Magnus and Dan, thanks for the review. Magnus, you are right, I have removed the first full paragraph about "security properties" from Security Considerations from my git version as the security properties of EdDSA are better described in Normative references anyway. https://gitlab.labs.nic.cz/labs/ietf/commit/7b52c8e2bbe44042a279a81b960270fdd103d9a2 Dan, good catches, I fixed the nits in the git: https://gitlab.labs.nic.cz/labs/ietf/commit/bbfc7ce43fb1f46c91fb7f5de564d907d035aadf I would be happy to upload next revision after Last Call is finished or just let the RFC editors to fix it. Cheers, -- Ondřej Surý -- Technical Fellow -------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Milesovska 5, 130 00 Praha 3, Czech Republic mailto:ondrej.sury@xxxxxx https://nic.cz/ -------------------------------------------- ----- Original Message ----- > From: "Magnus Nyström" <magnusn@xxxxxxxxx> > To: secdir@xxxxxxxx, "draft-ietf-curdle-dnskey-eddsa" <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx> > Sent: Monday, 12 December, 2016 02:44:18 > Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02 > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > This document describes how to use two two specific Edwards Curves > (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and > ed448. > > The only comment I have on this document is that the Security > Considerations section plainly states, without any reference or proof: > > "Ed25519 and Ed448 offers improved security properties and > implementation characteristics compared to RSA and ECDSA algorithms" > > I suggest either adding references to proofs of these statements or > alternatively just remove the sentence (since it doesn't really add > anything to the memo); the remaining paragraphs in the Security > Considerations section is what really covers what someone implementing > the memo should know or be aware of. > > -- Magnus ~~~~ ----- Original Message ----- > From: "Dan Romascanu" <dromasca@xxxxxxxxx> > To: gen-art@xxxxxxxx > Cc: "draft-ietf-curdle-dnskey-eddsa all" <draft-ietf-curdle-dnskey-eddsa.all@xxxxxxxx>, "curdle" <curdle@xxxxxxxx>, > ietf@xxxxxxxx > Sent: Sunday, 11 December, 2016 12:21:25 > Subject: Review of draft-ietf-curdle-dnskey-eddsa-02 > Reviewer: Dan Romascanu > Review result: Ready with Nits > > Summary: Ready, with nits > > I am not an expert in this field, but the document seems to meet its > goals, it's clear and precise > > Major issues: > > Minor issues: > > Nits/editorial comments: > > 1. Section 4: s/Section5.1.7/Sections 5.1.7/ > > 2. Section 8: 'The following entry has been added to > the registry' - I may be wrong, but the section seems to define two > new entries in the registry rather than one