Last Call Review of draft-ietf-dcrup-dkim-crypto-12
review-ietf-dcrup-dkim-crypto-12-secdir-lc-wouters-2018-06-11-00
Request | Review of | draft-ietf-dcrup-dkim-crypto |
---|---|---|
Requested revision | No specific revision (document currently at 14) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2018-06-12 | |
Requested | 2018-05-29 | |
Authors | John R. Levine | |
I-D last updated | 2018-06-11 | |
Completed reviews |
Secdir Last Call review of -12
by Paul Wouters
(diff)
Genart Last Call review of -12 by Pete Resnick (diff) |
|
Assignment | Reviewer | Paul Wouters |
State | Completed | |
Request | Last Call review on draft-ietf-dcrup-dkim-crypto by Security Area Directorate Assigned | |
Reviewed revision | 12 (document currently at 14) | |
Result | Has nits | |
Completed | 2018-06-11 |
review-ietf-dcrup-dkim-crypto-12-secdir-lc-wouters-2018-06-11-00
NITS: I believe the [FIPS-180-4-2015] reference should be replaced with a reference to RFC-6376 Remove or indicate the RFC Editor should remove the following text: Discussion Venue: Discussion about this draft is directed to the dcrup@ietf.org [1] mailing list. This sentence doesn't parse easily: This is an additional DKIM signature algorithm added to Section 3.3 of [RFC6376] as envisioned in Section 3.3.4 of [RFC6376]. It should simply say something like "This document adds an additional key algorithm type to the DKIM Key Type Registry and a new signature type to the DKIM Hash Algorithms Registry" This text reads a little odd: Ed25519 is a widely used cryptographic technique, so the security of DKIM signatures using new signing algorithms should be at least as good as those using old algorithms. It seems to suggest that being "widely used" is a guarantee for being "at least as good as older stuff". Better would be to just point to the Security Considerations of RFC 8032 Section 4 and 8 have an introductory lines that says "update as follows" followed by a dot instead of a colon. That is a little confusing to the reader, as if some text is missing before the dot.