Thanks Valery, for your comments. Please allow me some time to revert back to you.
Regards Mohit On Tue, Oct 18, 2022 at 4:54 AM Valery Smyslov via Datatracker < nore...@ietf.org> wrote: > Reviewer: Valery Smyslov > Review result: Has Nits > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area > directors. > Document editors and WG chairs should treat these comments just like any > other > last call comments. > > This document defines the use of Constrained Application Protocol > (CoAP) as a transport for the Certificate Management Protocol (CMP). > > Nits: > 1. I believe that the security considerations from RFC 6712 should be > either > echoed in this document (where applicable), or at least be referenced. > > 2. I think that Section 3 (Using CoAP over DTLS) should be moved to the > Security Considerations section, or be referenced from there. > > 3. Section 5. I think that the sentence > > The CoAP is vulnerable due to the connectionless characteristics of UDP > itself. > > should either be expanded of what particular vulnerabilities are meant > (because > not all CoAP vulnerabilities are concerned with using UDP) or deleted. > > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace >
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
