Reviewer: Linda Dunbar Review result: Ready I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://wiki.ietf.org/en/group/gen/GenArtFAQ>. Document: draft-ietf-lamps-rfc4210bis-14 Reviewer: Linda Dunbar Review Date: 2024-10-28 IETF LC End Date: 2024-10-23 IESG Telechat date: Not scheduled for a telechat Summary: The document provides an extensive update to RFC 4210 with significant details on X.509 PKI management, message formats, and certificate operations. Major issues: As I am not an implementer, I can't identify any major issues of the message formats and operations just from reading them. Minor issues: Nits/editorial comments: Section 4.4 outlines the Root CA Key Update process, including conditions for maintaining old and new CA key pairs and link certificates. Given the complexity of this process, additional operational guidance would be beneficial for real-world scenarios, particularly in scenarios where multiple CA key updates may overlap. The document could provide examples or recommendations on updating practices, particularly where different validity periods for certificates and keys could create unexpected verification issues. Best Regards, Linda Dunbar -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
