[secdir] Secdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
Catherine Meadows <catherine.meadows@nrl.navy.mil> Fri, 28 December 2018 17:35 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AFD313100F; Fri, 28 Dec 2018 09:35:34 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
To: secdir@ietf.org
Cc: draft-ietf-curdle-ssh-ed25519-ed448.all@ietf.org, curdle@ietf.org, ietf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.89.2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <154601853411.21528.4173984200093785499@ietfa.amsl.com>
Date: Fri, 28 Dec 2018 09:35:34 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/TkL0yM7J1AoYBF4BkWm7CQSBPIA>
Subject: [secdir] Secdir last call review of draft-ietf-curdle-ssh-ed25519-ed448-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Dec 2018 17:35:35 -0000
Reviewer: Catherine Meadows Review result: Has Nits This draft specifies the use of the digital signature algorithms Ed25519 and Ed448 in the SSH protocol. Most of this, except for syntactic features such as formats and names, can be found in other RFC’s, and the appropriate references are given. The Security Considerations are also given by reference to RFC4241 (security considerations for SSH) and RFC8032 and RFC7479 (for Ed25519 and Ed448). These security considerations sections are very thorough and I don’t see any need for any additions. A nit: The paragraph This document describes the method implemented by OpenSSH and others, and formalizes its use of the name "ssh-ed25519". Additionally, it also describes the use of Ed448 and formalizes its use of the name "ssh-ed448". Would be clearer as This document describes the Ed25519 method implemented by OpenSSH and others, and formalizes its use of the name "ssh-ed25519". Additionally, it also describes the use of Ed448 and formalizes its use of the name "ssh-ed448”.
- [secdir] Secdir last call review of draft-ietf-cu… Catherine Meadows
- Re: [secdir] Secdir last call review of draft-iet… Daniel Migault