Reviewer: Catherine Meadows Review result: Has Nits This draft specifies the use of the digital signature algorithms Ed25519 and Ed448 in the SSH protocol. Most of this, except for syntactic features such as formats and names, can be found in other RFC’s, and the appropriate references are given. The Security Considerations are also given by reference to RFC4241 (security considerations for SSH) and RFC8032 and RFC7479 (for Ed25519 and Ed448). These security considerations sections are very thorough and I don’t see any need for any additions. A nit: The paragraph This document describes the method implemented by OpenSSH and others, and formalizes its use of the name "ssh-ed25519". Additionally, it also describes the use of Ed448 and formalizes its use of the name "ssh-ed448". Would be clearer as This document describes the Ed25519 method implemented by OpenSSH and others, and formalizes its use of the name "ssh-ed25519". Additionally, it also describes the use of Ed448 and formalizes its use of the name "ssh-ed448”.