Re: [Sidrops] Opsdir last call review of draft-ietf-sidrops-https-tal-07

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear Linda,

Thank you for the review and my apologies for the late reply (I have been moving house).

Replies in-line.

On 18 Mar 2019, at 22:37, Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:

Reviewer: Linda Dunbar
Review result: Has Nits

Reviewer: Linda Dunbar
Review result: Ready with Comments & Nits

I have reviewed this document as part of the Operational directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving the operational aspects of
the IETF drafts. Comments that are not addressed in last call may be included
in AD reviews during the IESG review.  Document editors and WG chairs should
treat these comments just like any other last call comments.

This document defines the syntax of Trust Anchor Locator (TAL) for Replying
Parties to retrieve the Trust Anchor, to avoid repeating the distribution
procedure when Trust Anchor changes.

My question: if the Trust Anchor changes, does the URI in the TAL changes?

Not typically. The idea is that the TA certificate can be updated w.r.t. its content - contained resources in particular, and Relying Parties can find this certificate at the listed URIs.

Another questions: Section 2.4 Example: is the Public Key listed there for both
URI?

Yes, both.

There is another draft currently being in the working group that is concerned with changing TALs - i.e. rolling keys and modifying locations where they may be found:

This document (https-tals) is concerned only with allowing HTTPS as an additional scheme for URIs in TALs

Typo: Section 2.1 second paragraph:  "without needing to effect..", do you mean
"without needing to affect ..??

"effect" is correct in this context. I think it could be more clearly written as: "without needing to redistribute". If no one objects I am fine with changing this.

Note that this text comes from RFC7730. I tried to keep the changes limited to the addition of HTTPS.


Cheers
Tim




Cheers,

Linda Dunbar


_______________________________________________
Sidrops mailing list
Sidrops@xxxxxxxx
https://www.ietf.org/mailman/listinfo/sidrops

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux