Telechat Review of draft-ietf-dnsop-algorithm-update-07

Request Review of draft-ietf-dnsop-algorithm-update
Requested rev. no specific revision (document currently at 10)
Type Telechat Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2019-04-09
Requested 2019-03-12
Authors Paul Wouters, Ondřej Surý
Draft last updated 2019-04-06
Completed reviews Secdir Last Call review of -06 by Brian Weis (diff)
Genart Telechat review of -07 by Peter Yee (diff)
Assignment Reviewer Peter Yee 
State Completed
Review review-ietf-dnsop-algorithm-update-07-genart-telechat-yee-2019-04-06
Reviewed rev. 07 (document currently at 10)
Review result Ready with Nits
Review completed: 2019-04-06


I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at


Document: draft-ietf-dnsop-algorithm-update-07
Reviewer: Peter Yee
Review Date: 2019-04-06
IETF LC End Date: 2019-02-27
IESG Telechat date: 2019-04-11

Summary:  This document updates the DNSKEY, DS, and CDS algorithm recommendations for use in DNSSEC based on current thinking in cryptography.  This document is Ready with Nits as a Standards Track publication.

Major issues: None

Minor issues: None

Nits/editorial comments: 

Page 2, Section 1.1, 2nd sentence: append a comma after "New".

Page 3, Section 1.2, 2nd paragraph, 1st sentence: change "recommendation cannot be recommended" to "they cannot be recommended".

Page 3, Section 1.2, 4th paragraph, 2nd sentence: change "recommendation" to "intent".

Page 3, Section 1.2, 6th paragraph, 1st sentence: change "DNSKEY's" to "DNSKEYs".

Page 3, Section 1.2, 6th paragraph, 3rd sentence: indicate for clarity where this marking will be done (essentially in a new version of this RFC).

Page 4, Section 1.3: In general, it would be nice if there were references in the paragraphs following the table that point to the research that led to the statements of strength or lack of strength of the algorithms.  Then again, this isn't an academic paper, so references aren't strictly required either.  While I mostly (but not completely) agree with the notes on the individual algorithms, the average reader is left to take the statements as gospel rather than being able to make an informed decision on the current state of cryptography.

Page 4, Section 1.3, 3rd sentence: delete a redundant "from".

Page 5, 4th paragraph, 2nd sentence: change "cryptographics" to "cryptographic".

Page 5, 4th paragraph, 3rd sentence: change "that" to "who".

Page 5, 5th paragraph, 2nd sentence: delete "The" before "GOST".  I'm generally in favor of dropping the definite article of algorithm abbreviations.  If you prefer not to do so, then use the definitive article consistently throughout the document.

Page 5, 6th paragraph, 3rd sentence: insert "the" before "deterministic".

Page 5, 8th paragraph, 1st sentence: change "ED25519" to "Ed25519".  Change "ED448" to "Ed448".  Only make these two changes if you are referring to these algorithms by the names given to them by their authors as opposed to the mnemonics used within DNSSEC.  (This statement also applies to the Ed25519 comment below.) Insert "the" before "Edwards".

Page 5, 8th paragraph, 2nd sentence: delete "the" before "EdDSA".  Delete "algorithm" after "EdDSA".

Page 5, 8th paragraph, 4th sentence: change "ED25519" to "Ed25519".

Page 6, Section 3.2, 2nd paragraph: insert "the" before "industry".  Change "to move to" to "toward".  Delete "the" before "ECDSAP256SHA256 ".  Insert "the" before "RECOMMENDED".  Change "RSA based" to "RSA-based".  

Page 6, Section 3.3, 3rd paragraph, 1st fragment: change "for" to "regarding".  Append "are summarized in the table below." to the fragment.

Page 6, Section 3.3, 3rd paragraph, 2nd sentence: append "recommendations" after "These".

Page 6, 1st paragraph after table: append a period to the end of the sentence.

Page 6, 2nd paragraph after the table: append a period to the end of the sentence.

Page 6, 4th paragraph after the table, 2nd sentence: delete "The" before "GOST".

Page 6, 5th paragraph, 1st sentence: change second "SHA-384" to "SHA-256".

Page 7, Section 3.4, 1st sentence: change the period at the end of a sentence to a colon.  Join the following sentence to the first sentence after deleting "The" before "SHA-256" and insert "the" before "RECOMMENDED".

Page 7, Section 4: this section has not been reviewed since it is to be deleted by the RFC Editor prior to publication.

Page 8, Section 5, 2nd paragraph, 2nd sentence: consider appending "(in the cryptographic sense)" after "broken".  

Page 9, Section 8, 1st paragraph, 1st sentence: delete an extraneous space after "I.".  Append a comma after "Wouters".

Page 9, Section 8, 2nd paragraph: append a comma after "Hoffman".  "Imminent" in this sentence is probably not the word you want in document at time of publication, although it's fine to prod the named individuals into submitted input prior to publication.

Page 9, Section 8, 3rd paragraph: change "the daylight" to "light".