Thank you for addressing my comments.
Regards,On Sat, Dec 17, 2016 at 9:01 AM, Ondřej Surý <ondrej.sury@xxxxxx> wrote:
Hi all,
the IETF review has ended, so I have uploaded -03 version.
Magnus, Dan,
the -03 version addresses all your comments.
Tim,
I left the irtf documents in Normative as per Stephan's comments.
I believe that Section 8 correctly references IANA registry:
http://www.iana.org/assignments/dns-sec-alg- numbers/dns-sec-alg-numbers. xhtml
by its name.
The paragraph with nit has been removed altogether per Magnus's request.
Thank you all very much for the reviews.
Cheers,
--
Ondřej Surý -- Technical Fellow
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury@xxxxxx https://nic.cz/
--------------------------------------------
----- Original Message -----
> From: "Ondřej Surý" <ondrej.sury@xxxxxx>
> To: "Magnus Nyström" <magnusn@xxxxxxxxx>, "Dan Romascanu" <dromasca@xxxxxxxxx>
> Cc: "secdir" <secdir@xxxxxxxx>, "draft-ietf-curdle-dnskey-eddsa" <draft-ietf-curdle-dnskey- eddsa@xxxxxxxx >, "gen-art"
> <gen-art@xxxxxxxx>, "ietf" <ietf@xxxxxxxx>, "curdle-chairs" <curdle-chairs@xxxxxxxx>, "curdle" <curdle@xxxxxxxx>
> Sent: Monday, 12 December, 2016 10:38:35
> Subject: Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was: Secdir review of draft-ietf-curdle-dnskey- eddsa-02)
> Magnus and Dan,
>
> thanks for the review.
>
> Magnus, you are right, I have removed the first full paragraph
> about "security properties" from Security Considerations
> from my git version as the security properties of EdDSA
> are better described in Normative references anyway.
>
> https://gitlab.labs.nic.cz/labs/ietf/commit/ 7b52c8e2bbe44042a279a81b960270 fdd103d9a2
>
> Dan,
>
> good catches, I fixed the nits in the git:
>
> https://gitlab.labs.nic.cz/labs/ietf/commit/ bbfc7ce43fb1f46c91fb7f5de564d9 07d035aadf
>
> I would be happy to upload next revision after Last Call
> is finished or just let the RFC editors to fix it.
>
> Cheers,
> --
> Ondřej Surý -- Technical Fellow
> --------------------------------------------
> CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
> Milesovska 5, 130 00 Praha 3, Czech Republic
> mailto:ondrej.sury@xxxxxx https://nic.cz/
> --------------------------------------------
>
> ----- Original Message -----
>> From: "Magnus Nyström" <magnusn@xxxxxxxxx>
>> To: secdir@xxxxxxxx, "draft-ietf-curdle-dnskey-eddsa"
>> <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx >
>> Sent: Monday, 12 December, 2016 02:44:18
>> Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02
>
>> I have reviewed this document as part of the security directorate's
>> ongoing effort to review all IETF documents being processed by the
>> IESG. These comments were written primarily for the benefit of the
>> security area directors. Document editors and WG chairs should treat
>> these comments just like any other last call comments.
>>
>> This document describes how to use two two specific Edwards Curves
>> (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and
>> ed448.
>>
>> The only comment I have on this document is that the Security
>> Considerations section plainly states, without any reference or proof:
>>
>> "Ed25519 and Ed448 offers improved security properties and
>> implementation characteristics compared to RSA and ECDSA algorithms"
>>
>> I suggest either adding references to proofs of these statements or
>> alternatively just remove the sentence (since it doesn't really add
>> anything to the memo); the remaining paragraphs in the Security
>> Considerations section is what really covers what someone implementing
>> the memo should know or be aware of.
>>
>> -- Magnus
>
> ~~~~
>
> ----- Original Message -----
>> From: "Dan Romascanu" <dromasca@xxxxxxxxx>
>> To: gen-art@xxxxxxxx
>> Cc: "draft-ietf-curdle-dnskey-eddsa all"
>> <draft-ietf-curdle-dnskey-eddsa.all@xxxxxxxx >, "curdle" <curdle@xxxxxxxx>,
>> ietf@xxxxxxxx
>> Sent: Sunday, 11 December, 2016 12:21:25
>> Subject: Review of draft-ietf-curdle-dnskey-eddsa-02
>
>> Reviewer: Dan Romascanu
>> Review result: Ready with Nits
>>
>> Summary: Ready, with nits
>>
>> I am not an expert in this field, but the document seems to meet its
>> goals, it's clear and precise
>>
>> Major issues:
>>
>> Minor issues:
>>
>> Nits/editorial comments:
>>
>> 1. Section 4: s/Section5.1.7/Sections 5.1.7/
>>
>> 2. Section 8: 'The following entry has been added to
>> the registry' - I may be wrong, but the section seems to define two
> > new entries in the registry rather than one