Skip to main content

Last Call Review of draft-ietf-curdle-dnskey-eddsa-03
review-ietf-curdle-dnskey-eddsa-03-opsdir-lc-chown-2016-12-24-00

Request Review of draft-ietf-curdle-dnskey-eddsa
Requested revision No specific revision (document currently at 03)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2016-12-16
Requested 2016-12-02
Authors Ondřej Surý , Robert Edmonds
I-D last updated 2016-12-24
Completed reviews Opsdir Last Call review of -03 by Tim Chown
Genart Last Call review of -02 by Dan Romascanu (diff)
Secdir Last Call review of -02 by Magnus Nyström (diff)
Genart Telechat review of -03 by Dan Romascanu
Assignment Reviewer Tim Chown
State Completed
Request Last Call review on draft-ietf-curdle-dnskey-eddsa by Ops Directorate Assigned
Reviewed revision 03
Result Has nits
Completed 2016-12-24
review-ietf-curdle-dnskey-eddsa-03-opsdir-lc-chown-2016-12-24-00
Hi,

I have reviewed this document as part of the Operational directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving the operational aspects of
the IETF drafts. Comments that are not addressed in last call may be included
in AD reviews during the IESG review.  Document editors and WG chairs should
treat these comments just like any other last call comments.

Summary: Ready for publication, with nits, and subject to its Standards Track
status being agreed as appropriate

This document defines the use of the Edwards-curve Digital Signature Algorithm
(EdDSA) for DNSSEC, and specifically the generation of its DS, DNSKEY and RRSG
records. It asks for two Algorithm Numbers from IANA.

Major issues:

I note that the EdDSA algorithm defined in draft-irtf-cfrg-eddsa-08 is
Informational in nature (or will be, once published), yet here we have a
Standards Track document describing its use for DNSSEC. I believe RFC 3967/4897
has various exceptions by which this is acceptable, but I’ve noted this issue
here to ensure the AD picks it up and takes appropriate action (if they have
not already done so :)

Minor issues:

Section 8 on IANA Considerations could add an explicit reference to the
registry in which Algorithm Numbers are being requested.

Nits:

Section 9: s/offers/offer

Tim