Last Call Review of draft-ietf-lamps-rfc5990bis-05
review-ietf-lamps-rfc5990bis-05-opsdir-lc-dhody-2024-04-23-00
| Request | Review of | draft-ietf-lamps-rfc5990bis |
|---|---|---|
| Requested revision | No specific revision (document currently at 10) | |
| Type | Last Call Review | |
| Team | Ops Directorate (opsdir) | |
| Deadline | 2024-04-23 | |
| Requested | 2024-04-09 | |
| Authors | Russ Housley , Sean Turner | |
| I-D last updated | 2024-04-23 | |
| Completed reviews |
Genart Last Call review of -05
by Christer Holmberg
(diff)
Secdir Last Call review of -05 by Donald E. Eastlake 3rd (diff) Opsdir Last Call review of -05 by Dhruv Dhody (diff) |
|
| Assignment | Reviewer | Dhruv Dhody |
| State | Completed | |
| Request | Last Call review on draft-ietf-lamps-rfc5990bis by Ops Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/ops-dir/wbCWUniCTdjHYrBYt8eNmiVbQC0 | |
| Reviewed revision | 05 (document currently at 10) | |
| Result | Has nits | |
| Completed | 2024-04-23 |
review-ietf-lamps-rfc5990bis-05-opsdir-lc-dhody-2024-04-23-00
# OPSDIR review of draft-ietf-lamps-rfc5990bis-05 I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in the last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last-call comments. The document specifies the conventions for using the RSA-KEM Algorithm The document is clear and well-written. The draft does not have any operational text which is to be expected of such a document. The document is almost ready for publication, I have only minor concerns and nits. ## Minor - It is unusual to mention a draft name in the abstract. Perhaps change that to RFC XXXX and add a note to the RFC editor that XXXX should be replaced with the RFC# assigned to the draft. - Abstract should also note that the RFC 5990 is being obsoleted and highlight the change/motivation. - The text does not state what is e in "c = z^e mod n" or d in "z = ct^d mod n", should it? - Section 1.6; Once this I-D is published, the RFC 5990 will be obsoleted and thus I suggest we rephrase "RFC 5990 uses...", "RFC 5990 includes", etc to indicate RFC 5990 is in the past... - Throughout the I-D there are various MUST conditions, it is unsure to me what happens when those conditions are not met. - Appendix A uses the notation "(C)" for ciphertext whereas the rest of the text uses "ct". Is that okay? - Section A.1, step 2 - "Encrypt the random integer Z..."; shouldn't this be z instead of Z. I see RFC 5099 used z. Why was that changed? ## Nits - s/with goal of providing/with the goal of providing/ - s/Decrypt the the ciphertext with the/Decrypt the ciphertext with the/ - Expand on first use - KDF - s/used with with the RSA-KEM/used with the RSA-KEM/ - s/using the their private key/using their private key/ Thanks! Dhruv