Re: [Curdle] Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
Loganaden Velvindron <loganaden@gmail.com> Thu, 06 June 2019 06:13 UTC
Return-Path: <loganaden@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0703120182; Wed, 5 Jun 2019 23:13:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PGze0boCmaNE; Wed, 5 Jun 2019 23:13:41 -0700 (PDT)
Received: from mail-it1-x130.google.com (mail-it1-x130.google.com [IPv6:2607:f8b0:4864:20::130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6095120162; Wed, 5 Jun 2019 23:13:40 -0700 (PDT)
Received: by mail-it1-x130.google.com with SMTP id m3so1428143itl.1; Wed, 05 Jun 2019 23:13:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CYsI8vrdSe2mxCQu+0cF2nWkAV+NYECYRKiAau4Nl9Q=; b=f6VsCYEXGrshWSmtCp0v83En0dV2HGW23kSjW2mfrV/dsgvPq4S72Z1Z2SNtofqe8R GxkZGT1oR0+b2P0+xMFiE4dc0ve6OB+u3K+FE9rh2MdfVebV8+bhRcS1VyVLKiBGJV02 sc3Gs1ci6imTsjUV0kE2fi+8WIvOiLCJUY4iPSFFOWSVkFfihEzY/mCA1oHc5lHf3Tba 1DYY238eofpDsR/wPqXsdx8nZWZqg8vq4P/20xMvgs1guZaEdfgzCaJKmxbRdmoBDN3h eDnnaVXz6gvWCVoDXXcNdumhrTjXeiHeaOB0rTc3tqr5SSkSLxMooxqtutQwA2Qs760V gHuw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CYsI8vrdSe2mxCQu+0cF2nWkAV+NYECYRKiAau4Nl9Q=; b=QXR1XrrrZd+7KJMm6Iv808vAF5r3Po7Fo2S9QgnHMFwQD/pBGGizXuL6vkXJ7x+ggA l3Wt1KNLQ4PdqfZZnVXlJcnlVp6inYAQ6KpidiqHz/Aeenavjf2N1qIl5hQtLswX0ddp 1QQBNJoxVEoUAj3eTxTt+jEtZLpPv33uqysf5HSThgLZy2Vkph+FwhBW1XkdmwZXvIG+ 8BotQxHM8u8Gm+0nIqJqD5S17d1gXYGjWfUJRyjtSUnDoOmkAHr+llxT/Ctm1QXuBz5b BRk38v1NXWh0cknLB+6Sy6Nb07tKASNnWuXgoM0aK6ZIbgqDoWYkZqPhXbsnZ8OimgYb ZW0Q==
X-Gm-Message-State: APjAAAU/u69h0zaQK37tanc1cAoIwn/vVQI5v1ZHxGhArP4RI7cvLsic bBfMDWrv4sLpjGYcZoJQBTb/JMXjUu0q0NnlN2M=
X-Google-Smtp-Source: APXvYqzJQolzEUCA9iCo+m6X20DlB30RNvqjOQ2rdtoaUpMkI4xDtnrVUfTc8uwnyTwQPyNrHQ+aY5zYnRKJFcSZEuo=
X-Received: by 2002:a24:eec1:: with SMTP id b184mr31580082iti.61.1559801620270; Wed, 05 Jun 2019 23:13:40 -0700 (PDT)
MIME-Version: 1.0
References: <154642329120.32625.18387931087720472774@ietfa.amsl.com> <BL2PR15MB0947E4B0DCC8C36615F09B4DE38C0@BL2PR15MB0947.namprd15.prod.outlook.com> <BN6PR14MB11069BB257E0A8B2627522C8838C0@BN6PR14MB1106.namprd14.prod.outlook.com> <BL2PR15MB0947FEA09887D6D43FCD2B2AE38C0@BL2PR15MB0947.namprd15.prod.outlook.com> <5D36713D8A4E7348A7E10DF7437A4B92902DEBEC@NKGEML515-MBX.china.huawei.com> <BL2PR15MB0947AB8A5ED7E28E5EC4B8E4E38D0@BL2PR15MB0947.namprd15.prod.outlook.com> <CADZyTkmV_YbUW_Evf=rRLhXmTSeVqiRWozONoufRSU0oQsuhBQ@mail.gmail.com>
In-Reply-To: <CADZyTkmV_YbUW_Evf=rRLhXmTSeVqiRWozONoufRSU0oQsuhBQ@mail.gmail.com>
From: Loganaden Velvindron <loganaden@gmail.com>
Date: Thu, 06 Jun 2019 10:13:28 +0400
Message-ID: <CAOp4FwQKkjP9NcyyhpcVT=c2M0zVr3CaHtbB+k0cWkh0Y_AH3g@mail.gmail.com>
To: Daniel Migault <daniel.migault@ericsson.com>
Cc: Sheng Jiang <jiangsheng@huawei.com>, Tim Hollebeek <tim.hollebeek@digicert.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org" <draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007f1207058aa19d16"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/9NkOAx4FsWwEyP7vLai_SahOPlk>
Subject: Re: [Curdle] Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2019 06:13:44 -0000
