Alexey Melnikov has entered the following ballot position for draft-ietf-intarea-provisioning-domains-10: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-intarea-provisioning-domains/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- This is a well written document, but I have a small set of issues I would like to discuss: 4.4. Detecting misconfiguration and misuse When a host retrieves the PvD Additional Information, it MUST verify that the TLS server certificate is valid for the performed request (e.g., that the Subject Alternative Name is equal to the PvD ID expressed as an FQDN). The last sentence is not right: you should say “one of Subject Alternative Names is equal to ... “ because a server certificate can have multiple Subject Alternative Names. 5.4. Providing Additional Information to PvD-Aware Hosts This section is using HTTP/2 syntax for requests and responses, but HTTP 2 RFC is not listed as a reference. _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
