Telechat Review of draft-gutmann-scep-10
review-gutmann-scep-10-opsdir-telechat-hares-2018-04-26-00

Request Review of draft-gutmann-scep
Requested rev. no specific revision (document currently at 14)
Type Telechat Review
Team Ops Directorate (opsdir)
Deadline 2018-03-06
Requested 2018-01-25
Authors Peter Gutmann
Draft last updated 2018-04-26
Completed reviews Opsdir Telechat review of -10 by Susan Hares (diff)
Genart Telechat review of -08 by Christer Holmberg (diff)
Genart Last Call review of -09 by Christer Holmberg (diff)
Assignment Reviewer Susan Hares
State Completed
Review review-gutmann-scep-10-opsdir-telechat-hares-2018-04-26
Reviewed rev. 10 (document currently at 14)
Review result Ready
Review completed: 2018-04-26

Review
review-gutmann-scep-10-opsdir-telechat-hares-2018-04-26

caveat:  I am not a security expert famliy with the deployment of the SCEP protocol. If an operational experience with this protocol is required for this review, I suggest you obtain a secondary review. 

General comments: The document summarizes in a readable fashion all the issues I could image regarding this protocol's deployment issues.  Issues of scale and security have been examined.   

Editorial:
p. 19, section 3.3.1, British spelling of authorization is used (authorisation). RFC editor may want to change or author may want to change to US spelling.

p. 26 - I appreciate the use of  non-idempotent and idempotent in this section.  I hope this is normal language for the security area.