More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key Exchange (KEX) Groups for Secure Shell (SSH)
draft-ietf-curdle-ssh-modp-dh-sha2-09
Yes
No Objection
Note: This ballot was opened for revision 07 and is now closed.
Alvaro Retana No Objection
Warren Kumari No Objection
(Ben Campbell; former steering group member) Yes
(Eric Rescorla; former steering group member) Yes
(Kathleen Moriarty; former steering group member) Yes
Thanks for your work on this draft. I agree with Alexey's comment on the normative reference and just have a tiny nit for the introduction: I suggest you remove the word recent since the reference on SHA-1 is 6 years old: s/Due to recent security concerns with SHA-1 [RFC6194]/Due to security concerns with SHA-1 [RFC6194]/
(Adam Roach; former steering group member) No Objection
Section 1, paragraph 2: New MODP groups are being introduced starting with the MODP 3072-bit group 15 all use SHA512 as the hash algorithm. I can't parse this. Should there be a sentence break between "15" and "all"? I was surprised to find section 4 here; in part because it isn't related to the addition of new algorithms, but mostly because it's not mentioned in the abstract or the introduction. Please add mention of this erratum correction to both sections. I'm pretty sure RFC6234 needs to be normative.
(Alexey Melnikov; former steering group member) No Objection
RFC 6234 must be normative, as it is required to implement this document.
(Alia Atlas; former steering group member) No Objection
(Benoît Claise; former steering group member) No Objection
I understand that a new version will be published based on Linda Dunbar's OPS DIR review. Thank you.
(Deborah Brungard; former steering group member) No Objection
(Mirja Kühlewind; former steering group member) No Objection
(Spencer Dawkins; former steering group member) No Objection
(Suresh Krishnan; former steering group member) No Objection
(Terry Manderson; former steering group member) No Objection