Last Call Review of draft-ietf-curdle-ssh-ext-info-11
review-ietf-curdle-ssh-ext-info-11-secdir-lc-emery-2017-08-24-00

Request Review of draft-ietf-curdle-ssh-ext-info
Requested rev. no specific revision (document currently at 15)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-07-30
Requested 2017-07-16
Other Reviews Opsdir Last Call review of -10 by Mehmet Ersue (diff)
Genart Last Call review of -10 by Matthew Miller (diff)
Opsdir Telechat review of -10 by Mehmet Ersue (diff)
Genart Telechat review of -12 by Matthew Miller (diff)
Review State Completed
Reviewer Shawn Emery
Review review-ietf-curdle-ssh-ext-info-11-secdir-lc-emery-2017-08-24
Posted at https://mailarchive.ietf.org/arch/msg/secdir/M7UUFsFxbg3bNAC1AdiaZrG3MSY
Reviewed rev. 11 (document currently at 15)
Review result Has Nits
Last updated 2017-08-24

Review
review-ietf-curdle-ssh-ext-info-11-secdir-lc-emery-2017-08-24

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft discusses protocol extension negotiation for SSH and specifies
several of these extensions in practice.

The security considerations section does exist and refers to SSH's base
protocol specification (RFC 4251) for security aspects of this draft.  I
agree with this assessment, though it would be helpful to state that
the extension negotiation between the client and server is performed
after key exchange with confidentiality.

General comments:

None.

Editorial comments:

Table of contents is missing.

Shawn.
--