Last Call Review of draft-ietf-curdle-rsa-sha2-10
review-ietf-curdle-rsa-sha2-10-genart-lc-housley-2017-09-01-00
Request | Review of | draft-ietf-curdle-rsa-sha2 |
---|---|---|
Requested revision | No specific revision (document currently at 12) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2017-09-11 | |
Requested | 2017-08-28 | |
Authors | denis bider | |
I-D last updated | 2017-09-01 | |
Completed reviews |
Genart Last Call review of -10
by Russ Housley
(diff)
Secdir Last Call review of -10 by Vincent Roca (diff) |
|
Assignment | Reviewer | Russ Housley |
State | Completed | |
Request | Last Call review on draft-ietf-curdle-rsa-sha2 by General Area Review Team (Gen-ART) Assigned | |
Reviewed revision | 10 (document currently at 12) | |
Result | Almost ready | |
Completed | 2017-09-01 |
review-ietf-curdle-rsa-sha2-10-genart-lc-housley-2017-09-01-00
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please wait for direction from your document shepherd or AD before posting a new version of the draft. For more information, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Document: draft-ietf-curdle-rsa-sha2-10 Reviewer: Russ Housley Review Date: 2017-09-01 IETF LC End Date: 2017-09-11 IESG Telechat date: unknown Summary: Almost Ready Major Concerns: None Minor Concerns: I think that a better title for this document would be: Use of RSA Keys with SHA-256 and SHA-512 in Secure Shell (SSH) These are two of the hash function in the SHA2 family, and there is no ambiguity about them being part of the SHA3 family. Similarly, I think that the Abstract and Section 1 should explicitly names these two hash functions. The current wording seems to include SHA-224 and SHA-384, and that is not the intent of the author. In Section 3, I suggest: s/using SHA-2 [SHS] as hash./using SHA-256 or SHA-512 [SHS] as hash./ s/the hash used is SHA-2 256./the hash used is SHA-256./ s/the hash used is SHA-2 512./the hash used is SHA-512./ Note: I did not propose changing the strings in case people have already implemented against this specification. If no one has implemented yet, then I would change those too. Section 5.1 should be expanded to say that following the NIST advice on key sizes and SHA-1 outside the US Government is prudent. Nits: None