Skip to main content

More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key Exchange (KEX) Groups for Secure Shell (SSH)
draft-ietf-curdle-ssh-modp-dh-sha2-09

Yes

(Ben Campbell)
(Eric Rescorla)

No Objection

Warren Kumari
(Alia Atlas)
(Alvaro Retana)
(Deborah Brungard)
(Spencer Dawkins)
(Suresh Krishnan)
(Terry Manderson)

Note: This ballot was opened for revision 07 and is now closed.

Warren Kumari
No Objection
Ben Campbell Former IESG member
Yes
Yes (for -07) Unknown

                            
Eric Rescorla Former IESG member
Yes
Yes (for -07) Unknown

                            
Kathleen Moriarty Former IESG member
Yes
Yes (2017-09-13 for -07) Unknown
Thanks for your work on this draft.  I agree with Alexey's comment on the normative reference and just have a tiny nit for the introduction:

I suggest you remove the word recent since the reference on SHA-1 is 6 years old:
s/Due to recent security concerns with SHA-1 [RFC6194]/Due to security concerns with SHA-1 [RFC6194]/
Adam Roach Former IESG member
No Objection
No Objection (2017-09-12 for -07) Unknown
Section 1, paragraph 2:

   New MODP groups are being
   introduced starting with the MODP 3072-bit group 15 all use SHA512 as
   the hash algorithm.

I can't parse this. Should there be a sentence break between "15" and "all"?

I was surprised to find section 4 here; in part because it isn't related to the addition of new algorithms, but mostly because it's not mentioned in the abstract or the introduction. Please add mention of this erratum correction to both sections.

I'm pretty sure RFC6234 needs to be normative.
Alexey Melnikov Former IESG member
No Objection
No Objection (2017-09-13 for -07) Unknown
RFC 6234 must be normative, as it is required to implement this document.
Alia Atlas Former IESG member
No Objection
No Objection (for -07) Unknown

                            
Alvaro Retana Former IESG member
No Objection
No Objection (for -07) Unknown

                            
Benoît Claise Former IESG member
No Objection
No Objection (2017-09-13 for -07) Unknown
I understand that a new version will be published based on Linda Dunbar's OPS DIR review. Thank you.
Deborah Brungard Former IESG member
No Objection
No Objection (for -07) Unknown

                            
Mirja Kühlewind Former IESG member
No Objection
No Objection (2017-09-04 for -07) Unknown
1) To me this sentence does not belong in the IANA section as it is basically the main point of the document:
"This document augments the Key Exchange Method Names in [RFC4253] and [RFC4250]."
Maybe move it to sec 3?

2) Can you explain why the pre-5378 boilerplate is used?
Spencer Dawkins Former IESG member
No Objection
No Objection (for -07) Unknown

                            
Suresh Krishnan Former IESG member
No Objection
No Objection (for -07) Unknown

                            
Terry Manderson Former IESG member
No Objection
No Objection (for -07) Unknown