Last Call Review of draft-ietf-curdle-cms-ecdh-new-curves-07

Request Review of draft-ietf-curdle-cms-ecdh-new-curves
Requested rev. no specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-05-28
Requested 2017-05-14
Authors Russ Housley
Draft last updated 2017-06-02
Completed reviews Secdir Last Call review of -07 by Charlie Kaufman (diff)
Genart Last Call review of -07 by Roni Even (diff)
Opsdir Last Call review of -07 by Stefan Winter (diff)
Genart Telechat review of -09 by Roni Even (diff)
Assignment Reviewer Charlie Kaufman 
State Completed
Review review-ietf-curdle-cms-ecdh-new-curves-07-secdir-lc-kaufman-2017-06-02
Reviewed rev. 07 (document currently at 10)
Review result Ready
Review completed: 2017-06-02


I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments.

This document specifies the syntactic details for encrypting and signing CMS documents using two additional cryptographic algorithms. This syntax appears consistent with the patterns set in RFC 5652, and I could find no errors (even nits).

Unless other more critical eyes than mine can find issues, I believe this document is ready to be advanced.

My only complaint - and it is probably not with this document - is that it should not take 16 pages to specify a handful of IANA registrations. I'm not sure why it was necessary, but my guess is that RFC 5652 was not forward looking enough to allow the use of future algorithms to be specified with just a few table entries, so subsequent documents have to include lots of information duplicating one another. But that is not a criticism of the technical content.