During the IETF UTA session I volunteered to review draft-ietf-uta-ciphersuites-in-sec-syslog-01.
Here are my notes: ------------ Abstract It might be good to say something about syslog in the first paragraph and then in a second paragraph talk about the updates in the draft. For example, " The Syslog Working Group published two specifications, namely RFC 5425 and RFC 6012, for securing the Syslog protocol using TLS and DTLS, respectively. This document updates the cipher suites in RFC 5425, Transport Layer Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog. It also updates the transport protocol in RFC 6012. " Introduction The Syslog Working Group produced Transport Layer Security (TLS) Transport Mapping for Syslog [RFC5425] and Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog [RFC6012]. This sentence sounds a bit broken. I would write: " The Syslog Working Group published RFC 5425, Transport Layer Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog. " Both [RFC5425] and [RFC6012] MUST support certificates as defined in [RFC5280]. Here I would write: Both specifications, [RFC5425] and [RFC6012], require the use of RSA-based certificates and the use of out-of-date TLS/DTLS versions. Please update the reference to [I-D.ietf-tls-dtls13] with RFC 9147. IMHO DTLS 1.3 cannot be an informative reference. Please update [I-D.salowey-tls-rfc8447bis] to draft-ietf-tls-rfc8447bis-01. Please update [I-D.saviram-tls-deprecate-obsolete-kex] to draft-ietf-tls-deprecate-obsolete-kex Why are you not recommending the use of TLS 1.3 instead of TLS 1.2? Likewise, you are recommending DTLS 1.2 when the most recent version is DTLS 1.3 You have a note in Section 5 about "EDITOR's NOTE: Need to address 0-RTT considerations." while the subsequent section talks about 0-RTT. I would suggest to delete the note. I don't understand the author's notes. Is the idea to incorporate the marked text? If so, I don't think it is a good idea because the text cannot be understood unless a reader also reads or knows the IEC 62351-3 specification. Is there some actionable advice that could be re-used from that specification? ------------ Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
