Re: [Curdle] Éric Vyncke's Discuss on draft-ietf-curdle-ssh-curves-10: (with DISCUSS and COMMENT)
"Mark D. Baushke" <mdb@juniper.net> Tue, 03 September 2019 04:08 UTC
Return-Path: <mdb@juniper.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AC7F1200E6; Mon, 2 Sep 2019 21:08:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dhVgAVZGNAzo; Mon, 2 Sep 2019 21:08:33 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 357321200DE; Mon, 2 Sep 2019 21:08:33 -0700 (PDT)
Received: from pps.filterd (m0108163.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x8344odN005874; Mon, 2 Sep 2019 21:08:27 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : subject : in-reply-to : references : from : mime-version : content-type : content-transfer-encoding : date : message-id; s=PPS1017; bh=VVP0t3xH2hOxpCdXQfEYuGSKnzXXY9vTqB7bc2quioQ=; b=x5gXRENX3tgoTn2gMBdbqMpQvdPUAN2jk1iXlwQXReaJ+1vIeYJu9SnGWzBmyymrn8zl ge9nYdgryjGW6GrNhcxauJ0fgHMnYTFQ1XFtxUr7nsKzdsaM80/3UXML8QEtsjwcx2lH R0lqgGOSG697V0qD/x7ua+RsbiJ1KXaRckF+obDXkk8YvmMsBiTdXSt0YqgYg6rB0d3V yvsg9Lzn3Fp2LMnW9N6Ymggwcy4dUMvN0OUj0vzJemRFtgtYG99BdARPa/xsQ+QdlKaf wzU+lM6fwa8VNW9Z0l1NozK5xTWGlLlL+CX0/UXLeimjJSpPoyvFNapMIl8RrpyZRleC Zw==
Received: from nam02-bl2-obe.outbound.protection.outlook.com (mail-bl2nam02lp2051.outbound.protection.outlook.com [104.47.38.51]) by mx0b-00273201.pphosted.com with ESMTP id 2uqm4rv1s7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 02 Sep 2019 21:08:27 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SU2PrWgfD/Aj4vlOJa+OEvX+AeScP22DrDVIqdq6FNrgbLDJN+4bZ26qdYInbRZqoN/HSHig4gpFHj3AAv03zAl7aM/U5GrDYWc/WjUPvBvIXp//vVChEbrap+RleC9d40eO3bb7qMNCU2h/xSeOIvvnZDP0YmGwgo5Bi9EslE7yVXehTCzuN+mREII1GgvRBbp0dQx4zLukgddkS2UDlYB+3WSrtuIPvM2bM3nMifursOQGvfLFiCQfynre8CoBUxKGQYEweEt0lm/+M1yENJlg7wNRDA5EvevCH+w7fNBZaXSZxNduTvM9yKGDjwetKa7qURv1eA5Vjc+qXk676w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VVP0t3xH2hOxpCdXQfEYuGSKnzXXY9vTqB7bc2quioQ=; b=coqpQDO/mp+HE3F7ZSUB2LWUGQfvcYeeexqq5+jWO4mitIatNb9qFX4L+QqqAirtBTOARyGmHj4oqbW6HH5ZhfS13mXfXFY//StrYTM2UnHUP8j9PS/VdWESKZ5ubvR2HlFF1BLTGtn/FWOTgBEBYSbLAd9YoRS4KlVZPkRf0BRdF1VXM55XIXCRlcX49cuJXch5W6qh2RqDM6ZUyoZA8AUL4fne9P46Xt3JfvoIuFgRXcDc0DnoDwbB4CYTehK8NPufYep+KlDRjMIA4XHjd6VFwJToL7/c3fnras/UxYL7ZbI6Oma8BVukwfNbfiSZFC4wqqQBLH9C0riTeS4Gog==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 66.129.239.13) smtp.rcpttodomain=ietf.org smtp.mailfrom=juniper.net; dmarc=fail (p=reject sp=reject pct=100) action=oreject header.from=juniper.net; dkim=none (message not signed); arc=none
Received: from CH2PR05CA0018.namprd05.prod.outlook.com (2603:10b6:610::31) by DM5PR05MB2875.namprd05.prod.outlook.com (2603:10b6:3:4e::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2241.5; Tue, 3 Sep 2019 04:08:25 +0000
Received: from DM3NAM05FT041.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e51::208) by CH2PR05CA0018.outlook.office365.com (2603:10b6:610::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2220.19 via Frontend Transport; Tue, 3 Sep 2019 04:08:25 +0000
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.13 as permitted sender)
Received: from P-EXFEND-EQX-02.jnpr.net (66.129.239.13) by DM3NAM05FT041.mail.protection.outlook.com (10.152.98.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2241.7 via Frontend Transport; Tue, 3 Sep 2019 04:08:25 +0000
Received: from P-EXBEND-EQX-02.jnpr.net (10.104.8.53) by P-EXFEND-EQX-02.jnpr.net (10.104.8.55) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 2 Sep 2019 21:08:24 -0700
Received: from P-EXBEND-EQX-02.jnpr.net (10.104.8.53) by P-EXBEND-EQX-02.jnpr.net (10.104.8.53) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 2 Sep 2019 21:08:24 -0700
