Hi all,

I did a careful review of this draft and sent detailed comments to the
authors off list.  Here is a summary of my comments for everyone's
reference:

Important issues:

  * the reference to RFC6488 in the introduction was accidentally
    changed to RFC2119
  * section 8 is incorrect -- sha256WithRSAEncryption does not
    violate the CMS RFCs (implementations just choose to use
    rsaEncryption instead, which has the same meaning in this
    context)
  * the OID and meaning of rsaEncryption is not defined in this
    document, and there is no normative reference to a definition

Moderate issues:

  * section 2 is confusing (alternative wording sent to authors)
  * errata not incorporated (though their status is still "Reported"...)
  * certification requests aren't mentioned everywhere they should be

Minor issues:

  * many of the edits made by the RFC Editor are missing
  * at the beginning of section 2, the reference to RFC4055 Section 5
    should be RFC3447 Section 8.2

Nice-to-haves:

  * replace "signed object" with "CMS signed object" to avoid ambiguity
  * add a Table of Contents
  * include informative references in the introduction
  * cite the algorithm agility RFC in section 5

-Richard


On 2015-05-15 15:22, [email protected] wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
>  This draft is a work item of the Secure Inter-Domain Routing Working Group 
> of the IETF.
> 
>         Title           : The Profile for Algorithms and Key Sizes for use in 
> the Resource Public Key Infrastructure
>         Authors         : Geoff Huston
>                           George Michaelson
>       Filename        : draft-ietf-sidr-rfc6485bis-02.txt
>       Pages           : 7
>       Date            : 2015-05-15
> 
> Abstract:
>    This document specifies the algorithms, algorithms' parameters,
>    asymmetric key formats, asymmetric key size and signature format for
>    the Resource Public Key Infrastructure subscribers that generate
>    digital signatures on certificates, Certificate Revocation Lists, and
>    signed objects as well as for the Relying Parties that verify these
>    digital signatures.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-sidr-rfc6485bis/
> 
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-sidr-rfc6485bis-02
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-rfc6485bis-02
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> sidr mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/sidr

_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr

Reply via email to