[secdir] Secdir review of draft-ietf-curdle-rsa-sha2-10
Vincent Roca <vincent.roca@inria.fr> Wed, 04 October 2017 07:49 UTC
Return-Path: <vincent.roca@inria.fr>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF58813306F; Wed, 4 Oct 2017 00:49:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ahutnP0Cpwre; Wed, 4 Oct 2017 00:49:15 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C18113295C; Wed, 4 Oct 2017 00:49:14 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.42,477,1500933600"; d="scan'208,217";a="239664657"
Received: from demeter.inrialpes.fr ([194.199.28.3]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Oct 2017 09:48:31 +0200
From: Vincent Roca <vincent.roca@inria.fr>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F477EB85-9715-4A3A-BBD8-F415662B0F8C"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Message-Id: <79DA00BE-AA86-44AC-89B0-FA03CABDF519@inria.fr>
Date: Wed, 04 Oct 2017 09:48:31 +0200
To: IESG <iesg@ietf.org>, secdir@ietf.org, draft-ietf-curdle-rsa-sha2.all@ietf.org
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/dD8heaMg3DI2_gV4g9l_s_IQmSM>
Subject: [secdir] Secdir review of draft-ietf-curdle-rsa-sha2-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Oct 2017 07:49:17 -0000
Hello, I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: Ready with nits The document is well written and security considerations appropriate. However I have a comment. The document includes reference [800-131A <>]: NIST Special Publication 800-131A, January 2011. Looking at the NIST web site, this reference is now superseded by: NIST Special Publication 800-131A Rev. 1, November 2015 As I understand, the new version should be referenced instead of the original one. Since this revision includes new, updated recommendations on when a given algorithm is considered deprecated, this may impact a little bit the document. Cheers, Vincent
- [secdir] Secdir review of draft-ietf-curdle-rsa-s… Vincent Roca
- Re: [secdir] Secdir review of draft-ietf-curdle-r… denis bider (Bitvise)