I
have been selected as the General Area Review Team (Gen-ART) reviewer for this
draft
(for
background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please resolve these comments along with any other Last Call
comments you may receive.
Document: draft-ietf-csi-send-cert-03
Reviewer: Roni Even
Review Date: 2010-05-02
IETF LC End Date: 2010-05-14
IESG Telechat date: (if known):
Summary: This draft is roughly ready for publication as a
Proposed Standard.
I have some comments and nits:
Comments:
The first two comments are about changes from RFC 3971, if
they are intentional it may be good to have a section on changes from RFC 3971
and list these specific changes with backward interoperability issues if there
are.
- In section 4 second
paragraph “SEND certificates MUST include the IP Resources
extension for IPv6 Address …” Section 6.3.1 of RFC 3971
says “Router Authorization Certificates are X.509v3
certificates, as defined in RFC 3280, and SHOULD contain at least one
instance of the
X.509 extension for IP addresses, as defined in RFC 3779.” So why is
it a MUST here.
- The same paragraph has
“Certified IPv6 address space SHOULD be expressed using either
addressPrefix or addressesOrRange elements.” . Section 6.3.1
in RFC 3971 says “The X.509 IP address extension MUST
contain at least one addressesOrRanges element” as for the
addressPrefix according to this section “The X.509 IP address
extension MAY contain additional IPv6 subnet prefixes, expressed as either
an addressPrefix or an addressRange.”
- In section 7
there are TBA1, TBA2 and TBA3, who will assign values for these IDs.
Nits:
- Section
5 has “an end user could local SEND deployment “
it looks like there is a missing word in this sentence
- In section 5 expand ULA.
|
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf