IETF Logo Mail Archive

Re: [Curdle] Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07

Tim Hollebeek <tim.hollebeek@digicert.com> Wed, 02 January 2019 18:12 UTC

Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56F62130EBB; Wed, 2 Jan 2019 10:12:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.066
X-Spam-Level:
X-Spam-Status: No, score=-2.066 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LUtLsjNGDo26; Wed, 2 Jan 2019 10:12:23 -0800 (PST)
Received: from mail1.bemta23.messagelabs.com (mail1.bemta23.messagelabs.com [67.219.246.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44FB0124BF6; Wed, 2 Jan 2019 10:12:23 -0800 (PST)
Received: from [67.219.246.100] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-3.bemta.az-b.us-east-1.aws.symcld.net id 29/58-08438-60FFC2C5; Wed, 02 Jan 2019 18:12:22 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA1WTf0wTZxjHee+9Xg/GLa+lyDOCvxqiBnu1dWo q0YTELNbEGeM/Ri3Ow95ok7Zgr2TFxIXoogKiaOqPEQjVsBEJKqAIYeKPUmWCUSn+CJJoUKKZ BjLHmm1mZbvr1V//XD55vt/n+zzvm/dYrIsx2awY8Is+r+A2MGm0c7FxBa/5z2g3d44us3aeq sPW4InLjPX89SnK+qK9kbaeOn8WW2v2NOECxvY29oCx/RCZ0Niamv6hNuAtGpe3qCSwXeOMX5 9TWr050Na2B1eg7o1VKI2lyUEMb67dp6tQKqsjNRRED8xU+QmCK9F8hRlihoe9/ZTCerIbzgT jGqUZk3YE3c03E80ZZD3UT/Zh1bQBfp2skBtYmZfAH4c5pUyTXGj4+ahWKXOkENpeG5QYHTmO INLVmIhJJdtg6uS9BCMyE/4aaE3MxSQLHo83JhiIHsaGBhmVM+G359Ma1W+Hhqkwo+QDmQcjn bxqmQXRxmqkzAKyVwunq1ppVeDh92PHsMpfw1RbWKOaRhGcPXE1KeTB0J9hpIa6IXR/t+p5jG HoyKHkQjlw6209VoWDDPReOJS8UQcEW8LJTWdDS81YcvI4BbHhtbUor+6jw9UlLjWEoDUcoxS BIzPg1o/jtGrioefKNazyHOiaqJdZK/NKuOhQq/MgWD2mVXk57LvzhgkhtgUtL/K5ip1+j+By 8xazmbdYlvDy17rCJOzii0xlEi8Kkp+3mITvJJNU7tnhdpi8or8DyY/PUZrS242ONheH0RcsZ cjkWgaMdt3nRSWOcqcgOb/xlblFKYxyWNYA3M5/ZW2GTywWA9+63PILficDm27Qc+fissxJpY JHchWr0gD6kr10u/IkZvsrY/VYR3tLvGJ2Fhealq1EsTrLvO+D3v0NUTQrO4NDKSkpuvRS0ed x+T/VX6EsFhkyuAIlJd3l9b+f90pehZJXWQqJVfzCBym7Aq3+ZW7+4Lq5zRfsTWYmq3K65rgY GcwtD0zveh7p69FNPC188nftswX9n+n7Is1Oz1erG/abNlPfb136NLim9nW+3r0+/qjcMrsuZ +/CSIdx07IXZxr6bZcFbeq21lWDOSuH5x/o6LDZb9wsmcxN0xSO3H0ZXbMolBlsN8aHC8jWn+ 4YaMkpWPKwTxL+B5X7FQIIBAAA
X-Env-Sender: tim.hollebeek@digicert.com
X-Msg-Ref: server-27.tower-384.messagelabs.com!1546452741!4458286!1
X-Originating-IP: [104.47.44.57]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.14.24; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 18599 invoked from network); 2 Jan 2019 18:12:21 -0000
Received: from mail-sn1nam04lp2057.outbound.protection.outlook.com (HELO NAM04-SN1-obe.outbound.protection.outlook.com) (104.47.44.57) by server-27.tower-384.messagelabs.com with AES256-SHA256 encrypted SMTP; 2 Jan 2019 18:12:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QGeoljB+uNmB4/BKZAZ1t68fKu2AklRH3t7i4idYrgw=; b=MAmoxN/UJCx0xoEpDtFyBma3JAsQMl67xxCGdlDtL/2jTdllXQZ5driU4qLxVX74aoZKYSENniL3Om/Y0VHcBRmlRJVvhP4M0nZo1eU8E29Gz7CEGJw6lyd8s2GcR453PihoWqcOy6/uSsqq8QrYswLzsJGTKpYZw4LTRE5ACAA=
Received: from BN6PR14MB1106.namprd14.prod.outlook.com (10.173.161.15) by BN6PR14MB1457.namprd14.prod.outlook.com (10.172.151.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1495.6; Wed, 2 Jan 2019 18:12:19 +0000
Received: from BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::60f0:c4cd:7c30:59c4]) by BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::60f0:c4cd:7c30:59c4%2]) with mapi id 15.20.1471.019; Wed, 2 Jan 2019 18:12:19 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: Daniel Migault <daniel.migault@ericsson.com>, Sheng Jiang <jiangsheng@huawei.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
CC: "draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org" <draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Thread-Topic: Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
