Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was: Secdir review of draft-ietf-curdle-dnskey-eddsa-02)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Magnus and Dan,

thanks for the review.

Magnus, you are right, I have removed the first full paragraph
about "security properties" from Security Considerations
from my git version as the security properties of EdDSA
are better described in Normative references anyway.

https://gitlab.labs.nic.cz/labs/ietf/commit/7b52c8e2bbe44042a279a81b960270fdd103d9a2

Dan,

good catches, I fixed the nits in the git:

https://gitlab.labs.nic.cz/labs/ietf/commit/bbfc7ce43fb1f46c91fb7f5de564d907d035aadf

I would be happy to upload next revision after Last Call
is finished or just let the RFC editors to fix it.

Cheers,
--
 Ondřej Surý -- Technical Fellow
 --------------------------------------------
 CZ.NIC, z.s.p.o.    --     Laboratoře CZ.NIC
 Milesovska 5, 130 00 Praha 3, Czech Republic
 mailto:ondrej.sury@xxxxxx    https://nic.cz/
 --------------------------------------------

----- Original Message -----
> From: "Magnus Nyström" <magnusn@xxxxxxxxx>
> To: secdir@xxxxxxxx, "draft-ietf-curdle-dnskey-eddsa" <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx>
> Sent: Monday, 12 December, 2016 02:44:18
> Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02

> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG. These comments were written primarily for the benefit of the
> security area directors. Document editors and WG chairs should treat
> these comments just like any other last call comments.
> 
> This document describes how to use two two specific Edwards Curves
> (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and
> ed448.
> 
> The only comment I have on this document is that the Security
> Considerations section plainly states, without any reference or proof:
> 
> "Ed25519 and Ed448 offers improved security properties and
> implementation characteristics compared to RSA and ECDSA algorithms"
> 
> I suggest either adding references to proofs of these statements or
> alternatively just remove the sentence (since it doesn't really add
> anything to the memo); the remaining paragraphs in the Security
> Considerations section is what really covers what someone implementing
> the memo should know or be aware of.
> 
> -- Magnus

~~~~

----- Original Message -----
> From: "Dan Romascanu" <dromasca@xxxxxxxxx>
> To: gen-art@xxxxxxxx
> Cc: "draft-ietf-curdle-dnskey-eddsa all" <draft-ietf-curdle-dnskey-eddsa.all@xxxxxxxx>, "curdle" <curdle@xxxxxxxx>,
> ietf@xxxxxxxx
> Sent: Sunday, 11 December, 2016 12:21:25
> Subject: Review of draft-ietf-curdle-dnskey-eddsa-02

> Reviewer: Dan Romascanu
> Review result: Ready with Nits
> 
> Summary: Ready, with nits
> 
> I am not an expert in this field, but the document seems to meet its
> goals, it's clear and precise
> 
> Major issues:
> 
> Minor issues:
> 
> Nits/editorial comments:
> 
> 1. Section 4: s/Section5.1.7/Sections 5.1.7/
> 
> 2. Section 8: 'The following entry has been added to
>   the registry' - I may be wrong, but the section seems to define two
> new entries in the registry rather than one





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]