[apps-discuss] APPSDIR Review of draft-ietf-dnsext-ecdsa-04
William Mills <wmills@yahoo-inc.com> Tue, 07 February 2012 05:46 UTC
Return-Path: <wmills@yahoo-inc.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A86421F853C for <apps-discuss@ietfa.amsl.com>; Mon, 6 Feb 2012 21:46:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.063
X-Spam-Level:
X-Spam-Status: No, score=-16.063 tagged_above=-999 required=5 tests=[AWL=-0.879, BAYES_40=-0.185, HTML_MESSAGE=0.001, USER_IN_DEF_WHITELIST=-15]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b8QjYBzOyiqb for <apps-discuss@ietfa.amsl.com>; Mon, 6 Feb 2012 21:46:48 -0800 (PST)
Received: from nm3.bullet.mail.bf1.yahoo.com (nm3.bullet.mail.bf1.yahoo.com [98.139.212.162]) by ietfa.amsl.com (Postfix) with SMTP id C5FAE21F8552 for <apps-discuss@ietf.org>; Mon, 6 Feb 2012 21:46:47 -0800 (PST)
Received: from [98.139.212.151] by nm3.bullet.mail.bf1.yahoo.com with NNFMP; 07 Feb 2012 05:46:44 -0000
Received: from [98.139.212.245] by tm8.bullet.mail.bf1.yahoo.com with NNFMP; 07 Feb 2012 05:46:43 -0000
Received: from [127.0.0.1] by omp1054.mail.bf1.yahoo.com with NNFMP; 07 Feb 2012 05:46:43 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 921272.63177.bm@omp1054.mail.bf1.yahoo.com
Received: (qmail 80260 invoked by uid 60001); 7 Feb 2012 05:46:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo-inc.com; s=ginc1024; t=1328593603; bh=Qir2qXmaqrbSQiaqbXJhxqsCGeadrvRAE61boAGB0RA=; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type; b=ESVy1hqlpY1pdjdwhnahGlCPt8I7eXqo0ho4Bjznd7r868vVoZYkNlsA6Apo9S/FXlBzrPzKENKq/fqHoMdrGFyqbrIkBVhyWylr7EMSYlNKyVQdysnqOOnORXmQfHvYeUQKSH6ldSEpImOV27JSiHqAxhG/xOM2VL+e9KTpByM=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=ginc1024; d=yahoo-inc.com; h=X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type; b=sUONuZw8dRtwPv3zd+HYR9tnrB/Fbf+I7St9klUJL1JmLiLQpoMdX/9zd6ZdA8a3PGmjsh39nRcAQhMXNPeUL8StizRtuItHs7XuOw/YqS9zfDZzALpnQ6kSTYJWjyk9tyax4Wev5CjFo9YSyWW6hgblWAwOmCXtDag2X0FlQgY=;
X-YMail-OSG: 9d.4qMgVM1l7UP0wpz.mu7F8eIrOr_NMCpLitUpJVAzNhsG 3bE18ttLcEoU0MVUV3PKr3Nxxdka9LW3J8V.VF2TAHX8fG.a38rAFVoFxTKa 7AudmqNCQEj.iPLrZEGtaxbfnrnC_oA6Gi2B15LcxOhrRbGBeX85CXfiI.tJ LNsFaBoPGiiNOpk05695G3pjL8MByUdYUHg7m0sjEiGNWmpE9y_gWeRb0aSj dj8hDct7wXT.DcfzJzI2EPifkfL7U3puJ7PXmfSMjF.6YwzdFHzIwyRTBc.O kEW5Ij2dApJF_qW24XArx1nA5CtTG_g93SsWwJk4HQWsM4gVbRL2Mn3US0jh FlxIhUWx9spF3r.uR0DYnzxDtRkoTTbW52XfrLzR6oyHYwkzSxex9bHcewMP iVAdmjp3Mi4mooukPyhO.L6duCtKoV3MMfw--
Received: from [209.131.62.115] by web31813.mail.mud.yahoo.com via HTTP; Mon, 06 Feb 2012 21:46:43 PST
X-RocketYMMF: william_john_mills
X-Mailer: YahooMailWebService/0.8.117.340031
Message-ID: <1328593603.37879.YahooMailNeo@web31813.mail.mud.yahoo.com>
Date: Mon, 06 Feb 2012 21:46:43 -0800
From: William Mills <wmills@yahoo-inc.com>
To: "apps-discuss@ietf.org" <apps-discuss@ietf.org>, draft-ietf-dnsext-ecdsa.all@tools.ietf.org
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="767760015-1450876057-1328593603=:37879"
Cc: "iesg@ietf.org" <iesg@ietf.org>
Subject: [apps-discuss] APPSDIR Review of draft-ietf-dnsext-ecdsa-04
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: William Mills <wmills@yahoo-inc.com>
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2012 05:46:49 -0000
Document: draft-ietf-dnsext-ecdsa-04 Title: Elliptic Curve DSA for DNSSEC Reviewer: William J. Mills Review Date: February 6th, 2012 IETF Last Call Date: NA IESG Telechat Date: NA Summary: This draft informational RFC is ready for publication subject to correcting one major issue. Caveats: I'm not a DNS expert, so while this looks right to me there may be something obvious that I missed. Major Issues: Section 4 paragraph 2: While this is an informational RFC, "The two integers, each of which is formatted as a simple octet string, are combined into a single longer octet string ..." is not well enough defined. The examples are base64 encoded and it looks like what we have there is for instance 2 48byte integers concatenated. This document should do one of: - quote the normative language from the appropriate specification for how these integers are to be formatted - cite the normative specification explicitly in this paragraph - if there is no normative language already then this spec is going to have to become normative (not likely) Minor Issues: [list any minor issues such as text that is unclear or confusing, preferably by section number] Section 1 paragraph 5: Is the computational difference here simply informational? If so it might want to move out of the introduction. If the computation cost is meaningful then that impact should probably be discussed a little more (probably in a new section?) so the implementer can make an informed choice about what will be right for their use case. Presumably the signatures could actually be computed once per zone file load, that probably depends on the implementation. Similar savings can probably be had on the client doing a lookup, caching the previous values and checking against the returned signature so the validation only need be done once per item. Nits: None.
- [apps-discuss] APPSDIR Review of draft-ietf-dnsex… William Mills