[Gen-art] Gen-ART Last Call review of draft-ietf-ipsecme-safecurves-04
Orit Levin <oritl@microsoft.com> Tue, 27 September 2016 21:30 UTC
Return-Path: <oritl@microsoft.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA05D12B208; Tue, 27 Sep 2016 14:30:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.022
X-Spam-Level:
X-Spam-Status: No, score=-2.022 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K9fSKxdvez3G; Tue, 27 Sep 2016 14:30:42 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0136.outbound.protection.outlook.com [104.47.38.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A2F812B1CA; Tue, 27 Sep 2016 14:30:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=47/jeZRGwBkx6T/8sIMJYJJiloiMs/cgAFam5cHGZfI=; b=ZoZ6uObGa4mv5NMC9ER+KV5g/NPLxCs5A/Cpt7prum88WQGwxN6scaPFmcdRu8b1unPVM9c9xFxoZPQZYifEcxfosnyTh3msoaL7+eHE2mWGHZuTeOGa5APdvXubTTZgYBs25zvvM8cNDr0uTf33YsOevIg1JK9bKhwoJ+i2/S4=
Received: from CY1PR0301MB2122.namprd03.prod.outlook.com (10.164.2.156) by CY1PR0301MB2122.namprd03.prod.outlook.com (10.164.2.156) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.639.5; Tue, 27 Sep 2016 21:30:37 +0000
Received: from CY1PR0301MB2122.namprd03.prod.outlook.com ([10.164.2.156]) by CY1PR0301MB2122.namprd03.prod.outlook.com ([10.164.2.156]) with mapi id 15.01.0639.013; Tue, 27 Sep 2016 21:30:37 +0000
From: Orit Levin <oritl@microsoft.com>
To: "draft-ietf-ipsecme-safecurves.all@ietf.org" <draft-ietf-ipsecme-safecurves.all@ietf.org>
Thread-Topic: Gen-ART Last Call review of draft-ietf-ipsecme-safecurves-04
Thread-Index: AdIYRMTnYgS2dtIPTa+wJMIZyuxSKA==
Date: Tue, 27 Sep 2016 21:30:37 +0000
Message-ID: <CY1PR0301MB21228739B90B768D40ED5AAAADCC0@CY1PR0301MB2122.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=oritl@microsoft.com;
x-originating-ip: [2001:4898:80e8:7::7a8]
x-ms-office365-filtering-correlation-id: d047974c-8f96-4e3a-981b-08d3e71d85dd
x-microsoft-exchange-diagnostics: 1; CY1PR0301MB2122; 6:CiEC/sVYGumkqYzW7nWteU6nJwtjnnJbmDbhs6N/8xYkiuykZNPjbvS1mLOrLnCTlFkbx8ksjIYD6BNRgI6JX9wIxJ3uMrgUxyz18Ms5dG+8CTidu218tc71C4q6UioKXeXDv/Y6SE8RCohXuBffTix7iObwn65L4O99KKER5jz1++Agn/h6RTvGw64KHpSD2SHvJlajlI2Y7fSLVGDBqjoIORObAeK/+L+CNcRxVbwz27Nacyi+sEEcRMRLwJy4NDRLI7X7k6hhFfsISFHUqPTrLXUWYHsqeO6vr9yRjDQ0hnLvuTnmk01J/E+0XgVr88QtOIWGseykcee+/q7y9w==; 5:LYH5n3mJLOnvx1lc28qjJFlVUjMtXuPm4pVVAPa4r7sDni5JVJeq5zcUJKh6zjxhVvoauG3HzHHTg4yBGWGfxuFIH7LBbVeLL07rH8dkGn4plG84YVOKCEn/8w+At2YrquWZyiKf8tMf3VhMIqSdrQ==; 24:uvlCViQd+Hi1sSPi3gZC0GtsBVKdt51pf2GVmmhJomqiQWJzG7nDSiP8Q6jRkYZXyfTQsVay/e/07VsBglAOlH129hYWeN3Si8K4+zfRoKA=; 7:a27uN/VopH0gCV/2SdAMm083uJaUDivwTqQNEW8lO/lQfkidhhWDa8HMhJLaeynmo5wIFXEfR0MkXoWFdG8IEtLA2BZRVMF0XhB3nh8eis+aFPsGrHp1pDTd6Owuo8tqmzOJPIFaTd7MQCYk+1/8Kv5+J5Q9bigaHAKtXEhidNxFtFcrwS+k86B+Htfrmm9Un0r45/GsKKCk2pQji8WVyOj/40ydnH3bDrt29DKWjPBl5B9O25nnBRV+8C/hZiMhLrSTqsee6YTB8EgHH9frrbKWXsbaFw0domsWg3AD7Is79BbEXNK+ZuooCazXguaY
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB2122;
x-microsoft-antispam-prvs: <CY1PR0301MB2122B7899123271C136804C9ADCC0@CY1PR0301MB2122.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705)(788757137089);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(61426038)(61427038); SRVR:CY1PR0301MB2122; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0301MB2122;
