Telechat Review of draft-ietf-tls-cached-info-20

Request Review of draft-ietf-tls-cached-info
Requested rev. no specific revision (document currently at 23)
Type Telechat Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2015-12-15
Requested 2015-11-25
Authors Stefan Santesson, Hannes Tschofenig
Draft last updated 2015-12-16
Completed reviews Genart Last Call review of -20 by Jouni Korhonen (diff)
Genart Telechat review of -20 by Jouni Korhonen (diff)
Secdir Last Call review of -20 by Matthew Miller (diff)
Assignment Reviewer Jouni Korhonen 
State Completed
Review review-ietf-tls-cached-info-20-genart-telechat-korhonen-2015-12-16
Reviewed rev. 20 (document currently at 23)
Review result Ready
Review completed: 2015-12-16


I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at

Please resolve these comments along with any other Last Call comments you may receive.

Document: draft-ietf-tls-cached-info-20
Reviewer: Jouni Korhonen
Review Date: 2015-11-29
IETF LC End Date: 2015-12-04
IESG Telechat date: 2015-12-17


Ready for publication with some nits.


The document was good read and easy to understand.

Minor issues/nits:

* IDnits spits out some warning & comments that all seem to be bogus. However, the normative reference to RFC 4634 needs to be replaced with RFC 6234.

* The document describes in few places how the mechanisms specified extends/updates the Certificate and CertificateRequest structures. So maybe the draft should also state that in its boilerplate “Updates: 5246, 7250” ?

* Line 99: s/its’/its

* Line 164: s/data\.\./data\.

* Section 5 talks about “input data” for the hash & fingerprint calculation. What the “input data” exactly is becomes obvious after reading the Appendix A. However, for non-TLS WG activist it was not obvious from the first sight. Suggest adding a forward reference to Appendix A example.

* Section 6 uses [0], [1], .. [4]. While these are perfectly correct they can be mixed with references in the first sight -> few seconds of confusion ;) I would suggest using (0), .. (4). 

* The document uses referencing all styles “RFC 7250 [RFC7250]”, “RFC 7250” and “[RFC7250]”. Pick one.

* It is unclear to me what happens & what are the procedures when two different “input data”s generate the same fingerprint.