Last Call Review of draft-ietf-ipsecme-safecurves-04

Request Review of draft-ietf-ipsecme-safecurves
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2016-09-29
Requested 2016-09-15
Authors Yoav Nir, Simon Josefsson
Draft last updated 2016-09-27
Completed reviews Genart Last Call review of -04 by Orit Levin (diff)
Opsdir Last Call review of -04 by Tim Wicinski (diff)
Assignment Reviewer Orit Levin 
State Completed
Review review-ietf-ipsecme-safecurves-04-genart-lc-levin-2016-09-27
Reviewed rev. 04 (document currently at 05)
Review result Ready with Nits
Review completed: 2016-09-27


I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair.  Please treat these comments just like any other last call comments.

For more information, please see the FAQ at <>.

Document: review of draft-ietf-ipsecme-safecurves-04
Reviewer: Orit Levin (


Review Date: 2016-09-27
IETF LC End Date: 2016-09-29 
IESG Telechat date: unknown

This draft is basically ready for publication, but has nits that should be fixed before publication. The nits are purely editorial, but fixing them will improve the document's readability.

1. Introduction
Par.1 "key agreement (Diffie-Hellman)" : Replace with "key agreement using Diffie-Hellman".
Par.2 "That document": Replace with the name of the document to make clear which one is "that" document.
Par.2 "free from": Replace with "resilient to".

2. Curve25519 and Curve448
Add at the start "Implementations of Curve25519 and Curve448 MUST/SHALL follow the steps described in this section."
Par.1 Replace "are inherited from" with "are compliant with".
Par.2 Replace "goes as" with "is performed as"

3. Use and Negotiation in IKEv2
Consider replacing TBA1/TBA2 throughout the section with [to be replaced with TBA1/TBA2 according to the IANA assignment].
3.2 Consider replace the first sentence with 
"Receiving and handling of incompatible point formats MUST comply with [or MUST follow] considerations/procedures described in section 5 of [RFC7748]."

4. Security Considerations
Par.1 Replace the paragraph text to
"For high-performance constant-time implementations, it is RECOMMENDED to use Curve25519 and Curve448 which were designed for this purpose. Implementers MUST/SHOULD NOT attempt to improve performance by reusing supposedly ephemeral key pair across multiple key exchanges [because ...]."
Par.3 In " ... the process used to pick these curves..." replace "these" with the names to avoid confusion.
Par.3 Replace " ...verification has been done..." with "verification can be done".
Par.4 Replace ",generated in a fully verifiable way," with "that are generated in a fully verifiable way".

6. Acknowledgements
Par1. Replace "is by Mike" with "were defined/specified/etc. by Mike".
Par1. Replace "are in RFC 7748" with " are documented/specified/etc. in RFC 7748".

Thank you,