Miguel A. Garcia wrote:
I have been selected as the General Area Review Team (Gen-ART)
reviewer for this draft (for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
Please resolve these comments along with any other Last Call comments
you may receive.
Document: draft-turner-application-pkcs10-media-type-04.txt
Reviewer: Miguel Garcia <[email protected]>
Review Date: 30-April-2010
IETF LC End Date: 10-May-2010
Summary: The document is almost ready for publication as an
Informational RFC (see comments below).
Minor issues:
I would like to discuss with the author on sentence that is a bit
controversial to me.
On Section 2, the sentence reads:
The
application/pkcs10 media type MUST be used to transfer a PKCS #10
certification request.
Allow me turn the sentence into an equivalent, but easier to understand,
active voice:
"A PKCS #10 certification request MUST use the application/pkcs10 media
type."
And here is my problem. This Internet-Draft is about the
application/pkcs10 media type, so you cannot write a requirement for a
PKCS #10 certification request, which is specified in RFC 2986, to
mandate the usage of the application/pcks10 media type. In other words,
I believe the sentence is technically correct, but this is not the
document where it should be written.
So, did the author write this sentence intentionally or has further
background for its existence?
That sentence was taken from RFC 2311 (i.e., SMIMEv2) section 3.7. I
suspect (it was before my time) that it was there to specify how to
request a certificate from a CA. This was before PKIX standardized
their different options.
I see your point about it belonging in RFC 2986, but this document
updates RFC 2986 so it will be part of that document. I will
incorporate your suggested rewording (active is better than passive).
Does this address your concern?
Nits/editorial comments:
- In Section 3 (IANA), please identify the registry where IANA has to
operate, which I believe is the "Application Media Types registry".
You are correct. I will add this.
- Question. In Section 3.1 (registration of the application/pkcs10 media
type), there is a reference in "Published specifications" to RFC 2986.
If I were reading the IANA registry and open RFC 2986, I wouldn't find
any reference to this media type. Therefore, I conclude that the
Published Specifications should refer only to this Internet-Draft and
not to RFC 2986.
You are correct. I was pointing to RFC 2986 for the contents of the
that document, but I don't need to do that.
- Expand "DER" at first usage (second paragraph in Section 2.1).
Fixed.
_______________________________________________
Gen-art mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/gen-art
