Hi Brian, thanks for your review. Please find my responses below.
On 09/02/2015 01:30 AM, Brian E Carpenter wrote: > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Document: draft-ietf-dice-profile-14.txt > Reviewer: Brian Carpenter > Review Date: 2015-09-02 > IETF LC End Date: 2015-09-04 > IESG Telechat date: > > Summary: Ready with issues > -------- > > Comment: > -------- > > This is complicated and I'm not an expert. I went through the whole document > but have to > take most of the details on trust. I hope you still found the document readable since we envision that many readers are not security experts. > > Major Issues: > ------------- > > One thing puzzles me. Unless I have missed it, the profile is neutral on the > choice > described in Section 6 (Credential Types): pre-shared secrets, raw public > keys, or > certificates. How does this work to help interoperability in multivendor > environments? > Wouldn't it be better to RECOMMEND one? In an IoT environment it is quite likely that not every device will interact with every other device. At least today, the interoperability is accomplished at the level of backend interworking. (For more details about the different architectural choices please take a look at the IAB publication on Smart Object Architectures.) If you want to have devices to randomly interwork then many conditions must hold and today we are unfortunately still far away from this ideal state. Even if I would like to recommend something I will rule out certain deployments. Preshared secrets are more efficient and better suited for the low-end devices but have limitations in terms of security. Public key cryptography is certainly much better but is not a good choice for all deployments. > > ((The answer to this interests me in the Anima context too.)) Btw, ANIMA will also increase the lack of interoperability overall since there is yet another solution that some devices will not support. (The same is true for OIC, Alljoyn, OMA, etc.) > > Would it be possible to add a summary table of the MUST, SHOULD, MAY and MUST > NOT > items in the profile? At the moment there is a lot of prose and nothing that > can be used as an implementer's check list. The challenge is that there a lot of "depends on" qualifications. > > Minor Issues: > ------------- > > " Figure 7 shows an example interaction... The IPv6 > multicast address used for site-local discovery is FF02::FD." > > Where does ff02::fd come from? Is it just used as an example? That isn't clear > in the text. (IANA lists it as "variable scope allocation".) > > ((Incidentally, this is a side track, but note that a command such as > GET coap://[FF02::FD]/.well-known/core is problematic in a device with more > than one interface, unless you support RFC6874.)) > I let Thomas respond to this issue. > "6.4.2. Certificates used by Clients > > For client certificates the identifier used in the SubjectAltName or > in the leftmost CN component of subject name MUST be an EUI-64, as > mandated in Section 9.1.3.3 of [RFC7252]." > > Actually it is not mandated there, it is only suggested: > " The subject in the certificate would be built out of a long-term > unique identifier for the device such as the EUI-64 [EUI64]." > You can certainly choose to mandate it here, but s/mandated/described/ > in the text. Good catch. Thanks. > > However, I am confused by this MUST in 6.4.2, and other normative keywords in > Section 6. > Are we now in the specification of the DICE profile, or are we still in the > descriptive text? > I would expect a very clear break in the text when we move from description > to specification. > Looking at the table of contents, I can't figure out where that point is. > > OK, now I found a sentence at the beginning: "If you are familiar with > (D)TLS, then > skip ahead to Section 6." But please reflect this in the arrangement of the > sections. > I would suggest nesting sections 3,4, and 5 within a single "Overview" > section, and put > something at start of section 6 to make it clear that is where the profile > starts. > Or nest sections 6 etc. inside a single "Profile" section. I took a look at your proposed restructuring and I like the result. Btw, the suggestion to put a forward reference to Section 6 into the introduction was a recommendation from Stephen. > > Nits: > ----- > > The RFC2119 boilerplate is messed up. Hmmm. I am using regular XML2RFC. > > == Outdated reference: draft-ietf-tls-sslv3-diediedie has been published as > RFC 7568 > Fixed. > The downref to RFC7251 was not mentioned in the last call and that RFC isn't > in the downref registry. ((Yes, I've been in the IESG and I know how > annoying this can be, but it's a process glitch.)) > Thanks for pointing this out. Ciao Hannes
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