Thread-Index: AQHUorHzI/5CNaPF+ku8Gi2V5kYfGKWcR7tg
Date: Wed, 02 Jan 2019 18:12:18 +0000
Message-ID: <BN6PR14MB11069BB257E0A8B2627522C8838C0@BN6PR14MB1106.namprd14.prod.outlook.com>
References: <154642329120.32625.18387931087720472774@ietfa.amsl.com> <BL2PR15MB0947E4B0DCC8C36615F09B4DE38C0@BL2PR15MB0947.namprd15.prod.outlook.com>
In-Reply-To: <BL2PR15MB0947E4B0DCC8C36615F09B4DE38C0@BL2PR15MB0947.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [98.111.253.32]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR14MB1457; 6:8yHAFuBEjhUiCr/63pDdTOEbYOxJU6h87mJh5bNCKzTX4b7PUKWowZ0B+PVEC0Z55cqfr6gSpyZdcJ8lSQPXL0WAlYPsUnpIEGt+YCCKV7BFgY7KzUAF1SRdOff6Dgu84OcUvsFfO6db8xC35PT7JPKwheWxF7VHrGN+2zqtH8qTJnU+QEMT14Cn3XKXu3/OMkB5s6S6NUnUTLIel62+qLSHQhJFynwDUxXas/RvzT6gV7UlOyr/WBd2ZCKDIAchXXSZ9NsiPlqbbRccEKQ+FNKLW/NoZ6Q6lMu2dZlGUFMbQxCKcpRofnrf1PBT94yn7MUpJuIGffhxP4mTje7gUT88Ma09i8yaSfK1ywLY2QHTyUrxvkr8DHdkSo4RsiV3TOXl1rrK2K6JpvBN7Il8DeI3XXdwxNFeMXJah1u3NnrQ4pYVcdOxnugJHeUjvdZSI48553XLOLfCCOYfTwUUWA==; 5:PYrJ0/IyKrFsRERnfQKFJVqATauhSaY/uBj5RWbDlTrtZOjs3TXwz1mSKo4Uk5pZaLFiyXeT3C/pJn3+My81zXlL4pn4SW/6/LZQsGGxkFnIemy+/TiC6ffdpUWNQHmIn9b3CTDcjHjQBg8InaQ5zy5M4qvsItTYfRGX8/hRzTr+LkIpVMVOmyWajUGaFvFSLC37/PlGP7XSTPtPQszO3g==; 7:QM7TirFykELr0tf+mOWLXo1FH1iwdBb7oKLO5czp5M++57X/kkJckH7o7cV3wndNe64979QJSgrDzBhmK5Wnw09kXydfqmhVywcux8tpQSNOHPiW2C238UcgXBmOvoLNkALmby8O158ImtvOUST1Bw==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: ad7e8870-1df9-4bd4-73df-08d670ddd577
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(2017052603328)(7153060)(49563074)(7193020); SRVR:BN6PR14MB1457;
x-ms-traffictypediagnostic: BN6PR14MB1457:
x-microsoft-antispam-prvs: <BN6PR14MB145788DC0FAC33EF6FD9224E838C0@BN6PR14MB1457.namprd14.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(3230021)(908002)(999002)(5005026)(102415395)(6040522)(8220060)(2401047)(8121501046)(10201501046)(3002001)(3231475)(944501520)(4983020)(52105112)(93006095)(93001095)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123564045)(201708071742011)(7699051)(76991095); SRVR:BN6PR14MB1457; BCL:0; PCL:0; RULEID:; SRVR:BN6PR14MB1457;
x-forefront-prvs: 0905A6B2C7
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(39850400004)(396003)(136003)(366004)(189003)(199004)(13464003)(51914003)(11346002)(446003)(99936001)(33656002)(105586002)(966005)(106356001)(7696005)(68736007)(76176011)(66066001)(6116002)(3846002)(476003)(186003)(102836004)(478600001)(2906002)(6506007)(53546011)(71200400001)(8676002)(26005)(97736004)(71190400001)(81156014)(81166006)(8936002)(305945005)(7736002)(44832011)(316002)(4326008)(5660300001)(74316002)(2501003)(6436002)(9686003)(6306002)(229853002)(99286004)(256004)(14444005)(25786009)(54906003)(86362001)(55016002)(6246003)(14454004)(110136005)(486006)(53936002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR14MB1457; H:BN6PR14MB1106.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: wtz67oZ1GYPT/P2wyhesB9f9hIvob4gmhlLBR5Yc5zKdP47mPOj0DuJHW6csHaHjgJVuCwxQ97EPN6hLYkNeETzuAoczjDmLVB8rhNKA8eKNtcvT9XH3Yqj2i9qSLiZP1iGDQi02sdTQ+0xAlzAGoT8VITLRiqLdy2I0Ff9dScWOLdOKESsMhOROkPyWTAvo0hgZrBtMqVVWs3IUzvtB5G6ERdlaqzzXY4LKkGCn6gMWwiLnTdQ2t599CN+B0b+mYbbKuxM7P8r+2f9IqsnFYOix+b3Q4AtfyGBXjBhq4sSZ7rV0vUYy+NJJ6PoEXRCK
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0040_01D4A29C.C0B6CB70"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ad7e8870-1df9-4bd4-73df-08d670ddd577
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jan 2019 18:12:18.9601 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR14MB1457
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/f1ThUi4B77spZ3xlw6ganRTTtHY>
Subject: Re: [Curdle] Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jan 2019 18:12:26 -0000

