[TLS] Re: Secdir last call review of draft-ietf-tls-rfc8447bis-11

Tue, 25 Mar 2025 09:00:04 -0700 

> On Mar 14, 2025, at 3:16 AM, Benjamin Schwartz via Datatracker 
> <nore...@ietf.org> wrote:
> 
> Reviewer: Benjamin Schwartz
> Review result: Ready
> 
> Nit: "leave an items", lower case "*  update the note on the role ...".

Fixed via: https://github.com/tlswg/rfc8447bis/pull/70

> Use of BCP 14 "IANA SHALL" seems odd, but I assume IANA process experts have
> reviewed this formulation.

Yep!

> I wish this document would populate the "Comment" column on some of the
> discouraged entries, or at least note the reasoning in the body of the
> document.  As it stands, it seems that a reader could find a discouraged entry
> in these registries, read the Comment column, read all the linked reference
> documents (including this one), and still find no explanation for why it is
> discouraged.

Fair point, but this one had legs.

1) I went through each of the entries that we are setting to do “D”. Most but 
not all had links to explain why they got a “D”.  This PR at the end includes 
additions where I think they are needed.

The only one that is weird is the curves, because what we did was suggested at 
IETF 118 that anything under 128-bits should be D.  So, this is the draft 
that’s going to knock ‘em out. We could add that here or just point to the 
presentation.  The PR points to the presentation.

2) This I-D has a very long list of cipher suites. Many of these are in 
-deprecate-obsolete-kex.  -deprecate-obsolete-kex is pinned on this I-D. We’re 
going to leave those in this draft, but put them in another table and add to 
the reference column to refer to this draft where we taken them out for being 
NULL, weak, etc.

3) We should make it clear that when “D” is set that enough information be 
included to determine why it’s “D”. Added this to the PR ***NOTE the addition 
of the MUST":

When marking a registry entry as “D”, either the References or the Comments 
Column MUST include sufficient information to determine why the marking has 
been applied.

Here’s a link to the PR:
https://github.com/tlswg/rfc8447bis/pull/73

spt
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org

Reply via email to