x-forefront-prvs: 007814487B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(199003)(377424004)(189002)(2501003)(76576001)(586003)(5002640100001)(4326007)(230783001)(189998001)(97736004)(68736007)(10090500001)(2906002)(122556002)(101416001)(77096005)(110136003)(50986999)(15975445007)(92566002)(7696004)(2900100001)(5660300001)(54356999)(10400500002)(305945005)(19580395003)(19580405001)(86362001)(9686002)(6916009)(5005710100001)(229853001)(87936001)(11100500001)(2351001)(106356001)(7736002)(5640700001)(7846002)(74316002)(10290500002)(450100001)(105586002)(81156014)(8676002)(81166006)(33656002)(6116002)(102836003)(8990500004)(8936002)(3660700001)(86612001)(99286002)(3280700002)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB2122; H:CY1PR0301MB2122.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2016 21:30:37.3500 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB2122
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/sc93RgoW4qKwlod5EhusuXx0JFs>
Cc: General Area Review Team <gen-art@ietf.org>
Subject: [Gen-art] Gen-ART Last Call review of draft-ietf-ipsecme-safecurves-04
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2016 21:30:47 -0000
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Document: review of draft-ietf-ipsecme-safecurves-04 Reviewer: Orit Levin (mailto:oritl@microsoft.com) Review Date: 2016-09-27 IETF LC End Date: 2016-09-29 IESG Telechat date: unknown Summary: This draft is basically ready for publication, but has nits that should be fixed before publication. The nits are purely editorial, but fixing them will improve the document's readability. 1. Introduction Par.1 "key agreement (Diffie-Hellman)" : Replace with "key agreement using Diffie-Hellman". Par.2 "That document": Replace with the name of the document to make clear which one is "that" document. Par.2 "free from": Replace with "resilient to". 2. Curve25519 and Curve448 Add at the start "Implementations of Curve25519 and Curve448 MUST/SHALL follow the steps described in this section." Par.1 Replace "are inherited from" with "are compliant with". Par.2 Replace "goes as" with "is performed as" 3. Use and Negotiation in IKEv2 Consider replacing TBA1/TBA2 throughout the section with [to be replaced with TBA1/TBA2 according to the IANA assignment]. 3.2 Consider replace the first sentence with "Receiving and handling of incompatible point formats MUST comply with [or MUST follow] considerations/procedures described in section 5 of [RFC7748]." 4. Security Considerations Par.1 Replace the paragraph text to "For high-performance constant-time implementations, it is RECOMMENDED to use Curve25519 and Curve448 which were designed for this purpose. Implementers MUST/SHOULD NOT attempt to improve performance by reusing supposedly ephemeral key pair across multiple key exchanges [because ...]." Par.3 In " ... the process used to pick these curves..." replace "these" with the names to avoid confusion. Par.3 Replace " ...verification has been done..." with "verification can be done". Par.4 Replace ",generated in a fully verifiable way," with "that are generated in a fully verifiable way". 6. Acknowledgements Par1. Replace "is by Mike" with "were defined/specified/etc. by Mike". Par1. Replace "are in RFC 7748" with " are documented/specified/etc. in RFC 7748". Thank you, Orit.
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Orit Levin
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Kathleen Moriarty
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Yoav Nir
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Yoav Nir
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Orit Levin
- Re: [Gen-art] [IPsec] Gen-ART Last Call review of… Jari Arkko