Last Call Review of draft-ietf-doh-dns-over-https-12
review-ietf-doh-dns-over-https-12-secdir-lc-nystrom-2018-08-16-00

Request Review of draft-ietf-doh-dns-over-https
Requested rev. no specific revision (document currently at 14)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-08-08
Requested 2018-07-25
Authors Paul Hoffman, Patrick McManus
Draft last updated 2018-08-16
Completed reviews Genart Last Call review of -12 by Stewart Bryant (diff)
Tsvart Last Call review of -13 by Fernando Gont (diff)
Secdir Last Call review of -12 by Magnus Nystrom (diff)
Genart Telechat review of -13 by Stewart Bryant (diff)
Assignment Reviewer Magnus Nystrom
State Completed
Review review-ietf-doh-dns-over-https-12-secdir-lc-nystrom-2018-08-16
Reviewed rev. 12 (document currently at 14)
Review result Has Issues
Review completed: 2018-08-16

Review
review-ietf-doh-dns-over-https-12-secdir-lc-nystrom-2018-08-16

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document describes a protocol for sending DNS queries, and
receiving DNS responses, over HTTPS. The document reads well, has rich
privacy and security considerations sections and includes numerous
examples which is very helpful.

Comments:

Section 3: Why remove this section altogether before publication? It
seems it provides some useful information on the background for why
the protocol is designed the way it is?

Section 4: Was the "A DoH client MUST NOT use a different URI simply
because it was discovered outside of the client's configuration"
intended to state: "A DoH client MUST NOT use URIs discovered outside
of the client's configuration"? The latter seems clearer.

Section 10: It is stated that HTTP/2 implementations will benefit from
the TLS 1.2 profile developed for HTTP/2. How about HTTP/1.1
implementations? Should there be a TLS profile for them? Also, any
particular TLS 1.3 considerations - e.g, 0-RTT and the use of the GET
option here?

Editorial:
- It seems like the references section needs some updates - e.g., I
found references to RFC 7828 and RFC 6891 in the text but not in the
references section.

-- 
-- Magnus