Hi, I have been selected as the Operational Directorate (opsdir) reviewer for this Internet-Draft. The Operational Directorate reviews all operational and management-related Internet-Drafts to ensure alignment with operational best practices and that adequate operational considerations are covered. A complete set of _"Guidelines for Considering Operations and Management in IETF Specifications"_ can be found at https://datatracker.ietf.org/doc/draft-opsarea-rfc5706bis/. While these comments are primarily for the Operations and Management Area Directors (Ops ADs), the authors should consider them alongside other feedback received. - Document: draft-ietf-rats-corim-09 - Reviewer: Giuseppe Fioccola - Review Date: 2026-01-09 - Intended Status: Standards Track --- ## Summary - Has Issues: I have some minor concerns about this document that I think should be resolved before publication. ## General Operational Comments Alignment with RFC 5706bis > This document specifies CoRIM (Concise Reference Integrity Manifest). It is a data model which is used to realize a CBOR encoding suitable for cryptographic operations and transmission over computer networks. Section 10 reports the implementation status. > The Operational Considerations section is missing and should be included, according to draft-ietf-opsawg-rfc5706bis. In particular, it would be good to add a description of how CoRIM is going to be deployed and managed, including potential backward compatibility issues. ## Major Issues > From an OPSDIR point of view, the addition of an Operational Considerations section is recommended. --- ## Minor Issues > Since Section 8 describes the appraisal of CoRIM-based inputs, it clarifies the CoRIM usage and it is quite relevant. I think Section 8 (or part of it) can be moved earlier in the document (e.g before Section 4) in order to allow the reader to better understand the mechanism from the beginning. --- ## Nits > In Section 2, it is mentioned that the document defines the ACS but I would add a pointer to Section 9 where ACS and ARS are further detailed. > I would also change the description of Table 1 in Section 2.2 in order to explain how is it related with the ACS and ARS. > In Section 3, Table 2 introduces the naming conventions but I suggest to provide context for the reader. Maybe a reference to RFC 8610 is needed to understand the types. > Considering that the document also specifies CoMID tags in Section 5 and CoTL tags in Section 6, I suggest to better highlight this point in the Introduction. Maybe, since the document is quite long, a description of the structure of document would be needed in the Introduction. > Out of curiosity, did you consider to move the entire Section 9 to a separate draft? ---