Why not just reference RFC 2119 and say "Standard implementations of SSH
SHOULD implement these signature algorithms." ?

-Tim

> -----Original Message-----
> From: Curdle <curdle-bounces@ietf.org> On Behalf Of Daniel Migault
> Sent: Wednesday, January 2, 2019 10:43 AM
> To: Sheng Jiang <jiangsheng@huawei.com>; ops-dir@ietf.org
> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org;
> ietf@ietf.org
> Subject: Re: [Curdle] Opsdir last call review of
draft-ietf-curdle-ssh-ed25519-
> ed448-07
> 
> Hi Sheng,
> 
> Thanks for the comment and the suggestion. I agree that it may sound
> strange to have a standard Track category without any reference to
> RFC2119. In addition, while the document provides IANA registry updates,
> the IANA registration does not require a Standard Track. So *technically*
the
> informational category could be fine.
> 
> The motivation for a Standard Track document was to have these algorithms
> as part of the SSH protocol. In other words, we expect that SSH will come
> with these algorithms in the future. For that reason we requested the
status
> to be "Standard Track" to remain coherent with RFC425{1-4}.
> 
> (RFC4250 and) RFC4253 provided the initial values for the Public Key
registry.
> While the protocol comes with some registry values, my understanding is
> that updating the registry by adding a new value is not considered as an
> update the RFC. For that reason we did not provide RFC4253 or RFC4250 in
> the update status. While the update does not concern the RFC, it affects
the
> protocol and should - in my opinion be associated to the same status as
the
> protocol.
> 
> As a side note, all RFCs that have updated the Public Key Algorithm Names
> are Standard Track documents. On the other hand, they seem to reference
> and use the RFC2119 terms.
> 
> I believe that the Standard Track category is the most appropriated,
> however, I am happy to be wrong and have misunderstood something. Feel
> free to let me know your opinion on the category, as well as if there are
any
> clarification we should add in the text. I suggest that we add a sentence
> around the lines:
> """ These signature algorithms are expected to be integrated into the
> standard implementations of SSH. """
> 
> Any feed back is welcome!
> 
> Yours,
> Daniel
> -----Original Message-----
> From: Sheng Jiang <jiangsheng@huawei.com>
> Sent: Wednesday, January 02, 2019 5:02 AM
> To: ops-dir@ietf.org
> Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org;
> ietf@ietf.org
> Subject: Opsdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
> 
> Reviewer: Sheng Jiang
> Review result: Has Issues
> 
> Reviewer: Sheng Jiang
> Review result: Has Issues
> 
> Hi, OPS-DIR, Authors,
> 
> I have reviewed this document as part of the Operational directorate's
> ongoing effort to review all IETF documents being processed by the IESG.
> These comments were written with the intent of improving the operational
> aspects of the IETF drafts. Comments that are not addressed in last call
may
> be included in AD reviews during the IESG review. Document editors and WG
> chairs should treat these comments just like any other last call comments.
> 
> This standard track document describes the use of the Ed25519 and Ed448
> digital signature algorithm in the Secure Shell (SSH) protocol.  This
document
> is one of the shortest documents I have ever seen. It is clear and well
> written.
> However, I have a fundamental issue regarding to its Intended status
> "Standards Track", describe below. Therefore, it has issues for
publication
> although I think it is easy to fixed - changing the Intended status.
> 
> Major issue: this document has Intended status for Standards Track.
> However, neither this document fails to quota RFC 2119 or has any
> normative words.
> Consistently, I don't think the description in this document has any
> mandatory requirements for any implementations of protocols. Actually, the
> most important quota of this document, RFC8032, is Informational, which is
> a Downref in this document. Therefore, I think it is more proper this
> document intends for Informational status.
> 
> Minor issue: no.
> 
> Regards,
> 
> Sheng
> 
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle

v2.23.0 | Report a Bug | By Email