Alissa, thanks for your review, and I apologize that none of this document's authors have been available to respond until now.
I have filed https://github.com/google/certificate-transparency-rfcs/pull/309, which I believe addresses all of your concerns. On 13/03/2019 16:34, Alissa Cooper via Datatracker wrote: > Alissa Cooper has entered the following ballot position for > draft-ietf-trans-rfc6962-bis-31: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-trans-rfc6962-bis/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Glad to see this revision of the protocol. My comments and questions should be > easy to address. > > = Section 10.2, 10.4, 10.5 = > > A Specification Required registry policy implies expert review. So a registry > policy of "Specification Required and Expert Review" is duplicative; it should > just say "Specification Required." I know this seems trivial but there has > been > so much confusion about this through the years that it is important to be > precise. > > = Section 10.3 = > > This section needs to state what the registry policy is for the code points > not > already registered (presumably Expert Review given 10.3.1, but it needs to be > explicit). > > = Section 10.6.1 = > > Using the term "Parameters Required" as a capitalized term is confusing. FCFS > registries by definition can require additional information to be provided in > order to get something registered. For avoidance of confusion I think the > assignment policy should be listed as First Come First Served and the > requirement that parameters be included in the application can use a normative > MUST in the last paragraph if there is concern that the parameters won't be > supplied. > > However, I also wonder what will be done with the parameters that are > supplied. > Is IANA expected to just maintain them privately, or to publish them? > > What is expected to appear in the 'Log' column in the registry? > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > In Section 1.1, please use the RFC 8174 boilerplate in lieu of the RFC 2119 > boilerplate. > > -- Rob Stradling Senior Research & Development Scientist Email: [email protected] Bradford, UK Office: +441274024707 Sectigo Limited This message and any files associated with it may contain legally privileged, confidential, or proprietary information. If you are not the intended recipient, you are not permitted to use, copy, or forward it, in whole or in part without the express consent of the sender. Please notify the sender by reply email, disregard the foregoing messages, and delete it immediately. _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
