Hi Alexey,
Thanks for the feedback. I have placed responses in-line...
On 5/16/16 2:45 PM, Alexey Melnikov wrote:
> Alexey Melnikov has entered the following ballot position for
> draft-ietf-sidr-rpsl-sig-11: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-sidr-rpsl-sig/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> This is a generally a well written document and I don't object to its
> publication. However I have several minor but important points which
> should be easy to address:
>
> In Section 2.1:
>
> Reference to the certificate corresponding to the private key used to
> sign this object (field "c"). The value of this field MUST be a URL of
> type "rsync" or "http(s)"
>
> You need to have Normative references for the corresponding URI RFCs: RFC
> 5781 for rsync URIs and RFC 7230 for http/https URIs.
>
> that points to a specific resource certificate in an RPKI repository
> [RFC6481]. Any non URL-safe characters (including semicolon ";" and plus
> "+") must be URL encoded.
>
> This really need a Normative reference to RFC 3986.
>
Both of the above sound reasonable. The resulting text will be:
o Reference to the certificate corresponding to the private key used
to sign this object (field "c"). The value of this field MUST be
a URL of type "rsync" [RFC5781] or "http(s)" [RFC7230] that
points to a specific resource certificate in an RPKI repository
[RFC6481]. Any non URL-safe characters (including semicolon ";"
and plus "+") must be URL encoded [RFC3986].
>
> The signature itself (field "b"). This MUST be the last field in the
> list. The signature is the output of the signature algorithm using the
> appropriate private key and the calculated hash value of the object as
> inputs. The value of this field is the digital signature in base64
> encoding [RFC4648].
>
> As RFC 4648 specifies 2 base64 alphabets, you need to include section
> number. I think you meant Section 4 (and not Section 5).
Yes. I will include Section 4 in the reference to 4648.
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> In Section 2.1:
>
> Time of signing (field "t"). The format of the value of this field MUST
> be in the Internet Date/Time format [RFC3339]. All times MUST be
> converted to Universal Coordinated Time (UTC)
>
> To be pedantic, you should clarify that you mean the date-time ABNF
> production with the timezone always being "Z".
Done.
>
> In 3.1, inside numbered list (item 3):
>
> * Converting all line endings to a single blank space.
I will note that it will be ASCII code 32. I will also add ASCII codes
for newline and tabs mentioned elsewhere.
The above changes are queued up in a -12 version.
Regards,
Brian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