I believe that this change already took place in rev08. What more do we need to add ? https://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-curdle-ssh-ed25519-ed448-08.txt On Wed, Jun 5, 2019 at 5:53 PM Daniel Migault <daniel.migault@ericsson.com> wrote: > Dear co-authors of curdle-ssh-ed25519-ed448, > > Could we update the document and address the concern from Sheng ? > > Yours, > Daniel > > On Thu, Jan 3, 2019 at 11:23 AM Daniel Migault < > daniel.migault@ericsson.com> wrote: > >> Hi Sheng, >> >> Thanks for the comment. It should be easily addressed in the next version. >> >> Yours, >> Daniel >> >> -----Original Message----- >> From: Sheng Jiang <jiangsheng@huawei.com> >> Sent: Thursday, January 03, 2019 8:59 AM >> To: Daniel Migault <daniel.migault@ericsson.com>; Tim Hollebeek < >> tim.hollebeek@digicert.com>; ops-dir@ietf.org >> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org; >> ietf@ietf.org >> Subject: RE: Opsdir last call review of >> draft-ietf-curdle-ssh-ed25519-ed448-07 >> >> Hi, Daniel, >> >> The suggestion from Tim is a good improvement. However, it would be even >> better for a "standard track" document, if it gave a little bit more >> detailed guidance "where" and "how" a SSH implement should quota the key >> format that defined in this document. >> >> Regards, >> >> Sheng >> >> -----Original Message----- >> From: Daniel Migault [mailto:daniel.migault@ericsson.com] >> Sent: Thursday, January 3, 2019 2:57 AM >> To: Tim Hollebeek <tim.hollebeek@digicert.com>; Sheng Jiang < >> jiangsheng@huawei.com>; ops-dir@ietf.org >> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org; >> ietf@ietf.org >> Subject: RE: Opsdir last call review of >> draft-ietf-curdle-ssh-ed25519-ed448-07 >> >> Thanks for the suggestion Tim. That works for me. >> Yours, >> Daniel >> >> -----Original Message----- >> From: Tim Hollebeek <tim.hollebeek@digicert.com> >> Sent: Wednesday, January 02, 2019 1:12 PM >> To: Daniel Migault <daniel.migault@ericsson.com>; Sheng Jiang < >> jiangsheng@huawei.com>; ops-dir@ietf.org >> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org; >> ietf@ietf.org >> Subject: RE: Opsdir last call review of >> draft-ietf-curdle-ssh-ed25519-ed448-07 >> >> Why not just reference RFC 2119 and say "Standard implementations of SSH >> SHOULD implement these signature algorithms." ? >> >> -Tim >> >> > -----Original Message----- >> > From: Curdle <curdle-bounces@ietf.org> On Behalf Of Daniel Migault >> > Sent: Wednesday, January 2, 2019 10:43 AM >> > To: Sheng Jiang <jiangsheng@huawei.com>; ops-dir@ietf.org >> > Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org; >> > ietf@ietf.org >> > Subject: Re: [Curdle] Opsdir last call review of >> draft-ietf-curdle-ssh-ed25519- >> > ed448-07 >> > >> > Hi Sheng, >> > >> > Thanks for the comment and the suggestion. I agree that it may sound >> > strange to have a standard Track category without any reference to >> > RFC2119. In addition, while the document provides IANA registry >> > updates, the IANA registration does not require a Standard Track. So >> > *technically* >> the >> > informational category could be fine. >> > >> > The motivation for a Standard Track document was to have these >> > algorithms as part of the SSH protocol. In other words, we expect that >> > SSH will come with these algorithms in the future. For that reason we >> > requested the >> status >> > to be "Standard Track" to remain coherent with RFC425{1-4}. >> > >> > (RFC4250 and) RFC4253 provided the initial values for the Public Key >> registry. >> > While the protocol comes with some registry values, my understanding >> > is that updating the registry by adding a new value is not considered >> > as an update the RFC. For that reason we did not provide RFC4253 or >> > RFC4250 in the update status. While the update does not concern the >> > RFC, it affects >> the >> > protocol and should - in my opinion be associated to the same status >> > as >> the >> > protocol. >> > >> > As a side note, all RFCs that have updated the Public Key Algorithm >> > Names are Standard Track documents. On the other