IETF Logo Mail Archive

[Gen-art] Gen-ART Last Call review of draft-iab-crypto-alg-agility-07.txt

Suresh Krishnan <suresh.krishnan@ericsson.com> Tue, 18 August 2015 03:10 UTC

Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00AAD1B2AAE; Mon, 17 Aug 2015 20:10:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oGPSjVm9m_kC; Mon, 17 Aug 2015 20:10:24 -0700 (PDT)
Received: from usevmg21.ericsson.net (usevmg21.ericsson.net [198.24.6.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 828CC1B3117; Mon, 17 Aug 2015 20:10:24 -0700 (PDT)
X-AuditID: c6180641-f792c6d00000686a-fd-55d238b6fbb1
Received: from EUSAAHC003.ericsson.se (Unknown_Domain [147.117.188.81]) by usevmg21.ericsson.net (Symantec Mail Security) with SMTP id 72.E4.26730.6B832D55; Mon, 17 Aug 2015 21:40:38 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC003.ericsson.se ([147.117.188.81]) with mapi id 14.03.0210.002; Mon, 17 Aug 2015 23:10:22 -0400
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
To: "draft-iab-crypto-alg-agility.all@ietf.org" <draft-iab-crypto-alg-agility.all@ietf.org>, General Area Review Team <gen-art@ietf.org>
Thread-Topic: Gen-ART Last Call review of draft-iab-crypto-alg-agility-07.txt
Thread-Index: AdDZY2sFjPHRsQskTTGKdCyd7mTdyA==
Date: Tue, 18 Aug 2015 03:10:21 +0000
Message-ID: <E87B771635882B4BA20096B589152EF63A8C9181@eusaamb107.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.12]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrOLMWRmVeSWpSXmKPExsUyuXRPoO42i0uhBtemiFvc+T6X1eLqq88s DkweS5b8ZApgjOKySUnNySxLLdK3S+DKWLdmA2PBX9GKTz8fsjQwNgp1MXJySAiYSHxauZUd whaTuHBvPVsXIxeHkMBRRol7U9+ygCSEBJYzSpxurwSx2YAaNuz8zARSJCLQwyix6OMfsCJh AQ+Jw9e7mEBsEQFfiTef7kPZehJXp21gBbFZBFQl1q24A7SNg4MXqGbeBQ+QMCPQ4u+n1oCV MwuIS9x6Mp8J4iABiSV7zjND2KISLx//Y4WwlSTmvL7GDFGvI7Fg9yc2CFtbYtnC12BxXgFB iZMzn7BMYBSehWTsLCQts5C0zELSsoCRZRUjR2lxalluupHhJkZgSB+TYHPcwbjgk+UhRgEO RiUeXgXFS6FCrIllxZW5hxilOViUxHml/fJChQTSE0tSs1NTC1KL4otKc1KLDzEycXBKNTAe 6q4Ov7DQw4PH+ikbQ96/GVuWJ78uWbak4v6D/MoLhQfTp3LrrKif8zLM9Lvkseb8KeKGfi8f MjpeuTxdQ2/T8tk5l0Lbjmv3StmuEwivan3aWXv4RF/3jjU/Ny6PcDH9svOLcmLa1g8niqf7 x4i5u21P+vZ+1Yovs+yvhpseeJXDY3hfT/uAEktxRqKhFnNRcSIAlhrUpUoCAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/Q7P3YhsM_GxckOp5AzoqBeqZV5I>
Subject: [Gen-art] Gen-ART Last Call review of draft-iab-crypto-alg-agility-07.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2015 03:10:26 -0000

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed by
the IESG for the General Area director. Document editors and WG chairs
should treat these comments just like any other last call comments.

Summary: The draft is almost ready for publication as a BCP but I do 
have some comments you may wish to address.

Minor
=====

* Section 1

Not sure what becomes more feasible in this sentence. I am assuming that 
it is an attack becoming more feasible. If so, suggest rewording to
something like.

OLD:

As new cryptanalysis techniques are developed and computing capabilities 
improve, the work factor to break a particular cryptographic algorithm 
will reduce, becoming more feasible for more attackers.

NEW:

As new cryptanalysis techniques are developed and computing capabilities 
improve, the work factor to break a particular cryptographic algorithm 
will reduce, thus making it more susceptible to attackers.

* Section 2.6

Would it be useful to put in a recommendation here to use strongest 
possible algorithms/suites and longest possible keys for such long lived 
trust anchor certificates?

* Section 3.4

The default server or
    responder configuration SHOULD disable such algorithms

* Security considerations

The reference to RFC5166 seems to be wrong and talks about evaluation of 
congestion control mechanisms. Just randomly searching through the RFC 
index led to me to RFC5116 that seems to be about authentication 
encryption algorithms. If this is the correct reference, it needs to be 
fixed in both this section and in the references section.


Editorial
=========

* The document is missing a Table of contents. The ID guidelines 
recommends a Table of Contents for drafts that are longer than 15 pages.

* Section 1

s/one or more algorithm identifier/one or more algorithm identifiers/

* Section 2

OLD:
one or more algorithm or suite identifier

NEW:
one or more algorithm or suite identifiers

* Section 2.2

OLD:
one or more strong mandatory-to-implement algorithm or suite

NEW:
one or more strong mandatory-to-implement algorithm or suites

* Section 3.1

s/The IETF has alway/The IETF has always/

s/as well as meeting/and should also meet/

s/depending of the population/depending on the population/

Thanks
Suresh

v2.23.0 | Report a Bug | By Email