Last Call Review of draft-ietf-dice-profile-14

Request Review of draft-ietf-dice-profile
Requested rev. no specific revision (document currently at 17)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2015-09-04
Requested 2015-08-27
Authors Hannes Tschofenig, Thomas Fossati
Draft last updated 2015-09-02
Completed reviews Genart Last Call review of -14 by Brian Carpenter (diff)
Genart Telechat review of -16 by Brian Carpenter (diff)
Opsdir Last Call review of -14 by Tina Tsou (diff)
Opsdir Telechat review of -16 by Tina Tsou (diff)
Assignment Reviewer Brian Carpenter 
State Completed
Review review-ietf-dice-profile-14-genart-lc-carpenter-2015-09-02
Reviewed rev. 14 (document currently at 17)
Review result Ready with Issues
Review completed: 2015-09-02


I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

Document: draft-ietf-dice-profile-14.txt
Reviewer: Brian Carpenter
Review Date: 2015-09-02
IETF LC End Date: 2015-09-04
IESG Telechat date:

Summary:  Ready with issues


This is complicated and I'm not an expert. I went through the whole document but have to
take most of the details on trust.

Major Issues:

One thing puzzles me. Unless I have missed it, the profile is neutral on the choice
described in Section 6 (Credential Types): pre-shared secrets, raw public keys, or
certificates. How does this work to help interoperability in multivendor environments?
Wouldn't it be better to RECOMMEND one?

((The answer to this interests me in the Anima context too.))

Would it be possible to add a summary table of the MUST, SHOULD, MAY and MUST NOT
items in the profile? At the moment there is a lot of prose and nothing that
can be used as an implementer's check list.

Minor Issues:

"  Figure 7 shows an example interaction... The IPv6
   multicast address used for site-local discovery is FF02::FD."

Where does ff02::fd come from? Is it just used as an example? That isn't clear
in the text. (IANA lists it as "variable scope allocation".)

((Incidentally, this is a side track, but note that a command such as
GET coap://[FF02::FD]/.well-known/core is problematic in a device with more
than one interface, unless you support RFC6874.))

"6.4.2.  Certificates used by Clients

   For client certificates the identifier used in the SubjectAltName or
   in the leftmost CN component of subject name MUST be an EUI-64, as
   mandated in Section of [RFC7252]."

Actually it is not mandated there, it is only suggested:
"  The subject in the certificate would be built out of a long-term
   unique identifier for the device such as the EUI-64 [EUI64]."
You can certainly choose to mandate it here, but s/mandated/described/
in the text.

However, I am confused by this MUST in 6.4.2, and other normative keywords in Section 6.
Are we now in the specification of the DICE profile, or are we still in the descriptive text?
I would expect a very clear break in the text when we move from description to specification.
Looking at the table of contents, I can't figure out where that point is.

OK, now I found a sentence at the beginning: "If you are familiar with (D)TLS, then
skip ahead to Section 6." But please reflect this in the arrangement of the sections.
I would suggest nesting sections 3,4, and 5 within a single "Overview" section, and put
something at start of section 6 to make it clear that is where the profile starts.
Or nest sections 6 etc. inside a single "Profile" section.


The RFC2119 boilerplate is messed up.

== Outdated reference: draft-ietf-tls-sslv3-diediedie has been published as
   RFC 7568

The downref to RFC7251 was not mentioned in the last call and that RFC isn't
in the downref registry. ((Yes, I've been in the IESG and I know how
annoying this can be, but it's a process glitch.))