[Curdle] Ben Campbell's Yes on draft-ietf-curdle-ssh-ext-info-12: (with COMMENT)
Ben Campbell <ben@nostrum.com> Thu, 14 September 2017 04:24 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: curdle@ietf.org
Delivered-To: curdle@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A3DB1320B5; Wed, 13 Sep 2017 21:24:42 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Ben Campbell <ben@nostrum.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-curdle-ssh-ext-info@ietf.org, Daniel Migault <daniel.migault@ericsson.com>, curdle-chairs@ietf.org, daniel.migault@ericsson.com, curdle@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.61.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150536308262.12620.12702512428289572415.idtracker@ietfa.amsl.com>
Date: Wed, 13 Sep 2017 21:24:42 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/KNlA0J6A6WjNL97diSqJ7oyHzow>
Subject: [Curdle] Ben Campbell's Yes on draft-ietf-curdle-ssh-ext-info-12: (with COMMENT)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Sep 2017 04:24:43 -0000
Ben Campbell has entered the following ballot position for draft-ietf-curdle-ssh-ext-info-12: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-curdle-ssh-ext-info/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for addressing my DISCUSS point. I've cleared, with the assumption the discussed change will make it into the final document. (I leave the non-blocking comments below for reference, although most of them have been addressed in the email discussion.) Substantive: -2.3: "This message is sent immediately after SSH_MSG_NEWKEYS, without delay." That seems to be contradicted in section 2.4, which talks about two other potential times. -2.4, last paragraph (asterisk note): "The message MUST be sent at this point for the following reasons:" That's a confusing use of MUST. Do you mean that the message MUST NOT be sent unless the reasons are true? Or that if the reasons are true, the message MUST be sent? Or is this just a statement of fact, in which case the 2119 keyword is not appropriate? -2.5, 2nd paragraph: "or it MAY be sufficient that only one party includes it" That seems like a statement of fact rather than a grant of permission. If so, the 2119 MAY is not appropriate. Editorial: -2.1, first paragraph: "Applications implementing this mechanism MUST add to the field "kex_algorithms", in their KEXINIT packet sent for the first key exchange, one of the following indicator names:" That's hard to parse. Suggestion: "Applications implementing this mechanism MUST add one of the following indicator names to the "kex_algorithms" field for the first key exchange:" -2.5, 2nd to last paragraph: "... applications MUST tolerate any sequence of bytes; including null bytes at any position; in an unknown extension’s extension-value." Redundant to similar normative statement in 2.3.
- [Curdle] Ben Campbell's Yes on draft-ietf-curdle-… Ben Campbell