Last Call Review of draft-ietf-lamps-pkix-shake-08
review-ietf-lamps-pkix-shake-08-genart-lc-halpern-2019-03-30-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-lamps-pkix-shake-08
Reviewer: Joel Halpern
Review Date: 2019-03-30
IETF LC End Date: 2019-04-10
IESG Telechat date: Not scheduled for a telechat

Summary: This document is almost ready for publication as a Proposed Standard

Major issues:
    One of the key points of this RFC seems to be to assign the identifiers for
    the use of the two SHAKE variants.  It is thus confusing that the
    identifiers end with "TBD", and thus are not defined in this document.

Minor issues:
    The algorithm identifiers are label as TVD.  There are at least two values
    (one for SHAKE128 and one for SHAKE256) with each used in two context
    (RSASSA-PSS and ECDSA).  It would be helpful if the two (or four)
    identifiers were labeled clearly TBD1 and TBD2 (and possibly TBD3 and TBD4).

Nits/editorial comments:
    There is one use of "SHAKES" as the plural of SHAKE in section 5.1.1.  All
    other uses are "SHAKEs", which seems to be correct.