IETF Logo Mail Archive

Re: [Curdle] Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07

Sheng Jiang <jiangsheng@huawei.com> Thu, 03 January 2019 13:59 UTC

Return-Path: <jiangsheng@huawei.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0A3212785F; Thu, 3 Jan 2019 05:59:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GeFs7FWs2BU3; Thu, 3 Jan 2019 05:59:03 -0800 (PST)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0D3E12EB11; Thu, 3 Jan 2019 05:59:02 -0800 (PST)
Received: from lhreml701-cah.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id B12DAD920209; Thu, 3 Jan 2019 13:58:56 +0000 (GMT)
Received: from lhreml708-chm.china.huawei.com (10.201.108.57) by lhreml701-cah.china.huawei.com (10.201.108.42) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 3 Jan 2019 13:58:58 +0000
Received: from lhreml708-chm.china.huawei.com (10.201.108.57) by lhreml708-chm.china.huawei.com (10.201.108.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1591.10; Thu, 3 Jan 2019 13:58:58 +0000
Received: from NKGEML414-HUB.china.huawei.com (10.98.56.75) by lhreml708-chm.china.huawei.com (10.201.108.57) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256) id 15.1.1591.10 via Frontend Transport; Thu, 3 Jan 2019 13:58:57 +0000
Received: from NKGEML515-MBX.china.huawei.com ([fe80::a54a:89d2:c471:ff]) by nkgeml414-hub.china.huawei.com ([10.98.56.75]) with mapi id 14.03.0415.000; Thu, 3 Jan 2019 21:58:51 +0800
From: Sheng Jiang <jiangsheng@huawei.com>
To: Daniel Migault <daniel.migault@ericsson.com>, Tim Hollebeek <tim.hollebeek@digicert.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
CC: "draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org" <draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Thread-Topic: Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
Thread-Index: AQHUorH2JkRINekSS0KwazkwUu1cVaWbweQAgAAMaACAAcHX0A==
Date: Thu, 03 Jan 2019 13:58:50 +0000
Message-ID: <5D36713D8A4E7348A7E10DF7437A4B92902DEBEC@NKGEML515-MBX.china.huawei.com>
References: <154642329120.32625.18387931087720472774@ietfa.amsl.com> <BL2PR15MB0947E4B0DCC8C36615F09B4DE38C0@BL2PR15MB0947.namprd15.prod.outlook.com> <BN6PR14MB11069BB257E0A8B2627522C8838C0@BN6PR14MB1106.namprd14.prod.outlook.com> <BL2PR15MB0947FEA09887D6D43FCD2B2AE38C0@BL2PR15MB0947.namprd15.prod.outlook.com>
In-Reply-To: <BL2PR15MB0947FEA09887D6D43FCD2B2AE38C0@BL2PR15MB0947.namprd15.prod.outlook.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.45.137.233]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/4NCr3XCRui56aZZ31LI2UCqY3Ic>
Subject: Re: [Curdle] Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2019 13:59:06 -0000

Hi, Daniel,

The suggestion from Tim is a good improvement. However, it would be even better for a "standard track" document, if it gave a little bit more detailed guidance "where" and "how" a SSH implement should quota the key format that defined in this document.

Regards,

Sheng

-----Original Message-----
From: Daniel Migault [mailto:daniel.migault@ericsson.com] 
Sent: Thursday, January 3, 2019 2:57 AM
To: Tim Hollebeek <tim.hollebeek@digicert.com>; Sheng Jiang <jiangsheng@huawei.com>; ops-dir@ietf.org
Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org; ietf@ietf.org
Subject: RE: Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07

Thanks for the suggestion Tim. That works for me. 
Yours, 
Daniel

-----Original Message-----
From: Tim Hollebeek <tim.hollebeek@digicert.com> 
Sent: Wednesday, January 02, 2019 1:12 PM
To: Daniel Migault <daniel.migault@ericsson.com>; Sheng Jiang
<jiangsheng@huawei.com>; ops-dir@ietf.org
Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org;
ietf@ietf.org
Subject: RE: Opsdir last call review of
draft-ietf-curdle-ssh-ed25519-ed448-07

Why not just reference RFC 2119 and say "Standard implementations of SSH
SHOULD implement these signature algorithms." ?

