Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was: Secdir review of draft-ietf-curdle-dnskey-eddsa-02)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Same here. Thank you!
/M

On Fri, Dec 16, 2016 at 11:11 PM, Dan Romascanu <dromasca@xxxxxxxxx> wrote:
> Thank you for addressing my comments.
>
> Regards,
>
> Dan
>
>
> On Sat, Dec 17, 2016 at 9:01 AM, Ondřej Surý <ondrej.sury@xxxxxx> wrote:
>>
>> Hi all,
>>
>> the IETF review has ended, so I have uploaded -03 version.
>>
>> Magnus, Dan,
>>
>> the -03 version addresses all your comments.
>>
>> Tim,
>>
>> I left the irtf documents in Normative as per Stephan's comments.
>>
>> I believe that Section 8 correctly references IANA registry:
>>
>> http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml
>> by its name.
>>
>> The paragraph with nit has been removed altogether per Magnus's request.
>>
>> Thank you all very much for the reviews.
>>
>> Cheers,
>> --
>>  Ondřej Surý -- Technical Fellow
>>  --------------------------------------------
>>  CZ.NIC, z.s.p.o.    --     Laboratoře CZ.NIC
>>  Milesovska 5, 130 00 Praha 3, Czech Republic
>>  mailto:ondrej.sury@xxxxxx    https://nic.cz/
>>  --------------------------------------------
>>
>> ----- Original Message -----
>> > From: "Ondřej Surý" <ondrej.sury@xxxxxx>
>> > To: "Magnus Nyström" <magnusn@xxxxxxxxx>, "Dan Romascanu"
>> > <dromasca@xxxxxxxxx>
>> > Cc: "secdir" <secdir@xxxxxxxx>, "draft-ietf-curdle-dnskey-eddsa"
>> > <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx>, "gen-art"
>> > <gen-art@xxxxxxxx>, "ietf" <ietf@xxxxxxxx>, "curdle-chairs"
>> > <curdle-chairs@xxxxxxxx>, "curdle" <curdle@xxxxxxxx>
>> > Sent: Monday, 12 December, 2016 10:38:35
>> > Subject: Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was:
>> > Secdir review of draft-ietf-curdle-dnskey-eddsa-02)
>>
>> > Magnus and Dan,
>> >
>> > thanks for the review.
>> >
>> > Magnus, you are right, I have removed the first full paragraph
>> > about "security properties" from Security Considerations
>> > from my git version as the security properties of EdDSA
>> > are better described in Normative references anyway.
>> >
>> >
>> > https://gitlab.labs.nic.cz/labs/ietf/commit/7b52c8e2bbe44042a279a81b960270fdd103d9a2
>> >
>> > Dan,
>> >
>> > good catches, I fixed the nits in the git:
>> >
>> >
>> > https://gitlab.labs.nic.cz/labs/ietf/commit/bbfc7ce43fb1f46c91fb7f5de564d907d035aadf
>> >
>> > I would be happy to upload next revision after Last Call
>> > is finished or just let the RFC editors to fix it.
>> >
>> > Cheers,
>> > --
>> > Ondřej Surý -- Technical Fellow
>> > --------------------------------------------
>> > CZ.NIC, z.s.p.o.    --     Laboratoře CZ.NIC
>> > Milesovska 5, 130 00 Praha 3, Czech Republic
>> > mailto:ondrej.sury@xxxxxx    https://nic.cz/
>> > --------------------------------------------
>> >
>> > ----- Original Message -----
>> >> From: "Magnus Nyström" <magnusn@xxxxxxxxx>
>> >> To: secdir@xxxxxxxx, "draft-ietf-curdle-dnskey-eddsa"
>> >> <draft-ietf-curdle-dnskey-eddsa@xxxxxxxx>
>> >> Sent: Monday, 12 December, 2016 02:44:18
>> >> Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02
>> >
>> >> I have reviewed this document as part of the security directorate's
>> >> ongoing effort to review all IETF documents being processed by the
>> >> IESG. These comments were written primarily for the benefit of the
>> >> security area directors. Document editors and WG chairs should treat
>> >> these comments just like any other last call comments.
>> >>
>> >> This document describes how to use two two specific Edwards Curves
>> >> (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and
>> >> ed448.
>> >>
>> >> The only comment I have on this document is that the Security
>> >> Considerations section plainly states, without any reference or proof:
>> >>
>> >> "Ed25519 and Ed448 offers improved security properties and
>> >> implementation characteristics compared to RSA and ECDSA algorithms"
>> >>
>> >> I suggest either adding references to proofs of these statements or
>> >> alternatively just remove the sentence (since it doesn't really add
>> >> anything to the memo); the remaining paragraphs in the Security
>> >> Considerations section is what really covers what someone implementing
>> >> the memo should know or be aware of.
>> >>
>> >> -- Magnus
>> >
>> > ~~~~
>> >
>> > ----- Original Message -----
>> >> From: "Dan Romascanu" <dromasca@xxxxxxxxx>
>> >> To: gen-art@xxxxxxxx
>> >> Cc: "draft-ietf-curdle-dnskey-eddsa all"
>> >> <draft-ietf-curdle-dnskey-eddsa.all@xxxxxxxx>, "curdle"
>> >> <curdle@xxxxxxxx>,
>> >> ietf@xxxxxxxx
>> >> Sent: Sunday, 11 December, 2016 12:21:25
>> >> Subject: Review of draft-ietf-curdle-dnskey-eddsa-02
>> >
>> >> Reviewer: Dan Romascanu
>> >> Review result: Ready with Nits
>> >>
>> >> Summary: Ready, with nits
>> >>
>> >> I am not an expert in this field, but the document seems to meet its
>> >> goals, it's clear and precise
>> >>
>> >> Major issues:
>> >>
>> >> Minor issues:
>> >>
>> >> Nits/editorial comments:
>> >>
>> >> 1. Section 4: s/Section5.1.7/Sections 5.1.7/
>> >>
>> >> 2. Section 8: 'The following entry has been added to
>> >>   the registry' - I may be wrong, but the section seems to define two
>> > > new entries in the registry rather than one
>
>



-- 
-- Magnus





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]