Lars Eggert has entered the following ballot position for draft-ietf-uta-rfc7525bis-09: Yes
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-uta-rfc7525bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # GEN AD review of draft-ietf-uta-rfc7525bis-09 CC @larseggert Thanks to Tim Evens for the General Area Review Team (Gen-ART) review (https://mailarchive.ietf.org/arch/msg/gen-art/Cm6WU_TE-rTbHuLT1WLLc26vrl0). ## Nits All comments below are about very minor potential issues that you may choose to address in some way - or ignore - as you see fit. Some were flagged by automated tools (via https://github.com/larseggert/ietf-reviewtool), so there will likely be some false positives. There is no need to let me know what you did with these suggestions. ### Typos #### Section 1, paragraph 6 ``` - implementations, assuming the implementer expects his or her code to - ^^^^^^^ + implementations, assuming the implementer expects their code to + ^ + ``` ### Duplicate references Duplicate informative references to: `rfc7672`. ### Outdated references Reference `[RFC8740]` to `RFC8740`, which was obsoleted by `RFC9113` (this may be on purpose). Reference `[RFC5246]` to `RFC5246`, which was obsoleted by `RFC8446` (this may be on purpose). Reference `[RFC6347]` to `RFC6347`, which was obsoleted by `RFC9147` (this may be on purpose). Reference `[RFC4346]` to `RFC4346`, which was obsoleted by `RFC5246` (this may be on purpose). Reference `[RFC4347]` to `RFC4347`, which was obsoleted by `RFC6347` (this may be on purpose). Reference `[RFC6961]` to `RFC6961`, which was obsoleted by `RFC8446` (this may be on purpose). Reference `[RFC2246]` to `RFC2246`, which was obsoleted by `RFC4346` (this may be on purpose). Reference `[RFC5077]` to `RFC5077`, which was obsoleted by `RFC8446` (this may be on purpose). Reference `[RFC7507]` to `RFC7507`, which was obsoleted by `RFC8996` (this may be on purpose). ### URLs These URLs in the document did not return content: * https://www.cabforum.org/documents.html ### Grammar/style #### Section 1, paragraph 7 ``` rabilities than TLS 1.2 or below. Therefore this document replaces [RFC7525], ^^^^^^^^^ ``` A comma may be missing after the conjunctive/linking adverb "Therefore". #### Section 1, paragraph 8 ``` n and deployment scenarios, with the exception of unauthenticated TLS (see S ^^^^^^^^^^^^^^^^^^^^^ ``` Consider using "except" or "except for". #### Section 3.1.1, paragraph 11 ``` is significantly easier and less error prone than secure deployment of TLS 1 ^^^^^^^^^^^ ``` This word is normally spelled with a hyphen. #### Section 3.3.1, paragraph 4 ``` used when encrypting the ticket (as least as strong as the main TLS cipher su ^^^^^ ``` Did you mean "less", "little"? Or "at least"? #### Section 3.9, paragraph 1 ``` h the server and the client side. Typically this extends to both the TLS libr ^^^^^^^^^ ``` A comma may be missing after the conjunctive/linking adverb "Typically". #### Section 4.2, paragraph 6 ``` l interoperability, except with extremely old clients. As with other cipher ^^^^^^^^^^^^^ ``` Consider using an extreme adjective for "old". #### Section 4.4, paragraph 3 ``` ther demonstrates that 1024-bit Diffie Hellman parameters should be avoided. ^^^^^^^^^^^^^^ ``` This word is normally spelled with a hyphen. #### Section 4.4, paragraph 8 ``` cipher suites recommended above. However it does apply to most other TLS ci ^^^^^^^ ``` A comma may be missing after the conjunctive/linking adverb "However". #### Section 5.1, paragraph 9 ``` s discovered indirectly and in an insecure manner (e.g., by an insecure DNS q ^^^^^^^^^^^^^^^^^^^^^ ``` Consider replacing this phrase with the adverb "insecurely" to avoid wordiness. #### Section 5.2, paragraph 1 ``` AES-GCM getting implemented in an insecure way and thus making TLS sessions ^^^^^^^^^^^^^^^^^^ ``` Consider replacing this phrase with the adverb "insecurely" to avoid wordiness. #### Section 7.3, paragraph 12 ``` n database cannot scale beyond a small number of the most heavily used Web se ^^^^^^^^^^^^^^^^^ ``` Specify a number, remove phrase, use "a few", or use "some". #### Section 7.4, paragraph 5 ``` o the CertificateEntry structure. However using this facility remains imprac ^^^^^^^ ``` A comma may be missing after the conjunctive/linking adverb "However". #### Section 7.5, paragraph 1 ``` lient authentication, but we recommend to review the operational conditions b ^^^^^^^^^^^^^^^^^^^ ``` The verb "recommend" is used with the gerund form. ## Notes This review is in the ["IETF Comments" Markdown format][ICMF], You can use the [`ietf-comments` tool][ICT] to automatically convert this review into individual GitHub issues. Review generated by the [`ietf-reviewtool`][IRT]. [ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md [ICT]: https://github.com/mnot/ietf-comments [IRT]: https://github.com/larseggert/ietf-reviewtool _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
