Suite B Profile for Transport Layer Security (TLS)
draft-salter-rfc5430bis-01

[Ballot comment]
Gads, I hate the use of RFC 2119 language when what you're saying is, "In order to conform to NSA Suite B, you MUST do this." That sort of fails the 2119 requirement that "they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions)  For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability." It's not a DISCUSSion worth having for this document individually, and the document that this one obsoletes does exactly the same thing, but it's a discussion we should have at some point.

State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG
To: IETF-Announce
Reply-To: ietf@ietf.org
Subject: Last Call:  (Suite B Profile for Transport Layer Security (TLS)) to Informational RFC


The IESG has received a request from an individual submitter to consider
the following document:
- 'Suite B Profile for Transport Layer Security (TLS)'
  as an Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2011-10-31. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  The United States government has published guidelines for "NSA Suite
  B Cryptography" that defines cryptographic algorithm policy for
  national security applications.  This document defines a profile of
  Transport Layer Security (TLS) version 1.2 that is fully compliant
  with Suite B.


The file can be obtained via
http://datatracker.ietf.org/doc/draft-salter-rfc5430bis/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-salter-rfc5430bis/


The following IPR Declarations may be related to this I-D:

  http://datatracker.ietf.org/ipr/1596/

(1.a) Who is the Document Shepherd for this document? Has the
Document Shepherd personally reviewed this version of the document
and, in particular, does he or she believe this version is ready
for forwarding to the IESG for publication?

Russ Housley is the Document Shepherd and co-author.


(1.b) Has the document had adequate review both from key members of
the interested community and others? Does the Document Shepherd
have any concerns about the depth or breadth of the reviews that
have been performed?

The document is intended for publication as an Informational RFC.
It has been reviewed by several community members. There are
no concerns about the depth or breadth of those reviews.


(1.c) Does the Document Shepherd have concerns that the document
needs more review from a particular or broader perspective, e.g.,
security, operational complexity, someone familiar with AAA,
internationalization or XML?

No concerns.


(1.d) Does the Document Shepherd have any specific concerns or
issues with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he or
she is uncomfortable with certain parts of the document, or has
concerns whether there really is a need for it. In any event, if
the interested community has discussed those issues and has
indicated that it still wishes to advance the document, detail
those concerns here.

No concerns.


(1.e) How solid is the consensus of the interested community behind
this document? Does it represent the strong concurrence of a few
individuals, with others being silent, or does the interested
community as a whole understand and agree with it?

This document explains the requirements for a TLS implementation
to be considered "Suite B conformant". There is strong consensus
from the people that are defining that term.


(1.f) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in
separate email messages to the Responsible Area Director. (It
should be in a separate email because this questionnaire is
entered into the ID Tracker.)

No.


(1.g) Has the Document Shepherd personally verified that the
document satisfies all ID nits? (See
http://www.ietf.org/ID-Checklist.html and
http://tools.ietf.org/tools/idnits/). Boilerplate checks are not
enough; this check needs to be thorough. Has the document met all
formal review criteria it needs to, such as the MIB Doctor, media
type and URI type reviews?

Two things need to be corrected:

* There are 2 lines in Annex A that exceed 72 characters.

* The title page header indicates that this document will obsolete
RFC 5430, and the abstract needs to mention this.


(1.h) Has the document split its references into normative and
informative? Are there normative references to documents that are
not ready for advancement or are otherwise in an unclear state?
If such normative references exist, what is the strategy for their
completion? Are there normative references that are downward
references, as described in [RFC3967]? If so, list these downward
references to support the Area Director in the Last Call procedure
for them [RFC3967].

References are split. No downward references are included.


(1.i) Has the Document Shepherd verified that the document IANA
consideration section exists and is consistent with the body of
the document? If the document specifies protocol extensions, are
reservations requested in appropriate IANA registries? Are the
IANA registries clearly identified? If the document creates a new
registry, does it define the proposed initial contents of the
registry and an allocation procedure for future registrations?
Does it suggested a reasonable name for the new registry? See
[RFC5226]. If the document describes an Expert Review process has
the Shepherd conferred with the Responsible Area Director so that
the IESG can appoint the needed Expert during the IESG Evaluation?

No IANA actions are required.


(1.j) Has the Document Shepherd verified that sections of the
document that are written in a formal language, such as XML code,
BNF rules, MIB definitions, etc., validate correctly in an
automated checker?

No formal language is used.


(1.k) The IESG approval announcement includes a Document
Announcement Write-Up. Please provide such a Document
Announcement Writeup? Recent examples can be found in the
"Action" announcements for approved documents. The approval
announcement contains the following sections:

Technical Summary

The United States Government has published guidelines for
"NSA Suite B Cryptography", which defines cryptographic
algorithm policy for national security applications. This
document defines a profile of TLS which is conformant with
Suite B.

Working Group Summary

This document is not the product of any IETF working group.

Document Quality

This document explains the requirements for a TLS implementation
to be considered "Suite B conformant". There is strong consensus
from the people that are defining that term.