Skip to main content

Last Call Review of draft-ietf-curdle-dnskey-eddsa-02
review-ietf-curdle-dnskey-eddsa-02-secdir-lc-nystrom-2016-12-15-00

Request Review of draft-ietf-curdle-dnskey-eddsa
Requested revision No specific revision (document currently at 03)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-12-16
Requested 2016-12-02
Authors Ondřej Surý , Robert Edmonds
I-D last updated 2016-12-15
Completed reviews Opsdir Last Call review of -03 by Tim Chown
Genart Last Call review of -02 by Dan Romascanu (diff)
Secdir Last Call review of -02 by Magnus Nyström (diff)
Genart Telechat review of -03 by Dan Romascanu
Assignment Reviewer Magnus Nyström
State Completed
Request Last Call review on draft-ietf-curdle-dnskey-eddsa by Security Area Directorate Assigned
Reviewed revision 02 (document currently at 03)
Result Has issues
Completed 2016-12-15
review-ietf-curdle-dnskey-eddsa-02-secdir-lc-nystrom-2016-12-15-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

This document describes how to use two two specific Edwards Curves
(Elliptic Curves) in conjunction with DNSSEC, namely ed25519 and
ed448.

The only comment I have on this document is that the Security
Considerations section plainly states, without any reference or proof:

"Ed25519 and Ed448 offers improved security properties and
implementation characteristics compared to RSA and ECDSA algorithms"

I suggest either adding references to proofs of these statements or
alternatively just remove the sentence (since it doesn't really add
anything to the memo); the remaining paragraphs in the Security
Considerations section is what really covers what someone implementing
the memo should know or be aware of.

-- Magnus