Dear Behcet,

Thank you for your time reviewing this document.

On Thu, Jun 18, 2026 at 08:02:52AM -0700, Behcet Sarikaya via Datatracker wrote:
> Document: draft-ietf-sidrops-rpki-ccr
> Title: A Profile for Resource Public Key Infrastructure (RPKI) Canonical Cache
> Representation (CCR) Reviewer: Behcet Sarikaya Review result: Ready with Nits
> 
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair.  Please treat these comments just
> like any other last call comments.
> 
> For more information, please see the FAQ at
> 
> <https://wiki.ietf.org/en/group/gen/GenArtFAQ>.
> 
> Document: draft-ietf-sidrops-rpki-ccr-??
> Reviewer: Behcet Sarikaya
> Review Date: 2026-06-18
> IETF LC End Date: 2026-06-17
> IESG Telechat date: 2026-07-02
> 
> Summary:
> The document defines a DER-encoded data format for RPKI Relying Party software
> to share validated cache state. The document provides a standardized method 
> for
> audit trails and analytics by creating a Canonical Cache Representation (CCR).
> Major issues:
> 
> Minor issues:
> 
> Nits/editorial comments:
> unused refs RFC6268 RFC8792

6268 is referenced from within the ASN.1 code block, idnits doesn't recognize 
that.

8792 is referenced from within a CODE BLOCK, idnits doesn't recognize that.

I expect the rfc editor to help make it precisely as they'd like to see it.

> Section 3.4.4 SHA-1 SHA-1 as a cryptographic algorithm is deprecated and 
> should
> be phased out by Dec. 31, 2030

In this context, SHA-1 is not used for cryptographic purposes.

The CCR embedded integrity checksums and the content address references
to objects outside the CCR all use SHA-256. See 'hashAlg' in section 3.2.

Kind regards,

Job

_______________________________________________
Gen-art mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to