Hi Ondrej,
Thanks for addressing my comments. The nits can be fixed at any time you find more convenient before publication. On Mon, Dec 12, 2016 at 11:38 AM, Ondřej Surý <ondrej.sury@xxxxxx> wrote:
Magnus and Dan,
thanks for the review.
Magnus, you are right, I have removed the first full paragraph
about "security properties" from Security Considerations
from my git version as the security properties of EdDSA
are better described in Normative references anyway.
https://gitlab.labs.nic.cz/labs/ietf/commit/ 7b52c8e2bbe44042a279a81b960270 fdd103d9a2
Dan,
good catches, I fixed the nits in the git:
https://gitlab.labs.nic.cz/labs/ietf/commit/ bbfc7ce43fb1f46c91fb7f5de564d9 07d035aadf
I would be happy to upload next revision after Last Call
is finished or just let the RFC editors to fix it.
Cheers,
--
Ondřej Surý -- Technical Fellow
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury@xxxxxx https://nic.cz/
--------------------------------------------
----- Original Message -----
> From: "Magnus Nyström" <magnusn@xxxxxxxxx>
> To: secdir@xxxxxxxx, "draft-ietf-curdle-dnskey-eddsa" <draft-ietf-curdle-dnskey- eddsa@xxxxxxxx >
> Sent: Monday, 12 December, 2016 02:44:18
> Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG. These comments were written primarily for the benefit of the
> security area directors. Document editors and WG chairs should treat
> these comments just like any other last call comments.
>
> This document describes how to use two two specific Edwards Curves
> (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and
> ed448.
>
> The only comment I have on this document is that the Security
> Considerations section plainly states, without any reference or proof:
>
> "Ed25519 and Ed448 offers improved security properties and
> implementation characteristics compared to RSA and ECDSA algorithms"
>
> I suggest either adding references to proofs of these statements or
> alternatively just remove the sentence (since it doesn't really add
> anything to the memo); the remaining paragraphs in the Security
> Considerations section is what really covers what someone implementing
> the memo should know or be aware of.
>
> -- Magnus
~~~~
----- Original Message -----
> From: "Dan Romascanu" <dromasca@xxxxxxxxx>
> To: gen-art@xxxxxxxx
> Cc: "draft-ietf-curdle-dnskey-eddsa all" <draft-ietf-curdle-dnskey- eddsa.all@xxxxxxxx >, "curdle" <curdle@xxxxxxxx>,
> ietf@xxxxxxxx
> Sent: Sunday, 11 December, 2016 12:21:25
> Subject: Review of draft-ietf-curdle-dnskey-eddsa-02
> Reviewer: Dan Romascanu
> Review result: Ready with Nits
>
> Summary: Ready, with nits
>
> I am not an expert in this field, but the document seems to meet its
> goals, it's clear and precise
>
> Major issues:
>
> Minor issues:
>
> Nits/editorial comments:
>
> 1. Section 4: s/Section5.1.7/Sections 5.1.7/
>
> 2. Section 8: 'The following entry has been added to
> the registry' - I may be wrong, but the section seems to define two
> new entries in the registry rather than one