being made for
the transposability of a Secure Channel for COSE envelope. [Ready with issues.]
Major issues: None

Minor issues:

In general, I find the concept of using a Secure Channel in place of a COSE
envelope for protecting a CWT reasonable. As the draft notes, once delivered to
the receiver, the UCCS is merely unprotected data. Not being overly familiar
with RATS, I ask whether there should be a more cautionary note that a true CWT
should be employed by the sender instead of a Secure Channel if there is an
expectation that it will be sent on to another party by the receiver.
Certainly, the last paragraph on page 6 hints at this.

On page 5, section 4, 2nd sentence: “leaflets”? Really? Folded pieces of paper.
Maybe just change “instruction leaflets” to “instructions”.

(This was meant to be an "instruction leaflet" as it comes with medicine, admonishing you to use the medicine only as prescribed.) We think that this colloquial wording really conveys the meaning. Especially when it comes to different applications of UCCS outside RATS.


Nits/editorial comments:

Page 4, 1st paragraph in Secure Channel definition after the NIST quotation,
last sentence: delete the comma.

Page 4, section 2, last (partial) sentence: change “resource constrained” to
“resource-constrained”.

Page 6, 5th paragraph, 1st sentence: delete “to” after “and”. At least I think
it parses better that way.

(Good point. Actually, we'd like to keep the "to" and add a redundant "determine".)
The three nits above are addressed by cabo in commit 78096ff.


Page 11, section 7.2, 3rd bullet: insert “the” before “IV”.


The last nit is already moot, as we replaced the restatement text by a table of references.



_______________________________________________
RATS mailing list -- rats@xxxxxxxx
To unsubscribe send an email to rats-leave@xxxxxxxx

--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux