Gorry Fairhurst has entered the following ballot position for draft-ietf-anima-brski-prm-19: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-anima-brski-prm/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thank you for preparing this document, and the updaye in rev-19, I have remaining questions where I'd appreciate more clarity in the text: 1. “TLS 1.2 MAY be used”, please could you explain why this is only "MAY" rather than being stronger, noting draft-ietf-uta-require-tls13 and RFC 9325, which asserts that TLS 1.3 is in widespread use. (see related DISCUSS from Mike Bishop). 2. I could not understand the protocol action of the “MUST” requirement below (i.e. what does “available” mean for a RFC2119 requirement?: “if the certificate chain is not included in the x5c Header Parameter, it MUST be available at the domain registrar for verification” Please consider changing this text, for instance text like the following could be helpful: “if the certificate chain is not available at the domain registrar for verification, ... MUST ... be done“. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- 1. There appears to be some slight format problem with the bullets I saw listed in my rendering: “such as: * Avoid logging personally identifiable information unless unavoidable. * Anonymize or pseudonymize data where possible.” (resolved). 2. I did not understand the list of three security considerations at the start of section 12. At least, it would be very helpful to explain these in sufficient detail to understand each, and also helpful to understand the implications for users of each. Some words to clarify would be very helpful. 3. Please could you add text to explain “no transport layer security between Registrar-Agent and pledge..” e.g., please explain: Is this something that users ought to add to a design? how? why? is it a desirable property? Why? ... or is this intended to be explained more in the next subsections? ... Especially since 7.1 speaks of optional use of TLS. 4. Please update the text to clarify what is intended by: “Pledges MAY support both initiator and responder mode.” ... (resolved - made "may"). 5. Please consider updating the text: “503 Service Unavailable: if a simple retry of the Registrar-Agent request might lead to a successful response; this error response SHOULD include the Retry-After response header field with an appropriate value” - Why is this not a MUST, if there is a reason, please explain the alternative to the SHOULD and when this is a suitable response. _______________________________________________ Anima mailing list -- anima@ietf.org To unsubscribe send an email to anima-le...@ietf.org
