Re: [secdir] secdir review of draft-moonesamy-sshfp-ed25519-01
S Moonesamy <sm+ietf@elandsys.com> Fri, 30 May 2014 19:04 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED9901A0527; Fri, 30 May 2014 12:04:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.441
X-Spam-Level:
X-Spam-Status: No, score=-2.441 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RP_MATCHES_RCVD=-0.651, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0y_awhjKtpWq; Fri, 30 May 2014 12:04:20 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 574051A01B5; Fri, 30 May 2014 12:04:20 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.140.99]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s4UJ3sN2028788 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 30 May 2014 12:04:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1401476647; bh=GX3wHqne2sz+PSAdaKDryItfsfWDa+OgwB5pxInOFqM=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=lieCCRn38bWXEyutmZvfqQpp0voyFIispuyGO1CEi0ksrc/ib0jPLpPyrVVzFbN3Q zdIE/MXm9gdoeXQe9dbE4KO4dGfGv/OANAdu5hwuObcTfP5JsRZg5WNTdGdwLwpE15 laHwLQjnNvpBC7EX4gfLHNI9MxRLqPMrk+IO7gkM=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1401476647; i=@elandsys.com; bh=GX3wHqne2sz+PSAdaKDryItfsfWDa+OgwB5pxInOFqM=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=Sj4Xvrqn7W3zA5c5qhaunBG3nl9/v9Q+NO7xHjje7Px0a32MzhNq/4EIbYfe/cL+5 tBSjKkNIJ8+4peTG3Tm3TXp5TDevYramgjuCBdUMtOPKgY5mkwZIG3B1sRVFthgKc2 8q9QWDQgZptfZ2H8wxziIPKhKl1Ay3WTjvksPw90=
Message-Id: <6.2.5.6.2.20140530103304.0c0c8230@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Fri, 30 May 2014 11:44:30 -0700
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <D1342262-144C-4939-B005-5E042CAF7394@cisco.com>
References: <2ACBFFE4-BCEB-4F6D-A2D3-861BADF543DE@cisco.com> <6.2.5.6.2.20140530040300.0bb93070@elandnews.com> <D1342262-144C-4939-B005-5E042CAF7394@cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/kuVDPFXcgvm0chp7QV57SKX-EiE
Cc: ietf@ietf.org, draft-moonesamy-sshfp-ed25519.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] secdir review of draft-moonesamy-sshfp-ed25519-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 May 2014 19:04:22 -0000
Hi Joe, At 09:52 30-05-2014, Joseph Salowey (jsalowey) wrote: >[Joe] Running code is certainly good, but I don't think the ed25519 >paper by itself provides enough information to create an >interoperable implementation. Without this information I'm not >sure its possible to implement the draft. For example, as you >mention below the format for the key is undocumented is it well >enough understood what the format of the data to be hashed in the >fingerprint is from the draft and its references? It seems the only >documentation of the protocol is in the source code. I'm not sure >if there is a precedent for referencing a source code, but if it is >source controlled perhaps it is acceptable. According to http://www.openssh.com/ OpenSSH is used by "companies like NetApp, NETFLIX, EMC, Juniper, Cisco, Apple, Red Hat, and Novell; but probably includes almost all router, switch or unix-like operating system vendors". The source code has been under revision control since over 10 years and it is publicly accessible. The source code is distributed under a liberal license. I could have argued for "Proposed Standard". I thought that it was better to go for "Informational" to document what has been implemented as I would have raised arguments similar to the ones quoted above is a review about a "Proposed Standard". There was a comment from Rene Struik during the Last Call about the hash and the ed25519 paper ( http://www.ietf.org/mail-archive/web/ietf/current/msg87894.html ). I think that he understood how it works. The well understood test happens after publication as it depends on the unknown reader. There is a precedent for referencing source code. In my opinion it is better not to do that unless it is really necessary. I prefer not to use the precedent argument. I'll note that this draft does not break anything on the internet. Please let me know whether the above addresses the issues in the review. Regards, S. Moonesamy
- [secdir] secdir review of draft-moonesamy-sshfp-e… Joseph Salowey (jsalowey)
- Re: [secdir] secdir review of draft-moonesamy-ssh… Joseph Salowey (jsalowey)
- Re: [secdir] secdir review of draft-moonesamy-ssh… S Moonesamy
- Re: [secdir] secdir review of draft-moonesamy-ssh… Joseph Salowey (jsalowey)
- Re: [secdir] secdir review of draft-moonesamy-ssh… Uri Blumenthal
- Re: [secdir] secdir review of draft-moonesamy-ssh… S Moonesamy
- Re: [secdir] secdir review of draft-moonesamy-ssh… S Moonesamy
- Re: [secdir] secdir review of draft-moonesamy-ssh… Joseph Salowey (jsalowey)
- Re: [secdir] secdir review of draft-moonesamy-ssh… S Moonesamy
- Re: [secdir] secdir review of draft-moonesamy-ssh… Stephen Farrell
- Re: [secdir] secdir review of draft-moonesamy-ssh… S Moonesamy
- Re: [secdir] secdir review of draft-moonesamy-ssh… Dick Franks
- Re: [secdir] secdir review of draft-moonesamy-ssh… Uri Blumenthal