Re: [Cfrg] [irsg] IRSG review request: draft-irtf-cfrg-randomness-improvements-11
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Tue, 05 May 2020 11:46 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CEB73A1646; Tue, 5 May 2020 04:46:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lCJ74ZMlgfIt; Tue, 5 May 2020 04:46:51 -0700 (PDT)
Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 755CE3A1644; Tue, 5 May 2020 04:46:48 -0700 (PDT)
Received: by mail-lj1-x22c.google.com with SMTP id a21so1253739ljb.9; Tue, 05 May 2020 04:46:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+dQw3cJU5lq64CR3Q3BcIB/W/VZcUhl30Gk54w+FSIk=; b=WC/VfLYXWLcK4KKsMwbfUkxn/OGxg+9ChZbg1d5NmjoKe+dKcO+NPNAv/h41vSjfIc Qgi47yYrLb1IvNo5nZPKEixuCLdkLHlMBE58eVTGwnK0PZ5gI7xGewbPGg/aT76DBdRl IKnITLua/Wsk4dWcikHuJ4SgnHGgEACHm7jkpOmhchhrWj22RnCyOjOxZwe3Sej6FOPg vhf2Z7pRif5v1uSbltRgLbvBDffdTODbwd+xDHzct+tbMqKSi7b3gC9zY/dn/9r3yVoh eNcWNs5Wlu1jo/0c+DfyVFa9zGnauoFr02db5pp5xqPE+VxLyem83T4O0k58ONgJ5OxQ /oKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+dQw3cJU5lq64CR3Q3BcIB/W/VZcUhl30Gk54w+FSIk=; b=cJjip87TwZa8dqCwiz/0c+xA5Eyf9KyBwuEvTIf6nfZ1M2E6KbKgbaEEpnFV+vsUHP M0W1ZZ6Wh3PmPXeltj3bGIQ3pMYYmrP8AOn4sXO7hOlZQcXfQlRVNfmdQdP8IFxlz2kb ZHJpQ9AMp+wv5mABqK9GTe7q5Q3G8vie7NCJRuuecjMyADyF3gEKkim2wUd5XRXgZyks qGX9DAvmGsggzSwoTFKdOnfApGy8Jo7h/4hS4nM0BvZyeSGDd3gjMW+BrmBrkCRHzLMQ lF4qL6u3l11rNJKe95MClx0OjcPU8JjBd37v79wEyvni97JlVQcwF5/OUxfcu2zC+Zw6 v17A==
X-Gm-Message-State: AGi0PubBKRuY8xXOmzYWcdeUm97npgAJ9l9Sg8UmMptSrYdQX3Lk0gt1 Xy3kY/bKsn6VFgkh6FdmBJcdL7pSx79ujvROFKoIoy70TUA=
X-Google-Smtp-Source: APiQypLFbNk+dzutvxIYjoX5HuG981xMU/zTZAM/YldPHlTHYKYT23K7n0dWZ0GfUhQVMDg0XujstMGSSSbM7jho21E=
X-Received: by 2002:a2e:9990:: with SMTP id w16mr1580101lji.194.1588679206517; Tue, 05 May 2020 04:46:46 -0700 (PDT)
MIME-Version: 1.0
References: <4B969EA9-C230-4CC6-A20B-B5F7552716AA@csperkins.org> <CAGVFjMKOSEVZu_R0ZpaCZvpW6wJwfPz=5yVmFvkSXbGr6bF-kQ@mail.gmail.com> <51036D5B-DCAF-4496-B8FD-7E36231AE704@csperkins.org> <CAPjWiCSWd+TJ5zS327nBaiaZXxkv7PWQ4yScjAXFL1ZZ8Lfy2g@mail.gmail.com> <0BCD81DE-3F28-4C33-B704-5FC754C7B5C3@csperkins.org>
In-Reply-To: <0BCD81DE-3F28-4C33-B704-5FC754C7B5C3@csperkins.org>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Tue, 05 May 2020 14:44:43 +0300
Message-ID: <CAMr0u6nZyTNij36LBL4eVrkDmCuG6vEA1nVwPdKu0XOx5yFHrw@mail.gmail.com>
To: Colin Perkins <csp@csperkins.org>
Cc: draft-irtf-cfrg-randomness-improvements@ietf.org, cfrg@ietf.org, Internet Research Steering Group <irsg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000c440ed05a4e53302"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/M4fk2c2AG1fLmyhlr7L-xD_KAZ4>
Subject: Re: [Cfrg] [irsg] IRSG review request: draft-irtf-cfrg-randomness-improvements-11
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 May 2020 11:46:53 -0000
Dear Colin, Many thanks for the update! We'll have a short discussion of the comments with Chris, Cas, Luke and Nick and update the draft based on the comments. Many thanks for the comments, Marie-Jose and Mallory! Colin, one more question. You've added a comment for the draft at the datatracker: "Revision needed to clarify what is mandatory to implement, and to address review from Gwynne Raskind." - shouldn't this be about draft-irtf-cfrg-argon2 (not about draft-irtf-cfrg-randomness-improvements)?.. Best regards, Stanislav On Tue, 5 May 2020 at 01:24, Colin Perkins <csp@csperkins.org> wrote: > Thank you! > > Authors: would it be possible to spin a quick revision of the draft to > address the nits in these reviews? > > Colin > > > > On 4 May 2020, at 23:15, Marie-Jose Montpetit <marie@mjmontpetit.com> > wrote: > > Hello lists: > > My review of draft-irtf-cfrg-randomness-improvements-11 > > Overall: > The draft is well written and the solution very understandable. The > comparison to the existing RFC is 6979 is a very good idea. While the > application to TLS was most likely the reason the draft was written I am > aware of issues with PRGs elsewhere notably the FRECFRAME RLC that was > delayed due to PRG issues. This does not require to be addressed in the > draft