Skip to main content

More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key Exchange (KEX) Groups for Secure Shell (SSH)
draft-ietf-curdle-ssh-modp-dh-sha2-09

Yes

(Ben Campbell)
(Eric Rescorla)

No Objection

Alvaro Retana
Warren Kumari
(Alia Atlas)
(Deborah Brungard)
(Spencer Dawkins)
(Suresh Krishnan)
(Terry Manderson)

Note: This ballot was opened for revision 07 and is now closed.

Alvaro Retana No Objection

Warren Kumari No Objection

(Ben Campbell; former steering group member) Yes

Yes (for -07)

                            

(Eric Rescorla; former steering group member) Yes

Yes (for -07)

                            

(Kathleen Moriarty; former steering group member) Yes

Yes (2017-09-13 for -07)
Thanks for your work on this draft.  I agree with Alexey's comment on the normative reference and just have a tiny nit for the introduction:

I suggest you remove the word recent since the reference on SHA-1 is 6 years old:
s/Due to recent security concerns with SHA-1 [RFC6194]/Due to security concerns with SHA-1 [RFC6194]/

(Adam Roach; former steering group member) No Objection

No Objection (2017-09-12 for -07)
Section 1, paragraph 2:

   New MODP groups are being
   introduced starting with the MODP 3072-bit group 15 all use SHA512 as
   the hash algorithm.

I can't parse this. Should there be a sentence break between "15" and "all"?

I was surprised to find section 4 here; in part because it isn't related to the addition of new algorithms, but mostly because it's not mentioned in the abstract or the introduction. Please add mention of this erratum correction to both sections.

I'm pretty sure RFC6234 needs to be normative.

(Alexey Melnikov; former steering group member) No Objection

No Objection (2017-09-13 for -07)
RFC 6234 must be normative, as it is required to implement this document.

(Alia Atlas; former steering group member) No Objection

No Objection (for -07)

                            

(Benoît Claise; former steering group member) No Objection

No Objection (2017-09-13 for -07)
I understand that a new version will be published based on Linda Dunbar's OPS DIR review. Thank you.

(Deborah Brungard; former steering group member) No Objection

No Objection (for -07)

                            

(Mirja Kühlewind; former steering group member) No Objection

No Objection (2017-09-04 for -07)
1) To me this sentence does not belong in the IANA section as it is basically the main point of the document:
"This document augments the Key Exchange Method Names in [RFC4253] and [RFC4250]."
Maybe move it to sec 3?

2) Can you explain why the pre-5378 boilerplate is used?

(Spencer Dawkins; former steering group member) No Objection

No Objection (for -07)

                            

(Suresh Krishnan; former steering group member) No Objection

No Objection (for -07)

                            

(Terry Manderson; former steering group member) No Objection

No Objection (for -07)