Last Call Review of draft-ietf-lamps-rfc5751-bis-07
review-ietf-lamps-rfc5751-bis-07-opsdir-lc-wang-2018-04-15-00

Request Review of draft-ietf-lamps-rfc5751-bis
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2018-04-27
Requested 2018-04-13
Other Reviews Genart Last Call review of -07 by David Schinazi (diff)
Secdir Last Call review of -07 by Daniel Migault (diff)
Secdir Telechat review of -10 by Daniel Migault (diff)
Review State Completed
Reviewer Zitao Wang
Review review-ietf-lamps-rfc5751-bis-07-opsdir-lc-wang-2018-04-15
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/vN_l3v6U6TZrLCjmJgkx-Bf_TOw
Reviewed rev. 07 (document currently at 12)
Review result Has Nits
Draft last updated 2018-04-15
Review completed: 2018-04-15

Review
review-ietf-lamps-rfc5751-bis-07-opsdir-lc-wang-2018-04-15

I have reviewed this document as part of the Operational directorate’s ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.  Document editors and WG chairs should treat these comments just like any other last call comments.

Document reviewed:  draft-ietf-lamps-rfc5751-bis-07

Summary: 

This document defines Secure/Multipurpose Internet Mail Extensions (S/MIME) version 4.0.  S/MIME provides a consistent way to send and receive secure MIME data.  Digital signatures provide authentication, message integrity, and non-repudiation with proof of origin. Encryption provides data confidentiality.  Compression can be used to reduce data size.  This document obsoletes RFC 5751.

Firstly, this document list a set of encryption algorithm, but a lot of them miss references, it difficult to understanding, especially for the reader who may lack of the encryption knowledges. For example:

 Section 1.5: 

 s/key wrapping algorithm/key wrapping algorithm[rfc3394]

 s/Diffie-Hellman (DH) algorithm/Diffie-Hellman (DH) algorithm [rfc2631] 

 s/RSA public key algorithm/RSA public key algorithm [RFC3447]
 Section 2.2:

 s/RSA PKCS#1 v1.5/RSA PKCS#1 v1.5 [RFC2313]

And there are some terminologies or abbreviations which are used without explaining, especially for some first appear. For example:

  Section 2.2.  

  s/ECDSA/Elliptic Curve Digital Signature Algorithm (ECDSA)
  
  s/EdDSA/Edwards-curve Digital Signature Algorithm (EdDSA)

Other nits:

  Obsolete normative reference: RFC 2138 (Obsoleted by RFC 2865)

  Obsolete normative reference: RFC 4288 (Obsoleted by RFC 6838)