hand, they seem to >> > reference and use the RFC2119 terms. >> > >> > I believe that the Standard Track category is the most appropriated, >> > however, I am happy to be wrong and have misunderstood something. Feel >> > free to let me know your opinion on the category, as well as if there >> > are >> any >> > clarification we should add in the text. I suggest that we add a >> > sentence around the lines: >> > """ These signature algorithms are expected to be integrated into the >> > standard implementations of SSH. """ >> > >> > Any feed back is welcome! >> > >> > Yours, >> > Daniel >> > -----Original Message----- >> > From: Sheng Jiang <jiangsheng@huawei.com> >> > Sent: Wednesday, January 02, 2019 5:02 AM >> > To: ops-dir@ietf.org >> > Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org; >> > ietf@ietf.org >> > Subject: Opsdir last call review of >> > draft-ietf-curdle-ssh-ed25519-ed448-07 >> > >> > Reviewer: Sheng Jiang >> > Review result: Has Issues >> > >> > Reviewer: Sheng Jiang >> > Review result: Has Issues >> > >> > Hi, OPS-DIR, Authors, >> > >> > I have reviewed this document as part of the Operational directorate's >> > ongoing effort to review all IETF documents being processed by the IESG. >> > These comments were written with the intent of improving the >> > operational aspects of the IETF drafts. Comments that are not >> > addressed in last call >> may >> > be included in AD reviews during the IESG review. Document editors and >> > WG chairs should treat these comments just like any other last call >> comments. >> > >> > This standard track document describes the use of the Ed25519 and >> > Ed448 digital signature algorithm in the Secure Shell (SSH) protocol. >> > This >> document >> > is one of the shortest documents I have ever seen. It is clear and >> > well written. >> > However, I have a fundamental issue regarding to its Intended status >> > "Standards Track", describe below. Therefore, it has issues for >> publication >> > although I think it is easy to fixed - changing the Intended status. >> > >> > Major issue: this document has Intended status for Standards Track. >> > However, neither this document fails to quota RFC 2119 or has any >> > normative words. >> > Consistently, I don't think the description in this document has any >> > mandatory requirements for any implementations of protocols. Actually, >> > the most important quota of this document, RFC8032, is Informational, >> > which is a Downref in this document. Therefore, I think it is more >> > proper this document intends for Informational status. >> > >> > Minor issue: no. >> > >> > Regards, >> > >> > Sheng >> > >> > >> > _______________________________________________ >> > Curdle mailing list >> > Curdle@ietf.org >> > https://www.ietf.org/mailman/listinfo/curdle >> _______________________________________________ >> Curdle mailing list >> Curdle@ietf.org >> https://www.ietf.org/mailman/listinfo/curdle >> >
- [Curdle] Opsdir last call review of draft-ietf-cu… Sheng Jiang
- Re: [Curdle] Opsdir last call review of draft-iet… Daniel Migault
- Re: [Curdle] Opsdir last call review of draft-iet… Tim Hollebeek
- Re: [Curdle] Opsdir last call review of draft-iet… Daniel Migault
- Re: [Curdle] Opsdir last call review of draft-iet… Salz, Rich
- Re: [Curdle] Opsdir last call review of draft-iet… Sheng Jiang
- Re: [Curdle] Opsdir last call review of draft-iet… Daniel Migault
- Re: [Curdle] Opsdir last call review of draft-iet… Daniel Migault
- Re: [Curdle] Opsdir last call review of draft-iet… Loganaden Velvindron
- Re: [Curdle] Opsdir last call review of draft-iet… Daniel Migault