Last Call Review of draft-ietf-curdle-rsa-sha2-10
review-ietf-curdle-rsa-sha2-10-genart-lc-housley-2017-09-01-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Document: draft-ietf-curdle-rsa-sha2-10
Reviewer: Russ Housley
Review Date: 2017-09-01
IETF LC End Date: 2017-09-11
IESG Telechat date: unknown

Summary: Almost Ready

Major Concerns: None


Minor Concerns:

I think that a better title for this document would be:

   Use of RSA Keys with SHA-256 and SHA-512 in Secure Shell (SSH)

These are two of the hash function in the SHA2 family, and there is no
ambiguity about them being part of the SHA3 family.  Similarly, I think
that the Abstract and Section 1 should explicitly names these two hash
functions.  The current wording seems to include SHA-224 and SHA-384,
and that is not the intent of the author.

In Section 3, I suggest:
   s/using SHA-2 [SHS] as hash./using SHA-256 or SHA-512 [SHS] as hash./
   s/the hash used is SHA-2 256./the hash used is SHA-256./
   s/the hash used is SHA-2 512./the hash used is SHA-512./

Note:  I did not propose changing the strings in case people have already
implemented against this specification.  If no one has implemented yet,
then I would change those too.


Section 5.1 should be expanded to say that following the NIST advice on
key sizes and SHA-1 outside the US Government is prudent.


Nits: None