Received: from p-mailhub01.juniper.net (10.104.20.6) by P-EXBEND-EQX-02.jnpr.net (10.104.8.53) with Microsoft SMTP Server (TLS) id 15.0.1367.3 via Frontend Transport; Mon, 2 Sep 2019 21:08:24 -0700
Received: from contrail-ubm16-mdb.svec1.juniper.net ([10.163.18.199]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id x8348Mjn021617; Mon, 2 Sep 2019 21:08:22 -0700 (envelope-from mdb@juniper.net)
To: =?utf-8?q?=C3=89ric_Vyncke?= <evyncke@cisco.com>
CC: The IESG <iesg@ietf.org>, daniel.migault@ericsson.com, draft-ietf-curdle-ssh-curves@ietf.org, curdle-chairs@ietf.org, curdle@ietf.org
In-Reply-To: <156741598969.12899.17772144244382628268.idtracker@ietfa.amsl.com>
References: <156741598969.12899.17772144244382628268.idtracker@ietfa.amsl.com>
Comments: In-reply-to: =?utf-8?q?=C3=89ric_Vyncke_via_Datatracker?= <noreply@ietf.org> message dated "Mon, 02 Sep 2019 02:19:49 -0700."
From: "Mark D. Baushke" <mdb@juniper.net>
X-Phone: +1 408 745-2952 (Office)
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
X-Face: #8D_6URD2G%vC.hzU<dI&#Y9szHj$'mGtUq&d=rXy^L$-=G_-LmZ^5!Fszk:yXZp$k\nTF? 8Up0!v/%1Q[(d?ES0mQW8dRCXi18gK)luJu)loHk, }4{Vi`yX?p?crF5o:LL{6#eiO:(E:YMxLXULB k|'a*EjN.B&L+[J!PhJ*aX0n:5/
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 02 Sep 2019 21:08:22 -0700
Message-ID: <14394.1567483702@contrail-ubm16-mdb.svec1.juniper.net>
X-EXCLAIMER-MD-CONFIG: e3cb0ff2-54e7-4646-8a04-0dae4ac7b136
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.13; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(4636009)(396003)(376002)(136003)(39860400002)(346002)(2980300002)(189003)(199004)(966005)(2906002)(6916009)(70206006)(336012)(8936002)(8746002)(305945005)(426003)(5660300002)(70586007)(446003)(23676004)(97876018)(14444005)(224303003)(126002)(47776003)(50226002)(50466002)(486006)(11346002)(476003)(2486003)(229853002)(117636001)(478600001)(81156014)(76176011)(186003)(86362001)(81166006)(4326008)(54906003)(6306002)(7696005)(356004)(26005)(316002)(53936002)(6246003)(62816006); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB2875; H:P-EXFEND-EQX-02.jnpr.net; FPR:; SPF:SoftFail; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b93dc9e3-567a-4761-fa84-08d730245e4f
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(4710121)(4711137)(1401327)(4618075)(2017052603328); SRVR:DM5PR05MB2875;
X-MS-TrafficTypeDiagnostic: DM5PR05MB2875:
X-MS-Exchange-PUrlCount: 2
X-Microsoft-Antispam-PRVS: <DM5PR05MB28750DC5CBB50308EAB1D0E5BFB90@DM5PR05MB2875.namprd05.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:6790;
X-Forefront-PRVS: 01494FA7F7
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: /fyePt6y8vvI43KsdTZWh50NVfyhCtZuszFw/6ByDYmz0HQ6Jhw0mPP/UcTWwhZOEibHpiFFRn6vX60teKzqQpVFjjUynmxqiTlw/wzbYbOgQoYDELyWjZCjWJG5kx1fwzlSd7CM+Sl+oEXGGxUrGWMxe0iAtzz1+fDp0amDAkANti0KLJNah61WUYQ4KDdJ6IxV46VQxBhvD3JYznnaIANZESU1ufWP1P3F7i2ysEsFfNqcrtn55uDONdNQfE7mRJWqVolqmD3sFeQVmLnlkC4lrFMG9XGklhzYWPMr24JtUJLwq2iHul4kQexkf0aefzMQYo5tLsmNOgacQ4YSgzALpbYGQ+q0Bu32w/gJQxCIQShF7sVJ5iwCzcr7J9SGXZni0V4ooYLNBCgSRiEKW8Oylbho/0uvoSJxdtfuJZI=
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Sep 2019 04:08:25.2828 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b93dc9e3-567a-4761-fa84-08d730245e4f
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.13]; Helo=[P-EXFEND-EQX-02.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB2875
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.70,1.0.8 definitions=2019-09-02_10:2019-08-29,2019-09-02 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 bulkscore=0 spamscore=0 mlxlogscore=999 phishscore=0 clxscore=1011 impostorscore=0 priorityscore=1501 suspectscore=0 mlxscore=0 adultscore=0 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1906280000 definitions=main-1909030043