-Tim

> -----Original Message-----
> From: Curdle <curdle-bounces@ietf.org> On Behalf Of Daniel Migault
> Sent: Wednesday, January 2, 2019 10:43 AM
> To: Sheng Jiang <jiangsheng@huawei.com>; ops-dir@ietf.org
> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org;
> ietf@ietf.org
> Subject: Re: [Curdle] Opsdir last call review of
draft-ietf-curdle-ssh-ed25519-
> ed448-07
> 
> Hi Sheng,
> 
> Thanks for the comment and the suggestion. I agree that it may sound
> strange to have a standard Track category without any reference to
> RFC2119. In addition, while the document provides IANA registry updates,
> the IANA registration does not require a Standard Track. So *technically*
the
> informational category could be fine.
> 
> The motivation for a Standard Track document was to have these algorithms
> as part of the SSH protocol. In other words, we expect that SSH will come
> with these algorithms in the future. For that reason we requested the
status
> to be "Standard Track" to remain coherent with RFC425{1-4}.
> 
> (RFC4250 and) RFC4253 provided the initial values for the Public Key
registry.
> While the protocol comes with some registry values, my understanding is
> that updating the registry by adding a new value is not considered as an
> update the RFC. For that reason we did not provide RFC4253 or RFC4250 in
> the update status. While the update does not concern the RFC, it affects
the
> protocol and should - in my opinion be associated to the same status as
the
> protocol.
> 
> As a side note, all RFCs that have updated the Public Key Algorithm Names
> are Standard Track documents. On the other hand, they seem to reference
> and use the RFC2119 terms.
> 
> I believe that the Standard Track category is the most appropriated,
> however, I am happy to be wrong and have misunderstood something. Feel
> free to let me know your opinion on the category, as well as if there are
any
> clarification we should add in the text. I suggest that we add a sentence
> around the lines:
> """ These signature algorithms are expected to be integrated into the
> standard implementations of SSH. """
> 
> Any feed back is welcome!
> 
> Yours,
> Daniel
> -----Original Message-----
> From: Sheng Jiang <jiangsheng@huawei.com>
> Sent: Wednesday, January 02, 2019 5:02 AM
> To: ops-dir@ietf.org
> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org;
> ietf@ietf.org
> Subject: Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
> 
> Reviewer: Sheng Jiang
> Review result: Has Issues
> 
> Reviewer: Sheng Jiang
> Review result: Has Issues
> 
> Hi, OPS-DIR, Authors,
> 
> I have reviewed this document as part of the Operational directorate's
> ongoing effort to review all IETF documents being processed by the IESG.
> These comments were written with the intent of improving the operational
> aspects of the IETF drafts. Comments that are not addressed in last call
may
> be included in AD reviews during the IESG review. Document editors and WG
> chairs should treat these comments just like any other last call comments.
> 
> This standard track document describes the use of the Ed25519 and Ed448
> digital signature algorithm in the Secure Shell (SSH) protocol.  This
document
> is one of the shortest documents I have ever seen. It is clear and well
> written.
> However, I have a fundamental issue regarding to its Intended status
> "Standards Track", describe below. Therefore, it has issues for
publication
> although I think it is easy to fixed - changing the Intended status.
> 
> Major issue: this document has Intended status for Standards Track.
> However, neither this document fails to quota RFC 2119 or has any
> normative words.
> Consistently, I don't think the description in this document has any
> mandatory requirements for any implementations of protocols. Actually, the
> most important quota of this document, RFC8032, is Informational, which is
> a Downref in this document. Therefore, I think it is more proper this
> document intends for Informational status.
> 
> Minor issue: no.
> 
> Regards,
> 
> Sheng
> 
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle

v2.23.0 | Report a Bug | By Email