IETF Logo Mail Archive

Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was: Secdir review of draft-ietf-curdle-dnskey-eddsa-02)

Dan Romascanu <dromasca@gmail.com> Mon, 12 December 2016 11:34 UTC

Return-Path: <dromasca@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7894E129628; Mon, 12 Dec 2016 03:34:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q-kGziC1ZhaE; Mon, 12 Dec 2016 03:34:36 -0800 (PST)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15F85129605; Mon, 12 Dec 2016 03:34:36 -0800 (PST)
Received: by mail-qt0-x22b.google.com with SMTP id c47so72757759qtc.2; Mon, 12 Dec 2016 03:34:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uzxsrosCRe73vJ0ngxRkzoBpj5gmH+0x4aSVHay3sAQ=; b=yWh33Wqg2bmZAKPsXv8d+zHuLbfnN+RRDF1oKAroiV44fJsgICJDr0eCorUj4eA4mH rnDcKqovMz/1myTuDQjt9YWPTmExsR2YRdZVUetq8bwilXO391pRFOZFvemWBaRZ9kjL 6Dj31zFRmNkHpqh79Ko3X54odnw4vD+WfxvohPjaunxVoGgS4nwTr10Q7oEwv3XsIXyq xPJXbagULWSOxjp5582kZqwoUYHxhWqx4JC8WeDBMscGZm0UbcRQ3P1CT7v7G0XlO/Fr CvUaGBqm2rQDTRjJrxThguIaHt8m+IGmBJxNDN53VL6KRImF/wbjAVcarIOYsCj74qAF fDIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uzxsrosCRe73vJ0ngxRkzoBpj5gmH+0x4aSVHay3sAQ=; b=cFyFJ//NWxqlOtVdrlV7cYAPcd0oFScZFVjwRGchpq8F3wfpE50YTW+exvx2YVVMyR D3vHhbasJ/WOEN46+Ir8Yd2sDhikpKLijPJscTpX3YhDNBN3fLY56ohhy81l10ioiymY MELmpvh5F7j5S85B7X7n679ImjTWVjmKQHkPkxiihRKxQxVeULNa9ED7/YL5xgN1zV1v qqZ4y1kvRlXuCjrDp9nkdvjF1Di331IgZTa91QhDD1qpbhdTqiu956RL+eliMBwRlktB NIXYu1hqUb4jli9C72p2BNLPyQ8H0kDJ1bY/PlahdHl55WHInNvActUWO5tnh3BWNsZp lBpw==
X-Gm-Message-State: AKaTC005YhrGplzr+BbnZ8+UKa3w6HcE8H3pcQWyUqMEasQU5L31iDWIzTunI2u4EG+5ZH7+WkVpMGGgXpc0Vw==
X-Received: by 10.200.48.44 with SMTP id f41mr79590033qte.94.1481542475151; Mon, 12 Dec 2016 03:34:35 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.40.114 with HTTP; Mon, 12 Dec 2016 03:34:34 -0800 (PST)
In-Reply-To: <1432493802.4506.1481535515981.JavaMail.zimbra@nic.cz>
References: <CADajj4aOGCi1nTzTSP4zAEf-3pa0M78pFj6Tw3QBLq-XuaABbA@mail.gmail.com> <1432493802.4506.1481535515981.JavaMail.zimbra@nic.cz>
From: Dan Romascanu <dromasca@gmail.com>
Date: Mon, 12 Dec 2016 13:34:34 +0200
Message-ID: <CAFgnS4XNJEapUQAv_LxTPPvgYfhCZWe_QN_G3_byqyYGKNOx9A@mail.gmail.com>
Subject: Re: Review of draft-ietf-curdle-dnskey-eddsa-02 (Als was: Secdir review of draft-ietf-curdle-dnskey-eddsa-02)
To: Ondřej Surý <ondrej.sury@nic.cz>
Content-Type: multipart/alternative; boundary="001a1137aa56f37e510543747c6a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/OqtAUv8SPF_gx_V6-T6N1Mu6GE0>
Cc: curdle <curdle@ietf.org>, ietf@ietf.org, secdir@ietf.org, gen-art@ietf.org, curdle-chairs <curdle-chairs@ietf.org>, draft-ietf-curdle-dnskey-eddsa <draft-ietf-curdle-dnskey-eddsa@ietf.org>, Magnus Nyström <magnusn@gmail.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Dec 2016 11:34:38 -0000

Hi Ondrej,

Thanks for addressing my comments. The nits can be fixed at any time you
find more convenient before publication.

