[TLS] Document write-up for TLS 1.2

[<Pasi.Eronen at nokia.com>]

FYI: we've sent draft-ietf-tls-rfc4346-bis-09 to Tim.
The document shepherd write-up is included below.

Best regards,
Pasi 

--------------

(1.a)  Who is the Document Shepherd for this document?  Has the
       Document Shepherd personally reviewed this version of the
       document and, in particular, does he or she believe this
       version is ready for forwarding to the IESG for publication?

Pasi Eronen. Yes.

(1.b)  Has the document had adequate review both from key WG members
       and from key non-WG members?  Does the Document Shepherd have
       any concerns about the depth or breadth of the reviews that
       have been performed?

The document went through WG last call, and although the number 
people who commented the technical details was rather small, 
I don't have concerns about the depth or breadth. 

(1.c)  Does the Document Shepherd have concerns that the document
       needs more review from a particular or broader perspective,
       e.g., security, operational complexity, someone familiar with
       AAA, internationalization, or XML?

No concerns.

(1.d)  Does the Document Shepherd have any specific concerns or
       issues with this document that the Responsible Area Director
       and/or the IESG should be aware of?  For example, perhaps he
       or she is uncomfortable with certain parts of the document, or
       has concerns whether there really is a need for it.  In any
       event, if the WG has discussed those issues and has indicated
       that it still wishes to advance the document, detail those
       concerns here.  

No concerns.

       Has an IPR disclosure related to this document been filed?
       If so, please include a reference to the disclosure and
       summarize the WG discussion and conclusion on this issue.

No IPR disclosures have been filed. 

(1.e)  How solid is the WG consensus behind this document?  Does it
       represent the strong concurrence of a few individuals, with
       others being silent, or does the WG as a whole understand and
       agree with it?

The WG as a whole is behind the document.

(1.f)  Has anyone threatened an appeal or otherwise indicated extreme
       discontent?  If so, please summarize the areas of conflict in
       separate email messages to the Responsible Area Director.  (It
       should be in a separate email because this questionnaire is
       entered into the ID Tracker.)

Nobody has threatened an appeal or otherwise indicated extreme 
discontent. 

(1.g)  Has the Document Shepherd personally verified that the
       document satisfies all ID nits?  (See
       http://www.ietf.org/ID-Checklist.html and
       http://tools.ietf.org/tools/idnits/.)  Boilerplate checks are
       not enough; this check needs to be thorough.  

Yes, I have personally verified both the checklist and the idnits 
tool output.

       Has the document met all formal review criteria it needs to,
       such as the MIB Doctor, media type, and URI type reviews?

No such formal review criteria are applicable.

       If the document does not already indicate its intended status
       at the top of the first page, please indicate the intended
       status here.

The intended status, Proposed Standard, is stated on the first page.

(1.h)  Has the document split its references into normative and
       informative?  Are there normative references to documents that
       are not ready for advancement or are otherwise in an unclear
       state?  If such normative references exist, what is the
       strategy for their completion?  Are there normative references
       that are downward references, as described in [RFC3967]?  If
       so, list these downward references to support the Area
       Director in the Last Call procedure for them [RFC3967].

References are split into normative and informative; all normative 
references look acceptable. 

There is one reference whose normativeness might be subject to
different opinions or discussion: RFC 4492 (ECC cipher suites for
TLS). When RFC 4492 was written, TLS 1.0 and 1.1 did not provide
algorithm agility for digital signatures. There are couple of
sentences in RFC 4492 that simply follow what TLS 1.0/1.1 did in
this respect.

TLS 1.2 (this specification) adds such algorithm agility
functionality, and this functionality applies to all TLS cipher
suites which use signatures (either in TLS messages or
certificates).  The document includes a couple of sentences that
explain how exactly this functionality works in the context of RFC
4492; in other words, things that someone implementing both this
specification and RFC 4492 should pay attention to. These topics
are summarized in Appendix A.7.

Given this, the document has "Updates: RFC 4492" on the cover page 
to draw implementors' attention. However, RFC 4492 is listed as an
informative reference, as this specification can be implemented
without understanding RFC 4492. 

(1.i)  Has the Document Shepherd verified that the document's IANA
       Considerations section exists and is consistent with the body
       of the document?  If the document specifies protocol
       extensions, are reservations requested in appropriate IANA
       registries?  Are the IANA registries clearly identified?  If
       the document creates a new registry, does it define the
       proposed initial contents of the registry and an allocation
       procedure for future registrations?  Does it suggest a
       reasonable name for the new registry?  See [RFC2434].  If the
       document describes an Expert Review process, has the Document
       Shepherd conferred with the Responsible Area Director so that
       the IESG can appoint the needed Expert during IESG Evaluation?

Everything looks OK here. 

(1.j)  Has the Document Shepherd verified that sections of the
       document that are written in a formal language, such as XML
       code, BNF rules, MIB definitions, etc., validate correctly in
       an automated checker?

The only (semi-)formal language used is the TLS presentation 
language (defined in this document), for which no automated tools 
are available. I have checked them manually.

(1.k)  The IESG approval announcement includes a Document
       Announcement Write-Up.  Please provide such a Document
       Announcement Write-Up.  Recent examples can be found in the
       "Action" announcements for approved documents.  The approval
       announcement contains the following sections:

Technical Summary
  
   This document specifies version 1.2 of the Transport Layer
   Security (TLS) protocol. The most important improvements over
   earlier versions are algorithm agility for digital signatures
   and PRFs, and support for authenticated encryption modes. The
   document also merges in AES cipher suites from RFC 3268 and the
   TLS extension mechanism from RFC 4366. Several requirements have
   been also tightened, and text has been clarified based on
   feedback from implementations of earlier versions of TLS.

Working Group Summary

   This document is a product of the Transport Layer 
   Security (TLS) Working Group.

Document Quality

   There is at least one prototype implementation of an earlier
   version of TLS 1.2 Internet-Draft. Several other vendors have
   participated in the work, and have indicated that they plan to
   implement the specification.

Personnel

   The Document Shepherd for this document is Pasi Eronen, and 
   the Responsible Area Director is Tim Polk.

--------------------------

_______________________________________________
TLS mailing list
TLS at ietf.org
http://www.ietf.org/mailman/listinfo/tls