Last Call Review of draft-ietf-ipsecme-eddsa-04
review-ietf-ipsecme-eddsa-04-opsdir-lc-jaeggli-2017-11-28-00
| Request | Review of | draft-ietf-ipsecme-eddsa |
|---|---|---|
| Requested revision | No specific revision (document currently at 04) | |
| Type | IETF Last Call Review | |
| Team | Ops Directorate (opsdir) | |
| Deadline | 2017-12-04 | |
| Requested | 2017-11-12 | |
| Authors | Yoav Nir | |
| I-D last updated | 2018-08-20 (Latest revision 2017-10-27) | |
| Completed reviews |
Genart IETF Last Call review of -04
by Christer Holmberg
Secdir IETF Last Call review of -04 by Adam W. Montville Opsdir IETF Last Call review of -04 by Joel Jaeggli |
|
| Assignment | Reviewer | Joel Jaeggli |
| State | Completed | |
| Request | IETF Last Call review on draft-ietf-ipsecme-eddsa by Ops Directorate Assigned | |
| Reviewed revision | 04 | |
| Result | Ready | |
| Completed | 2017-11-28 |
review-ietf-ipsecme-eddsa-04-opsdir-lc-jaeggli-2017-11-28-00
I reviewed draft-ietf-ipsecme-eddsa on behalf of the opsdir during it's IETF Last call. This standards track draft introduces an importance change in the IKE negotiation in that the sender can indicate that it hash algorithms which do not require prehashing and can instead operate on arbitrary length data. It also goes on to make a more strong requirement then RFC 8032 (which is informational) that: " The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph respectively) MUST NOT be used in IKE." Changes to IKE negotiation require careful review, but I am satisfied that this explicit signal improves the handling of support for the edwards curves.