Re: [Curdle] new AD review comments on draft-ietf-curdle-ssh-ed25519-ed448-08

[Daniel Migault <daniel.migault@ericsson.com>]

Hi,

I believe that is all we need to do.

Yours,
Daniel

On Tue, Jul 30, 2019 at 5:34 PM Benjamin Kaduk <kaduk@mit.edu> wrote:

> Cycling back on this, my reading of the archive suggests that we want an
> -09 to include Daniel's suggested text to clarify on (1), and we need to
> hear from Ben about (3).
>
> Does that sound right to everyone or am I missing something?
>
> Thanks,
>
> Ben
>
> On Fri, Jun 07, 2019 at 05:26:11PM -0500, Benjamin Kaduk wrote:
> > On Thu, Jun 06, 2019 at 02:56:46PM +0000, Daniel Migault wrote:
> > > This is correct, for some reasons I reviewed version 07. So version 08
> is solving the opsdir issue. I will close the thread on the mailing list.
> >
> > Ah, thank you.  Thanks also to Loganaden for the updates in the -08, and
> > sorry for not having confirmed that they did address the opsdir review
> > comment.
> >
> > > The SSHF Record includes the algorithm used for the public key, the
> type of the fingerprint. The current draft only adds a registry for the
> algorithm. I believe the confusion might be that the current text  seems to
> indicate some additional changes for example in the generation of the
> finger print.  Maybe the text below around the following lines clarifies
> the purpose of the changes.
> >
> > That seems likely.
> >
> > > If so, the only remaining point is the IPR declaration.
> >
> > [adding Ben to the To: list to try to answer this question.]
> >
> > -Ben
> >
> > > OLD:
> > > The generation of SSHFP resource records for "ssh-ed25519" keys is
> > >    described in [RFC7479].
> > >
> > >    The generation of SSHFP resource records for "ssh-ed448" keys is
> > >    described as follows.
> > >
> > >    the SSHFP Resource Record for the Ed448 public key with SHA-256
> > >    fingerprint would be example be:
> > >
> > >    example.com.  IN SSHFP TBD 2 ( a87f1b687ac0e57d2a081a2f2826723
> > >    34d90ed316d2b818ca9580ea384d924 01 )
> > >
> > >    The 2 here indicates SHA-256 [RFC6594].
> > >
> > > NEW:
> > >
> > > The generation of SSHFP resource records for "ssh-ed25519" keys is
> > >    described in [RFC7479].
> > >
> > > The SSHFP resource records for "ssh-ed448" keys is generated similarly,
> > > with the algorithm field indicating a Ed448 public key.
> > >
> > > The SSHFP Resource Record for the Ed448 public key with SHA-256
> > > fingerprint would be example be:
> > >
> > > example.com.  IN SSHFP TBD 2 ( a87f1b687ac0e57d2a081a2f2826723
> > > 34d90ed316d2b818ca9580ea384d924 01 )
> > >
> > > The 2 here indicates SHA-256 [RFC6594].
> > >
> > > From: Loganaden Velvindron <loganaden@gmail.com>
> > > Sent: Thursday, June 06, 2019 3:02 AM
> > > To: Daniel Migault <daniel.migault@ericsson.com>
> > > Cc: Benjamin Kaduk <kaduk@mit.edu>;
> draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org; curdle@ietf.org
> > > Subject: Re: new AD review comments on
> draft-ietf-curdle-ssh-ed25519-ed448-08
> > >
> > > I already published rev08 to address those issues:
> > >
> https://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-curdle-ssh-ed25519-ed448-08.txt
> > >
> > > On Wed, Jun 5, 2019 at 5:52 PM Daniel Migault <
> daniel.migault@ericsson.com<mailto:daniel.migault@ericsson.com>> wrote:
> > > Thanks Ben for the follow-up, please see my responses inline for (2)
> and (4). I believe a version 08 is needed to address (1) and (2).
> > > Yours,
> > > Daniel
> > >
> > > -----Original Message-----
> > > From: Benjamin Kaduk <kaduk@mit.edu<mailto:kaduk@mit.edu>>
> > > Sent: Tuesday, June 04, 2019 1:41 PM
> > > To: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org<mailto:
> draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org>
> > > Cc: curdle@ietf.org<mailto:curdle@ietf.org>
> > > Subject: new AD review comments on
> draft-ietf-curdle-ssh-ed25519-ed448-08
> > >
> > > Hi all,
> > >
> > > I'm just about ready to send this to the IESG, but there seems to be a
> few things to fix, first:
> > >
> > > (1) In Section 8 we say "The generation of SSHFP resource records for
> "ssh-ed448" keys is described as follows." but then give only an example
> and not a description of what to do.  We need to say more about this
> procedure
> > >
> > > (2) I'm not sure if the chain on the opsdir review got fully resolved;
> see
> https://mailarchive.ietf.org/arch/msg/curdle/DZc2Sr19zJ71nnC3pSIF0uPhaCk
> > > <mglt>
> > > The current version has not accordingly been updated.
> > > </mglt>
> > >
> > > (3) The shepherd writeup says that Ben did not confirm IPR
> (non)disclosure per BCPs 78 and 79 -- Ben, can you please do so now?
> > >
> > > (4) Daniel, can you please update the shepherd writeup to reflect the
> discussions with the directorate reviewers about document status?  I'm sure
> that some IESG members will ask "why not Informational?" if we don't
> forestall them.
> > >
> > > <mglt>
> > > I have update the shepherd as follows:
> > >
> > > (1) What type of RFC is being requested (BCP, Proposed Standard,
> > > Internet Standard, Informational, Experimental, or Historic)?  Why
> > > is this the proper type of RFC?  Is this type of RFC indicated in the
> > > title page header?
> > >
> > > The requested status is Standard Track. This is necessary for
> > > inter-operability  and as such the Standard Track seems the
> > > most appropriated status.
> > >
> > > The OPS Directorate wondered why version 07 was a Standard Track
> > > document and not an informational document as no normative 2119 words.
> > >
> > > The reason for being a standard track is that we expect the
> implementation
> > > that implement SSH to follow these recommendations. The consensus was
> > > to explicitly mention it in the document around the lines:
> > >
> > > "Standard implementations of SSH SHOULD implement these signature
> algorithms."
> > > </mglt>
> > > Thanks,
> > >
> > > Ben
>