Re: [secdir] Secdir review of draft-ietf-curdle-rsa-sha2-10
"denis bider \(Bitvise\)" <ietf-ssh3@denisbider.com> Sat, 07 October 2017 04:31 UTC
Return-Path: <ietf-ssh3@denisbider.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A87BF126CB6; Fri, 6 Oct 2017 21:31:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Level:
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=denisbider.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A0nWQkdMUo6c; Fri, 6 Oct 2017 21:31:00 -0700 (PDT)
Received: from skroderider.denisbider.com (skroderider.denisbider.com [50.18.172.175]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67C58126BF3; Fri, 6 Oct 2017 21:31:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=denisbider.com; s=mail; h=from:subject:date:message-id:to:mime-version:content-type:in-reply-to: references; bh=SsKjoBoApTF5jvdZsNYJSIFGLGZnDRucGlUaHRlEyJg=; b=j+lAI3toM/kpj8OEwRTTX7lTJ0CqlBB13rxXJk5JQ72X1bN087zFrAkYSCZVjdMwqmBRmRtU9vUsc yI1m1EFtUtsPtSMOzpItf6I6ztqGRqXyP63C6nryEEHCkijISr94yM41GJo37ID6NUTMl1wpVA0zno SKaau738soG2qvvjmp9j15JSxo7CM3Ff8RZspEuxtdrxMQEk/ivC8CkT1FAlF3mVvDh0j+yjPHIx8/ t78d8Gtj4vFy74wPpYDMHrRCHEB/XKRGwcLQDFmqyBmTYF5xnK2RQKSZNy3HCLslX3TkTjoD5X4/i4 7V0Ybmu2dFwiI9JCb748G/sWqBlpPxw==
X-Footer: ZGVuaXNiaWRlci5jb20=
Received: from localhost ([127.0.0.1]) by skroderider.denisbider.com with ESMTPSA (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)); Sat, 7 Oct 2017 05:30:41 +0100
Message-ID: <0E8A85F9FEC545F481ADC9A15D814749@Khan>
From: "denis bider (Bitvise)" <ietf-ssh3@denisbider.com>
To: Vincent Roca <vincent.roca@inria.fr>, IESG <iesg@ietf.org>, secdir@ietf.org, draft-ietf-curdle-rsa-sha2.all@ietf.org
References: <79DA00BE-AA86-44AC-89B0-FA03CABDF519@inria.fr>
In-Reply-To: <79DA00BE-AA86-44AC-89B0-FA03CABDF519@inria.fr>
Date: Fri, 06 Oct 2017 23:30:45 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_024D_01D33EFB.21F4C880"
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3528.331
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/ObNBH1VK1aPmdid3StYKLooa4Ls>
Subject: Re: [secdir] Secdir review of draft-ietf-curdle-rsa-sha2-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Oct 2017 04:31:02 -0000
Hello Vincent, thank you for the finding. I have updated the document. :-) denis From: Vincent Roca Sent: Wednesday, October 4, 2017 02:48 To: IESG ; secdir@ietf.org ; draft-ietf-curdle-rsa-sha2.all@ietf.org Cc: Vincent Roca Subject: Secdir review of draft-ietf-curdle-rsa-sha2-10 Hello, I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: Ready with nits The document is well written and security considerations appropriate. However I have a comment. The document includes reference [800-131A]: NIST Special Publication 800-131A, January 2011. Looking at the NIST web site, this reference is now superseded by: NIST Special Publication 800-131A Rev. 1, November 2015 As I understand, the new version should be referenced instead of the original one. Since this revision includes new, updated recommendations on when a given algorithm is considered deprecated, this may impact a little bit the document. Cheers, Vincent
- [secdir] Secdir review of draft-ietf-curdle-rsa-s… Vincent Roca
- Re: [secdir] Secdir review of draft-ietf-curdle-r… denis bider (Bitvise)