Re: [Curdle] new AD review comments on draft-ietf-curdle-ssh-ed25519-ed448-08

[Loganaden Velvindron <loganaden@gmail.com>]

On Wed, Jul 31, 2019 at 1:34 AM Benjamin Kaduk <kaduk@mit.edu> wrote:
>
> Cycling back on this, my reading of the archive suggests that we want an
> -09 to include Daniel's suggested text to clarify on (1), and we need to
> hear from Ben about (3).
>
> Does that sound right to everyone or am I missing something?
>
I would suggest standards track given that ed25519 is already public key is
already implemented by OpenSSH.

http://www.openssh.com/txt/release-6.5

> Thanks,
>
> Ben
>
> On Fri, Jun 07, 2019 at 05:26:11PM -0500, Benjamin Kaduk wrote:
> > On Thu, Jun 06, 2019 at 02:56:46PM +0000, Daniel Migault wrote:
> > > This is correct, for some reasons I reviewed version 07. So version 08 is solving the opsdir issue. I will close the thread on the mailing list.
> >
> > Ah, thank you.  Thanks also to Loganaden for the updates in the -08, and
> > sorry for not having confirmed that they did address the opsdir review
> > comment.
> >
> > > The SSHF Record includes the algorithm used for the public key, the type of the fingerprint. The current draft only adds a registry for the algorithm. I believe the confusion might be that the current text  seems to indicate some additional changes for example in the generation of the finger print.  Maybe the text below around the following lines clarifies the purpose of the changes.
> >
> > That seems likely.
> >
> > > If so, the only remaining point is the IPR declaration.
> >
> > [adding Ben to the To: list to try to answer this question.]
> >
> > -Ben
> >
> > > OLD:
> > > The generation of SSHFP resource records for "ssh-ed25519" keys is
> > >    described in [RFC7479].
> > >
> > >    The generation of SSHFP resource records for "ssh-ed448" keys is
> > >    described as follows.
> > >
> > >    the SSHFP Resource Record for the Ed448 public key with SHA-256
> > >    fingerprint would be example be:
> > >
> > >    example.com.  IN SSHFP TBD 2 ( a87f1b687ac0e57d2a081a2f2826723
> > >    34d90ed316d2b818ca9580ea384d924 01 )
> > >
> > >    The 2 here indicates SHA-256 [RFC6594].
> > >
> > > NEW:
> > >
> > > The generation of SSHFP resource records for "ssh-ed25519" keys is
> > >    described in [RFC7479].
> > >
> > > The SSHFP resource records for "ssh-ed448" keys is generated similarly,
> > > with the algorithm field indicating a Ed448 public key.
> > >
> > > The SSHFP Resource Record for the Ed448 public key with SHA-256
> > > fingerprint would be example be:
> > >
> > > example.com.  IN SSHFP TBD 2 ( a87f1b687ac0e57d2a081a2f2826723
> > > 34d90ed316d2b818ca9580ea384d924 01 )
> > >
> > > The 2 here indicates SHA-256 [RFC6594].
> > >
> > > From: Loganaden Velvindron <loganaden@gmail.com>
> > > Sent: Thursday, June 06, 2019 3:02 AM
> > > To: Daniel Migault <daniel.migault@ericsson.com>
> > > Cc: Benjamin Kaduk <kaduk@mit.edu>; draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org
> > > Subject: Re: new AD review comments on draft-ietf-curdle-ssh-ed25519-ed448-08
> > >
> > > I already published rev08 to address those issues:
> > > https://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-curdle-ssh-ed25519-ed448-08.txt
> > >
> > > On Wed, Jun 5, 2019 at 5:52 PM Daniel Migault <daniel.migault@ericsson.com<mailto:daniel.migault@ericsson.com>> wrote:
> > > Thanks Ben for the follow-up, please see my responses inline for (2) and (4). I believe a version 08 is needed to address (1) and (2).
> > > Yours,
> > > Daniel
> > >
> > > -----Original Message-----
> > > From: Benjamin Kaduk <kaduk@mit.edu<mailto:kaduk@mit.edu>>
> > > Sent: Tuesday, June 04, 2019 1:41 PM
> > > To: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org<mailto:draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org>
> > > Cc: curdle@ietf.org<mailto:curdle@ietf.org>
> > > Subject: new AD review comments on draft-ietf-curdle-ssh-ed25519-ed448-08
> > >
> > > Hi all,
> > >
> > > I'm just about ready to send this to the IESG, but there seems to be a few things to fix, first:
> > >
> > > (1) In Section 8 we say "The generation of SSHFP resource records for "ssh-ed448" keys is described as follows." but then give only an example and not a description of what to do.  We need to say more about this procedure
> > >
> > > (2) I'm not sure if the chain on the opsdir review got fully resolved; see https://mailarchive.ietf.org/arch/msg/curdle/DZc2Sr19zJ71nnC3pSIF0uPhaCk
> > > <mglt>
> > > The current version has not accordingly been updated.
> > > </mglt>
> > >
> > > (3) The shepherd writeup says that Ben did not confirm IPR (non)disclosure per BCPs 78 and 79 -- Ben, can you please do so now?
> > >
> > > (4) Daniel, can you please update the shepherd writeup to reflect the discussions with the directorate reviewers about document status?  I'm sure that some IESG members will ask "why not Informational?" if we don't forestall them.
> > >
> > > <mglt>
> > > I have update the shepherd as follows:
> > >
> > > (1) What type of RFC is being requested (BCP, Proposed Standard,
> > > Internet Standard, Informational, Experimental, or Historic)?  Why
> > > is this the proper type of RFC?  Is this type of RFC indicated in the
> > > title page header?
> > >
> > > The requested status is Standard Track. This is necessary for
> > > inter-operability  and as such the Standard Track seems the
> > > most appropriated status.
> > >
> > > The OPS Directorate wondered why version 07 was a Standard Track
> > > document and not an informational document as no normative 2119 words.
> > >
> > > The reason for being a standard track is that we expect the implementation
> > > that implement SSH to follow these recommendations. The consensus was
> > > to explicitly mention it in the document around the lines:
> > >
> > > "Standard implementations of SSH SHOULD implement these signature algorithms."
> > > </mglt>
> > > Thanks,
> > >
> > > Ben