ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt> (Updated TLS Server Identity Check Procedure for Email Related Protocols) to Proposed Standard

2015-11-20 15:37:57
from [Russ Housley] [Permanent Link] 
I support this document going forward.  Below I suggest four improvements to 
the document.

(1)  In Introduction says:

   Note that this document doesn't apply to use of TLS in MTA-to-MTA
   SMTP.

Can this be enhanced to include a pointer to where this can be found?


(2)  The next paragraph in the Introduction says:

   The main goal of the document is to provide consistent TLS server
   identity verification procedure across multiple email related
   protocols.

Since this is a standards-track document, I think it would be better to say:

   This document provides a consistent TLS server identity
   verification procedure across multiple email related protocols.


(3)  Section 2 does a lot by reference, which is fine.  I think it would help 
the reader to duplicate a bit of context from RFC 6125, in particular repeating 
the definitions of CN-ID, DNS-ID, and SRV-ID.


(4)  Section 3 needs to state first that the certificate passes certification 
path validation as described in Section 6 of RFC 5280, and second passes the 
email-specific rules in this section.

Russ
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Weekly posting summary for ietf(_at_)ietf(_dot_)org, Thomas Narten
Next by Date:  RE: [Gen-art] Gen-art LC review: draft-ietf-isis-route-preference-02, Les Ginsberg (ginsberg)
Previous by Thread:  fetching IETF/IRTF material programmatically, Dirk Kutscher
Next by Thread:  Re: Last Call: <draft-ietf-uta-email-tls-certs-05.txt> (Updated TLS Server Identity Check Procedure for Email Related Protocols) to Proposed Standard, Samir Srivastava
Indexes:  [Date] [Thread] [Top] [All Lists]