Re: [Last-Call] Gen-art last call review of draft-moskowitz-ipsecme-ipseckey-eddsa-06

Robert Moskowitz <rgm@labs.htt-consult.com> Mon, 28 November 2022 22:37 UTC

Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 040EDC1526E3; Mon, 28 Nov 2022 14:37:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.897
X-Spam-Level:
X-Spam-Status: No, score=-6.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SJBnyV1adO7L; Mon, 28 Nov 2022 14:37:18 -0800 (PST)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB99CC1526EC; Mon, 28 Nov 2022 14:37:17 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 413C062434; Mon, 28 Nov 2022 17:36:41 -0500 (EST)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 4MU-yO8vXZaT; Mon, 28 Nov 2022 17:36:32 -0500 (EST)
Received: from [192.168.160.11] (unknown [192.168.160.11]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 93FB460944; Mon, 28 Nov 2022 17:36:32 -0500 (EST)
Content-Type: multipart/alternative; boundary="------------XgvxcHgSk4KLEf86CxHt977U"
Message-ID: <02e8de0c-4d5a-fe39-6818-5ecbb995ac01@labs.htt-consult.com>
Date: Mon, 28 Nov 2022 17:37:04 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.3.1
Content-Language: en-US
To: sarikaya@ieee.org, last-call@ietf.org, draft-moskowitz-ipsecme-ipseckey-eddsa.all@ietf.org, gen-art@ietf.org
References: <CAC8QAcd3yq+a9Q1UbPjAupkoZ+OJmk8aBSyf_YWadGB6VtkNrg@mail.gmail.com>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
In-Reply-To: <CAC8QAcd3yq+a9Q1UbPjAupkoZ+OJmk8aBSyf_YWadGB6VtkNrg@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/61oHiuzbtfJqQ-dIjWdt2sND78g>
Subject: Re: [Last-Call] Gen-art last call review of draft-moskowitz-ipsecme-ipseckey-eddsa-06
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2022 22:37:22 -0000


On 11/28/22 12:41, Behcet Sarikaya wrote:
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair.  Please treat these comments just
> like any other last call comments.
>
> For more information, please see the FAQ at
>
> <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
>
> Document:draft-moskowitz-ipsecme-ipseckey-eddsa-06
> Reviewer: Behcet Sarikaya
> Review Date: 2022-11-28
> IETF LC End Date:2022-12-12
> IESG Telechat date: (if known)
>
> Summary: Ready with nits. It will be nice to explain why these IANA 
> Registry additions for EdDSA Public Keys to the IPSECKEY not done with 
> RFC 8080 which defined it in Feb. 2017.

8080 is for DNSSEC.  OK.  But this is for other uses.  Now those that 
use the IPSECKEY RR are ready to use EdDSA, so could of, would of, 
should of.  It was not done, now it is.  RFC numbers are relatively 
cheap.  Explain what?  That 8080 was only for DNSSEC RR and this is for 
IPSECKEY RR?  Why?  Leave it alone.


>
> Major issues:
> None
>
> Minor issues:
> None
>
> Nits/editorial comments:
> Appendix A
> please add an IPv6 example. RFC 4025 does have some.

Yes, 4025 defines all the gateway use cases, so has gateway RR examples 
with only ONE public key format.

This draft is to add EdDSA as a public key format and gives the example 
of what that key looks like in the IPSECKEY RR.  Any reader that wants 
the gateway use case will use 4025 for those examples.  I do not see 
where cluttering up this document with use cases already covered in 4025 
adds value/clarity.

So I respectfully state that I prefer to leave all the gateway examples 
out of this document.

Bob