Dear authors
Thanks a lot for the work on the document (and as well thanks to all reviewers).
Please fix the following issues and upload a new version.
>From Brian Carpenters review:
1. Michaels recommendation: Please replace URL for reference [BRSKI-AE-overview]
with one pointing to the slide deck from the last IETF ANIMA WG presentation
in which the slide was shown, using the IETF proceeding URL, as those are
deemed to be stable references.
Shepherd review suggestions:
2. I would suggest to move RFC7030 to normative references. This would make
it consistent with lightweight CMP references also being normative, and given
how the endpoint naming scheme is derived and meant to be backward compatible
with
EST, and EST being explicitly mentioned several times in that context..
3. Please introduce abbreviation LwCMP at an appropriate place where
Lightweight CMP
is expanded, because you are using LwCMP in a picture without explanation.
Once you have uploaded a new version and once we've received all authors IPR
replies,
we can advance the document to our AD.
FYI below is tentative shepherd writeup to be posted with the fixed version.
Cheers
Toerless
--------
> # Document Shepherd Write-Up for Group Documents
>
> *This version is dated 4 July 2022.*
>
> Thank you for your service as a document shepherd. Among the responsibilities
> is
> answering the questions in this write-up to give helpful context to Last Call
> and Internet Engineering Steering Group ([IESG][1]) reviewers, and your
> diligence in completing it is appreciated. The full role of the shepherd is
> further described in [RFC 4858][2]. You will need the cooperation of the
> authors
> and editors to complete these checks.
>
> Note that some numbered items contain multiple related questions; please be
> sure
> to answer all of them.
>
> ## Document History
>
> 1. Does the working group (WG) consensus represent the strong concurrence of a
> few individuals, with others being silent, or did it reach broad agreement?
The document represents broad consensus of the working group.
> 2. Was there controversy about particular points, or were there decisions
> where
> the consensus was particularly rough?
There where no controversies or rough consensus.
The document did during WG adoption get split up into two documents
(the second one is draft-ietf-anima-brski-prm), because the WG felt that it
would be easier to finish the two quite disjoint areas of the original document
by doing that split.
As a result of this split, some of the early reviews of the document are now
irrelevant, especially the YANG doctors review, because the document as it is
finalized now does not contain any YANG. That part was all moved to the second
document.
> 3. Has anyone threatened an appeal or otherwise indicated extreme discontent?
> If
> so, please summarize the areas of conflict in separate email messages to
> the
> responsible Area Director. (It should be in a separate email because this
> questionnaire is publicly available.)
No.
> 4. For protocol documents, are there existing implementations of the contents
> of
> the document? Have a significant number of potential implementers indicated
> plans to implement? Are any existing implementations reported somewhere,
> either in the document itself (as [RFC 7942][3] recommends) or elsewhere
> (where)?
There are two known non-public-domain BRSKI-AE enhanced registrar
implementations
by Siemens (from co-authors), one PoC, and a second upcoming candidate product
level
implementation. There is also a BRSKI-AE enhanced pledge library from Siemens.
There are no implementation reports written down in documents.
> ## Additional Reviews
>
> 5. Do the contents of this document closely interact with technologies in
> other
> IETF working groups or external organizations, and would it therefore
> benefit
> from their review? Have those reviews occurred? If yes, describe which
> reviews took place.
As described above, there was a YANG doctors review, but it is now irrelevant.
Because everything in BRSKI variations is security relevant, we did requrest an
early SECdir review, which was performed by Barry Leiba and all issues uncovered
there where resolved. We therefore think the document is in a good state wrt.
to IETF security expectations.
There is a dependency against two drafts from the IETF LAMPS WG,
I-D.ietf-lamps-cmp-updates and I-D.ietf-lamps-lightweight-cmp-profile, both of
which where
developed also specifically in support of this document. Coordination with
LAMPS WG
was done via shared authorship across those three documents, aka: LAMPS WG is
aware
of ANIMA being an application of lightweight CMP work.
> 6. Describe how the document meets any required formal expert review criteria,
> such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.
NA: No formal languages used, no IANA requests.
> 7. If the document contains a YANG module, has the final version of the module
> been checked with any of the [recommended validation tools][4] for syntax
> and
> formatting validation? If there are any resulting errors or warnings, what
> is
> the justification for not fixing them at this time? Does the YANG module
> comply with the Network Management Datastore Architecture (NMDA) as
> specified
> in [RFC 8342][5]?
NA.
> 8. Describe reviews and automated checks performed to validate sections of the
> final version of the document written in a formal language, such as XML
> code,
> BNF rules, MIB definitions, CBOR's CDDL, etc.
NA.
> ## Document Shepherd Checks
>
> 9. Based on the shepherd's review of the document, is it their opinion that
> this
> document is needed, clearly written, complete, correctly designed, and
> ready
> to be handed off to the responsible Area Director?
Yes. This document is needed because it describes how to extend BRSKI
generically to support more
enrollment protocols beside EST. This will allow much broader adoption of BRSKI
mechanisms. The document specifically refers to the co-developed (to be) RFCs
to use lightweight CMP as the first instance of such alternative enrolment
protocols.