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/rljiO3OTZDj_sbt0ZbN__pYEHp0>
Subject: Re: [Curdle] Éric Vyncke's Discuss on draft-ietf-curdle-ssh-curves-10: (with DISCUSS and COMMENT)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Sep 2019 04:08:35 -0000
Hi Eric, My comments are in-line. Look for MDB: Éric Vyncke via Datatracker <noreply@ietf.org> writes: > Éric Vyncke has entered the following ballot position for > draft-ietf-curdle-ssh-curves-10: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/blog/discuss-criteria-iesg-review/ > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-curdle-ssh-curves/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Thank you for the hard work put into this document. MDB: Thank you for taking the time to review it and provide actionable comments. > Please note that I second Mirja's discuss about the 'copying' text. I understand the issue. I have no problems with removing that text, but I am not the sole author of the document and did not add it in the first place. > And, please find below an easy-to-fix DISCUSS and some COMMENTs. > > Regards, > > -éric > > == DISCUSS == > > -- Abstract -- > > For a standard track document, I find it weird to write 'conventions' rather > than specification. Easy to fix. MDB: Okay. The abstract now reads: This document describes the specification for using Curve25519 and Curve448 key exchange methods in the Secure Shell (SSH) protocol. > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > == COMMENTS == > > -- Section 1 -- > " At the time of writing this specification" will look strange in a couple of > years, please state 2019. MDB: This paragraph hs been rerwritten as This document provide Curve25519 as the preferred choice, but suggests that the Curve448 is implemented to provide more than 128 bits of security strength should that become a requirement. > > -- Section 3 -- > I am not a SSH expert, but, can you add a reference to X25519 (in RFC > 7748?) if not obvious for SSH experts ? I am not sure I understand what you want changed. The text here: Key-agreement schemes "curve25519-sha256" and "curve448-sha512" perform the Diffie-Hellman protocol using the functions X25519 and X448, respectively. Implementations SHOULD compute these functions using the algorithms described in [RFC7748]. seems pretty clear to me that X25519 and X448 are described in RFC7748. Did you need to have me change '... described in [RFC7748].' to read '... described in section 5 of [RFC7748].' Or, something else? > == NITS == > > -- Section 1 -- > s/This document provide Curve25519/This document provides Curve25519/ Fixed. > s/Curve25519 has been/Curve25519 have been/ The paragraph containing that phrase has been removed from the document entirely. > From now on, I am stopping to review for nits, typos and grammar > errors. Please run a spell checker. I have used a spell checker. ther than proper names, code point names, and abbreviaions, the only the word Acknowledgements (with two e charcters) vs Acknowledgments (with one e) is flagged. The former is favored outside of the US and Canada while the latter is favored inside. As the primary co-author, Aris Adamantiadis, I have no problem using the word favored outside of the United States. If this is an issue, the IETF publishers may change the spelling. -- Mark
- [Curdle] Éric Vyncke's Discuss on draft-ietf-curd… Éric Vyncke via Datatracker
- Re: [Curdle] Éric Vyncke's Discuss on draft-ietf-… Mark D. Baushke
- Re: [Curdle] Éric Vyncke's Discuss on draft-ietf-… Eric Vyncke (evyncke)