I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at

<

http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Document: draft-wallace-est-alt-challenge-05.txt
Reviewer: Elwyn Davies
Review Date: 2016/03/11
IETF LC End Date: 2016/03/09
IESG Telechat date: 2016/03/17



Summary:  Ready with minor nits and a (new) downref issue for RFC 2985 


(importation of PKCS #9).  Thanks for addressing my comments on -04 at 


last call.




Major issues:
None

Minor issues:
Downref issue: idnits identifies three downref issues:


- RFC 5912 was in the previous version and is in the downref registry 


already, so needn't concern us.


- RFC 2985 has been moved from Informative in -04 to Normative in -05.  


Since RFC 2985 is a reproduction of a a external standard, I don't think 


there should be any issue here, but the reference probably ought to be 


normative, and should have been called out in the last call - apologies 


for failing to point this out in my LC review.


-RFC 7107 is only used to flag the definition of the SMI Security for 


S/MIME Attributes registry.  I think this could safely be taken as 


informative.




Thus the only real issue is with RFC 2985.

Nits/editorial comments:
Abstract: Must not have references s/[RFC2985]/(RFC 2985)/



s3: Currently s3.1 states in the text that the maximum length of the 


DirectoryString is 255.  ss3.2 and 3.3 have this defined in the ASN.1 


but not in the text.  It would make things consistent if this was stated 


in para 2 of s3:


s/defined as a DirectoryString/defined as a DirectoryString with maximum 


length 255/






s4, last para: s/(see [RFC7030], s3.7 second paragraph)/(see Section 3.7 


of [RFC3070])/