Hi all,
I read this document, and find it well written and understandable.
I do have some remarks about the content and several editing remarks.
Content remarks:
section 6, leaf prior-signed-voucher, at the end:
The MASA SHOULD remove all "prior-signed-voucher".
I would encourage a "MUST" instead of a "SHOULD" when thinking of
transporting vouchers over constrained networks.
section 6.3: leaf idevid-issuer, description, paragraph 2,
"populated for serial numbers that are not otherwise unique" to be
replaced by
"populated when serial numbers are not unique".
My proposed text is less selective, and consequently less error prone.
Can a discussion section about "manufacturer additions" be added.
Pointing out the consequences for interoperability when using "Augment"
to add manufacturer specifics can be helpful.
Editing remarks:
Introduction, first phrase: pledge -> candidate device (pledge)
page 3, PKCS#7 add RFC2315 reference, and may be add RFC7154 as JSON
reference.
Section 2; mention terminology from RFC7950
page 4 line 5; "process. i Typically" remove the "i"
page 4, Voucher: add: that "acknowledges ownership of the pledge and"
indicates...
page 5 Authentication of: First appearances of PKIX, DNS-ID, and CN-ID
abbreviations.
page 5, add (MiTM) after Man-in-The-Middle.
page 6 table: Voucher name -> Voucher type
Nonceless Audit Voucher: "to support network partitions" -> "to
withstand network partitions"
Owenership audit Voucher: "Voucher's" -> "Vouchers", and remove "an
ideal" otherwise explain what that means and why it is true.
Add type in:
Ownership ID voucher "type" is named
Bearer Voucher "type" is named
section 6
"The voucher is signing structure that" -> "The voucher signing
structure"
section 6, paragraph 6, all "of" the certificate, remove "of"
section 6 page 7 below, First appearance of CA and JWS abbreviations
section 6.1 (see section 4) add "see"
section 6.3 page 10, module description: "securely assign one or more
pledges to an 'owner'" seems to contradict section 7.2 voucher per
pledge
section 7.1 last line: "there is a delay" is that delay between creation
and consumption and when is the delay unacceptable? the text is (on
purpose?) vague.
section 8.1 first paragraph: "no understandING of time", add "ing"
section 8.1 paragraph 2: ephermal -> ephemeral
section 8.2 compromized -> compromised?
Hope this helps
peter
_______________________________________________
6tisch mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6tisch
