Hi all, the IETF review has ended, so I have uploaded -03 version. Magnus, Dan, the -03 version addresses all your comments. Tim, I left the irtf documents in Normative as per Stephan's comments. I believe that Section 8 correctly references IANA registry: http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml by its name. The paragraph with nit has been removed altogether per Magnus's request. Thank you all very much for the reviews. Cheers, -- Ondřej Surý -- Technical Fellow -------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Milesovska 5, 130 00 Praha 3, Czech Republic mailto:ondrej.sury@xxxxxx https://nic.cz/ -------------------------------------------- ----- Original Message ----- > From: "Ondřej Surý" <ondrej.sury@xxxxxx> > To: "Magnus Nyström" <magnusn@xxxxxxxxx>, "Dan Romascanu" <dromasca@xxxxxxxxx> > Cc: "secdir" <secdir@xxxxxxxx>, "draft-ietf-curdle-dnskey-eddsa" <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx>, "gen-art" > <gen-art@xxxxxxxx>, "ietf" <ietf@xxxxxxxx>, "curdle-chairs" <curdle-chairs@xxxxxxxx>, "curdle" <curdle@xxxxxxxx> > Sent: Monday, 12 December, 2016 10:38:35 > Subject: Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was: Secdir review of draft-ietf-curdle-dnskey-eddsa-02) > Magnus and Dan, > > thanks for the review. > > Magnus, you are right, I have removed the first full paragraph > about "security properties" from Security Considerations > from my git version as the security properties of EdDSA > are better described in Normative references anyway. > > https://gitlab.labs.nic.cz/labs/ietf/commit/7b52c8e2bbe44042a279a81b960270fdd103d9a2 > > Dan, > > good catches, I fixed the nits in the git: > > https://gitlab.labs.nic.cz/labs/ietf/commit/bbfc7ce43fb1f46c91fb7f5de564d907d035aadf > > I would be happy to upload next revision after Last Call > is finished or just let the RFC editors to fix it. > > Cheers, > -- > Ondřej Surý -- Technical Fellow > -------------------------------------------- > CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC > Milesovska 5, 130 00 Praha 3, Czech Republic > mailto:ondrej.sury@xxxxxx https://nic.cz/ > -------------------------------------------- > > ----- Original Message ----- >> From: "Magnus Nyström" <magnusn@xxxxxxxxx> >> To: secdir@xxxxxxxx, "draft-ietf-curdle-dnskey-eddsa" >> <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx> >> Sent: Monday, 12 December, 2016 02:44:18 >> Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02 > >> I have reviewed this document as part of the security directorate's >> ongoing effort to review all IETF documents being processed by the >> IESG. These comments were written primarily for the benefit of the >> security area directors. Document editors and WG chairs should treat >> these comments just like any other last call comments. >> >> This document describes how to use two two specific Edwards Curves >> (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and >> ed448. >> >> The only comment I have on this document is that the Security >> Considerations section plainly states, without any reference or proof: >> >> "Ed25519 and Ed448 offers improved security properties and >> implementation characteristics compared to RSA and ECDSA algorithms" >> >> I suggest either adding references to proofs of these statements or >> alternatively just remove the sentence (since it doesn't really add >> anything to the memo); the remaining paragraphs in the Security >> Considerations section is what really covers what someone implementing >> the memo should know or be aware of. >> >> -- Magnus > > ~~~~ > > ----- Original Message ----- >> From: "Dan Romascanu" <dromasca@xxxxxxxxx> >> To: gen-art@xxxxxxxx >> Cc: "draft-ietf-curdle-dnskey-eddsa all" >> <draft-ietf-curdle-dnskey-eddsa.all@xxxxxxxx>, "curdle" <curdle@xxxxxxxx>, >> ietf@xxxxxxxx >> Sent: Sunday, 11 December, 2016 12:21:25 >> Subject: Review of draft-ietf-curdle-dnskey-eddsa-02 > >> Reviewer: Dan Romascanu >> Review result: Ready with Nits >> >> Summary: Ready, with nits >> >> I am not an expert in this field, but the document seems to meet its >> goals, it's clear and precise >> >> Major issues: >> >> Minor issues: >> >> Nits/editorial comments: >> >> 1. Section 4: s/Section5.1.7/Sections 5.1.7/ >> >> 2. Section 8: 'The following entry has been added to >> the registry' - I may be wrong, but the section seems to define two > > new entries in the registry rather than one