Reviewer: Scott Bradner Review result: Has Nits This is an OPS-DIR review of Guidance for External PSK Usage in TLS <draft-ietf-tls-external-psk-guidance>.
As its title indicates, this ID provides guidance for the use of pre-shared keys with TLS. Guidance documents are inherently useful to operations community and this is no exception. I found the document well written, slightly repetitive as Rich noted, but not so much so as for it to be an issue for me. A few notes though. in section 4.2 the term PAKE is used without any definition – there is a reference to a document but it seems to be that at least expanding the term in this document would be useful. the document uses the term SHOULD in a number of places. (e.g. multiple places in section 7 and one in section 8) – for what its worth – I am not a fan of the use of this term unless the text also says when not doing what the SHOULD says to do is OK – i.e. since SHOULD is a MUST with an escape clause – I think it is useful to actually say what the escape clause is – i.e. explain why this is not a MUST. (also it does seem a bit funky to say (as section 7 does) “MUST adhere” to requirements which are SHOULDs ) _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