but shows that PRG bugs that impact randomness do need to be taken > into account. > > In the NITs category I found the following missing acronyms definitions: > DBRG > EC > HKDF > HMAC > HSM > TLS > > mjm > > > Marie-José Montpetit, Ph.D. > marie@mjmontpetit.com > > > > On May 4, 2020 at 6:10:47 PM, Colin Perkins (csp@csperkins.org) wrote: > > Thanks, Mallory! > Colin > > > > On 28 Apr 2020, at 19:21, Mallory Knodel <mknodel@cdt.org> wrote: > > HI all, > > I did an IRSG review for this document. I think that the editorial quality > is high; this is not a deep technical review. As I read and noted > questions, they were all answered later within the text and with clarity. > > For the last two citations there exist URLs even if the documents being > cited aren't openly published. I recommend linking to these pages anyway > for verification purposes. > > Thanks, > -Mallory > > On Mon, Apr 20, 2020 at 6:44 PM Colin Perkins <csp@csperkins.org> wrote: > >> IRSG members, >> >> The Crypto Forum Research Group has requested that >> draft-irtf-cfrg-randomness-improvements-11 >> <https://datatracker.ietf.org/doc/draft-irtf-cfrg-randomness-improvements/> be >> considered for publication as an IRTF RFC. To progress this draft, >> we now need *at least one* IRSG member to volunteer to provide a >> detailed review of the draft, as follows: >> >> The purpose of the IRSG review is to ensure consistent editorial and >> technical quality for IRTF publications. IRSG review is not a deep >> technical review. (This should take place within the RG.) At least one IRSG >> member other than the chair of the RG bringing the work forth must review >> the document and the RG’s editorial process. >> >> IRSG reviewers should look for clear, cogent, and consistent writing. An >> important aspect of the review is to gain a critical reading from reviewers >> who are not subject matter experts and, in the process, assure the document >> will be accessible to those beyond the authoring research group. Also, >> reviewers should assess whether sufficient editorial and technical review >> has been conducted and the requirements of this process document, such as >> those described in IRTF-RFCs have been met. Finally, reviewers should check >> that appropriate citations to related research literature have been made. >> >> Reviews should be written to be public. Review comments should be sent to >> the IRSG and RG mailing lists and entered into the tracker. All IRSG review >> comments must be addressed. However, the RG need not accept every comment. >> It is the responsibility of the shepherd to understand the comments and >> ensure that the RG considers them including adequate dialog between the >> reviewer and the author and/or RG. Reviews and their resolution should be >> entered into the tracker by the document shepherd. >> >> The IRSG review often results in the document being revised. Once the >> reviewer(s), authors, and shepherd have converged on review comments, the >> shepherd starts the IRSG Poll on whether the document should be published. >> >> >> Please respond to this message if you’re able to perform such a review, >> and indicate the approximate time-frame by which you’ll be able to complete >> it. The document shepherd write-up is available at >> https://datatracker.ietf.org/doc/draft-irtf-cfrg-randomness-improvements/shepherdwriteup/ >> >> Thanks! >> Colin (as IRTF chair) >> >> >> -- >> Colin Perkins >> https://csperkins.org/ >> >> >> >> >> > > -- > Mallory Knodel > CTO, Center for Democracy and Technology > gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780 > > > >
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Mallory Knodel
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Colin Perkins
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Marie-Jose Montpetit
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Colin Perkins
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Stanislav V. Smyshlyaev
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Colin Perkins
- Re: [Cfrg] [irsg] IRSG review request: draft-irtf… Stanislav V. Smyshlyaev