Wfm, Russ. Thanks for paying attention to my wittering. Cheers, Adrian -----Original Message----- From: Russ Housley <housley@xxxxxxxxxxxx> Sent: 27 May 2025 15:05 To: Adrian Farrel <adrian@xxxxxxxxxxxx> Cc: ops-dir@xxxxxxxx; draft-ietf-lamps-private-key-stmt-attr.all@xxxxxxxx; last-call@xxxxxxxx; spasm@xxxxxxxx Subject: Re: [Last-Call] draft-ietf-lamps-private-key-stmt-attr-05 ietf last call Opsdir review Adrian: Thanks for the review. > Reviewer: Adrian Farrel > Draft reviewed: draft-ietf-lamps-private-key-stmt-attr-05 > Review Result: Has nits > > This Standards Track document gives a way to provide a signed statement > of the possession of a private key. Appendixes provide an ASN.1 module > and a detailed example. The document is clear and readable. > > = Management and Operations = > > The document would benefit from some discussion of diagnostics. For > example, in Section 2 there are multiple conditions that cause the CA to > reject the certificate request. Would it be helpful or even wise for the > CA to notify or log these events? > > Otherwise, there don't seem to be any management or operations > considerations that need to be called out. Does this additional paragraph in Section 2 resolve your concerns? When the CA reject the certificate request for any of the reasons listed above, the CA should provide information to the requester about the reason for the rejection to aid with diagnostic efforts. Likewise, the CA should log the rejection events. > = Nits = > > Various public key types (ML-DSA, ML-KEM, ECDSA, ECDH) are mentioned in > the Introduction. Although these are probably terms or art well known to > the target audience, it is good practice to expand them on first use. I added the spelled out name in parentheses after each of these acronyms. Russ -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