The document is clearly written, complete, correctly designed and ready to be
handed off to the responsible AD.
> 10. Several IETF Areas have assembled [lists of common issues that their
> reviewers encounter][6]. For which areas have such issues been identified
> and addressed? For which does this still need to happen in subsequent
> reviews?
The shepherd has looked through the wiki page (*) and could not identify
specific
areas that this document could have problems with. This is primarily because
all the formalism aspects are covered by the co-written CMP drafts in LAMPS
(in the opinion of the shepherd, as also shown by absence of IANA requests
here).
(*) Please note that te shepherd template should be updated to point to the
new wiki page instead of the old one.
TBD.
> 11. What type of RFC publication is being requested on the IETF stream ([Best
> Current Practice][12], [Proposed Standard, Internet Standard][13],
> [Informational, Experimental or Historic][14])? Why is this the proper
> type
> of RFC? Do all Datatracker state attributes correctly reflect this intent?
Proposed Standard.
> 12. Have reasonable efforts been made to remind all authors of the
> intellectual
> property rights (IPR) disclosure obligations described in [BCP 79][7]? To
> the best of your knowledge, have all required disclosures been filed? If
> not, explain why. If yes, summarize any relevant discussion, including
> links
> to publicly-available messages when applicable.
Yes. All authors have responded to the IPR disclosure request, and are not
aware of IPR
against this document.
> 13. Has each author, editor, and contributor shown their willingness to be
> listed as such? If the total number of authors and editors on the front
> page
> is greater than five, please provide a justification.
Yes, each author confirmed willingness to be author.
Total number of authors is 3.
> 14. Document any remaining I-D nits in this document. Simply running the
> [idnits
> tool][8] is not enough; please review the ["Content Guidelines" on
> authors.ietf.org][15]. (Also note that the current idnits tool generates
> some incorrect warnings; a rewrite is underway.)
>
> 15. Should any informative references be normative or vice-versa? See the
> [IESG
> Statement on Normative and Informative References][16].
The shepherd thinks that the document correctly classifies all its references as
normative or informative.
> 16. List any normative references that are not freely available to anyone. Did
> the community have sufficient access to review any such normative
> references?
IEEE 802.1 AR is the only normative non-RFC reference, which is a common
dependency in IETF certificate security systems, including RFC8995, so there
is no new reference with non-free access issues, but only the same one that
ANIMA had to rely on since the WG inception.
> 17. Are there any normative downward references (see [RFC 3967][9] and [BCP
> 97][10]) that are not already listed in the [DOWNREF registry][17]? If so,
> list them.
No.
> 18. Are there normative references to documents that are not ready to be
> submitted to the IESG for publication or are otherwise in an unclear
> state?
> If so, what is the plan for their completion?
No. (CMP drafts are in RFC editor queue at time of Shepherd writeup).
> 19. Will publication of this document change the status of any existing RFCs?
> If
> so, does the Datatracker metadata correctly reflect this and are those
> RFCs
> listed on the title page, in the abstract, and discussed in the
> introduction? If not, explain why and point to the part of the document
> where the relationship of this document to these other RFCs is discussed.
NA: No changes in status of existing RFCs.
> 20. Describe the document shepherd's review of the IANA considerations
> section,
> especially with regard to its consistency with the body of the document.
> Confirm that all aspects of the document requiring IANA assignments are
> associated with the appropriate reservations in IANA registries. Confirm
> that any referenced IANA registries have been clearly identified. Confirm
> that each newly created IANA registry specifies its initial contents,
> allocations procedures, and a reasonable name (see [RFC 8126][11]).
NA.
> 21. List any new IANA registries that require Designated Expert Review for
> future allocations. Are the instructions to the Designated Expert clear?
> Please include suggestions of designated experts, if appropriate.
NA.
> [1]: https://www.ietf.org/about/groups/iesg/
> [2]: https://www.rfc-editor.org/rfc/rfc4858.html
> [3]: https://www.rfc-editor.org/rfc/rfc7942.html
> [4]: https://trac.ietf.org/trac/ops/wiki/yang-review-tools
> [5]: https://www.rfc-editor.org/rfc/rfc8342.html
> [6]: https://trac.ietf.org/trac/iesg/wiki/ExpertTopics
> [7]: https://www.rfc-editor.org/info/bcp79
> [8]: https://www.ietf.org/tools/idnits/
> [9]: https://www.rfc-editor.org/rfc/rfc3967.html
> [10]: https://www.rfc-editor.org/info/bcp97
> [11]: https://www.rfc-editor.org/rfc/rfc8126.html
> [12]: https://www.rfc-editor.org/rfc/rfc2026.html#section-5
> [13]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.1
> [14]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.2
> [15]: https://authors.ietf.org/en/content-guidelines-overview
> [16]:
> https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/
> [17]: https://datatracker.ietf.org/doc/downref/
EOF.
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