Regards,

Dan



On Mon, Dec 12, 2016 at 11:38 AM, Ondřej Surý <ondrej.sury@nic.cz> wrote:

> Magnus and Dan,
>
> thanks for the review.
>
> Magnus, you are right, I have removed the first full paragraph
> about "security properties" from Security Considerations
> from my git version as the security properties of EdDSA
> are better described in Normative references anyway.
>
> https://gitlab.labs.nic.cz/labs/ietf/commit/7b52c8e2bbe44042a279a81b960270
> fdd103d9a2
>
> Dan,
>
> good catches, I fixed the nits in the git:
>
> https://gitlab.labs.nic.cz/labs/ietf/commit/bbfc7ce43fb1f46c91fb7f5de564d9
> 07d035aadf
>
> I would be happy to upload next revision after Last Call
> is finished or just let the RFC editors to fix it.
>
> Cheers,
> --
>  Ondřej Surý -- Technical Fellow
>  --------------------------------------------
>  CZ.NIC, z.s.p.o.    --     Laboratoře CZ.NIC
>  Milesovska 5, 130 00 Praha 3, Czech Republic
>  mailto:ondrej.sury@nic.cz    https://nic.cz/
>  --------------------------------------------
>
> ----- Original Message -----
> > From: "Magnus Nyström" <magnusn@gmail.com>
> > To: secdir@ietf.org, "draft-ietf-curdle-dnskey-eddsa" <
> draft-ietf-curdle-dnskey-eddsa@ietf.org>
> > Sent: Monday, 12 December, 2016 02:44:18
> > Subject: Secdir review of draft-ietf-curdle-dnskey-eddsa-02
>
> > I have reviewed this document as part of the security directorate's
> > ongoing effort to review all IETF documents being processed by the
> > IESG. These comments were written primarily for the benefit of the
> > security area directors. Document editors and WG chairs should treat
> > these comments just like any other last call comments.
> >
> > This document describes how to use two two specific Edwards Curves
> > (Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and
> > ed448.
> >
> > The only comment I have on this document is that the Security
> > Considerations section plainly states, without any reference or proof:
> >
> > "Ed25519 and Ed448 offers improved security properties and
> > implementation characteristics compared to RSA and ECDSA algorithms"
> >
> > I suggest either adding references to proofs of these statements or
> > alternatively just remove the sentence (since it doesn't really add
> > anything to the memo); the remaining paragraphs in the Security
> > Considerations section is what really covers what someone implementing
> > the memo should know or be aware of.
> >
> > -- Magnus
>
> ~~~~
>
> ----- Original Message -----
> > From: "Dan Romascanu" <dromasca@gmail.com>
> > To: gen-art@ietf.org
> > Cc: "draft-ietf-curdle-dnskey-eddsa all" <draft-ietf-curdle-dnskey-
> eddsa.all@ietf.org>, "curdle" <curdle@ietf.org>,
> > ietf@ietf.org
> > Sent: Sunday, 11 December, 2016 12:21:25
> > Subject: Review of draft-ietf-curdle-dnskey-eddsa-02
>
> > Reviewer: Dan Romascanu
> > Review result: Ready with Nits
> >
> > Summary: Ready, with nits
> >
> > I am not an expert in this field, but the document seems to meet its
> > goals, it's clear and precise
> >
> > Major issues:
> >
> > Minor issues:
> >
> > Nits/editorial comments:
> >
> > 1. Section 4: s/Section5.1.7/Sections 5.1.7/
> >
> > 2. Section 8: 'The following entry has been added to
> >   the registry' - I may be wrong, but the section seems to define two
> > new entries in the registry rather than one
>
>

v2.23.0 | Report a Bug | By Email