Last Call Review of draft-ietf-curdle-cms-ecdh-new-curves-07
review-ietf-curdle-cms-ecdh-new-curves-07-secdir-lc-kaufman-2017-06-02-00

Request Review of draft-ietf-curdle-cms-ecdh-new-curves
Requested revision No specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-05-28
Requested 2017-05-14
Authors Russ Housley
I-D last updated 2017-06-02
Completed reviews Secdir Last Call review of -07 by Charlie Kaufman (diff)
Genart Last Call review of -07 by Roni Even (diff)
Opsdir Last Call review of -07 by Stefan Winter (diff)
Genart Telechat review of -09 by Roni Even (diff)
Assignment Reviewer Charlie Kaufman
State Completed
Request Last Call review on draft-ietf-curdle-cms-ecdh-new-curves by Security Area Directorate Assigned
Reviewed revision 07 (document currently at 10)
Result Ready
Completed 2017-06-02
review-ietf-curdle-cms-ecdh-new-curves-07-secdir-lc-kaufman-2017-06-02-00
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. Document
editors and WG chairs should treat these comments just like any other last call
comments.

This document specifies the syntactic details for encrypting and signing CMS
documents using two additional cryptographic algorithms. This syntax appears
consistent with the patterns set in RFC 5652, and I could find no errors (even
nits).

Unless other more critical eyes than mine can find issues, I believe this
document is ready to be advanced.

My only complaint - and it is probably not with this document - is that it
should not take 16 pages to specify a handful of IANA registrations. I'm not
sure why it was necessary, but my guess is that RFC 5652 was not forward
looking enough to allow the use of future algorithms to be specified with just
a few table entries, so subsequent documents have to include lots of
information duplicating one another. But that is not a criticism of the
technical content.