On May 20, 2015, at 4:03 PM, Richard Hansen <[email protected]> wrote:
> Hi all, > > I did a careful review of this draft and sent detailed comments to the > authors off list. Here is a summary of my comments for everyone's > reference: > > Important issues: > > * the reference to RFC6488 in the introduction was accidentally > changed to RFC2119 > * section 8 is incorrect -- sha256WithRSAEncryption does not > violate the CMS RFCs (implementations just choose to use > rsaEncryption instead, which has the same meaning in this > context) You might want to review the message on the list: https://www.ietf.org/mail-archive/web/sidr/current/msg04813.html that covers the whole CMS mandatory-to-implement requirement, the implementations, and the whole tangled story of the document chain. [That's Rob Austein, who also acknowledges Andrew Chi, David Mandelberg, and Russ Housley assisting in untangling the tangled web of references.] Perhaps you are concerned mostly about the terms being used? But the rfc6485bis document does not say "violate" and I believe that what it says agrees with the message above. If you don't think so, you should say why. > * the OID and meaning of rsaEncryption is not defined in this > document, and there is no normative reference to a definition This is not the right place to define the OID for rsaEncryption. It is found in 3370, which 5754 (one of the references) updates and normatively references. > > Moderate issues: > > * section 2 is confusing (alternative wording sent to authors) > * errata not incorporated (though their status is still "Reported"…) Those that are still shown as "Reported" have not yet been reviewed. As Sean said, it is possible for an errata to be rejected. The description of the errata process is found at https://www.ietf.org/iesg/statement/errata-processing.html. --Sandy, speaking as regular ol' member > * certification requests aren't mentioned everywhere they should be > > Minor issues: > > * many of the edits made by the RFC Editor are missing > * at the beginning of section 2, the reference to RFC4055 Section 5 > should be RFC3447 Section 8.2 > > Nice-to-haves: > > * replace "signed object" with "CMS signed object" to avoid ambiguity > * add a Table of Contents > * include informative references in the introduction > * cite the algorithm agility RFC in section 5 > > -Richard > > > On 2015-05-15 15:22, [email protected] wrote: >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Secure Inter-Domain Routing Working Group >> of the IETF. >> >> Title : The Profile for Algorithms and Key Sizes for use in >> the Resource Public Key Infrastructure >> Authors : Geoff Huston >> George Michaelson >> Filename : draft-ietf-sidr-rfc6485bis-02.txt >> Pages : 7 >> Date : 2015-05-15 >> >> Abstract: >> This document specifies the algorithms, algorithms' parameters, >> asymmetric key formats, asymmetric key size and signature format for >> the Resource Public Key Infrastructure subscribers that generate >> digital signatures on certificates, Certificate Revocation Lists, and >> signed objects as well as for the Relying Parties that verify these >> digital signatures. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-sidr-rfc6485bis/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-sidr-rfc6485bis-02 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-rfc6485bis-02 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> sidr mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/sidr > > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
