IETF Last Call Review of draft-ietf-tls-deprecate-obsolete-kex-05
review-ietf-tls-deprecate-obsolete-kex-05-genart-lc-knodel-2025-04-28-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.

Document: draft-ietf-tls-deprecate-obsolete-kex-??
Reviewer: Mallory Knodel
Review Date: 2025-04-28
IETF LC End Date: 2025-04-28
IESG Telechat date: Not scheduled for a telechat

Summary:  This draft deprecates two key exchange methods and discourages use of
a cipher suite for TLS. This draft is well written and straight forward. I have
only minor editorial comments.

Major issues: None.

Minor issues: None.

Nits/editorial comments:
 * General comment: The text of this draft is clear and presents information in
 an unambiguous fashion by describing the problems and solutions in an order
 that makes sense. * However the abstract is confusing in that all mitigations
 apply to TLS 1.2 and they are all key exchange methods, the split being
 between deprecates and discourages. So, I suggest the first sentence state,
 "For TLS 1.2 this document deprecates the use of key exchanges, namely
 Diffie-Hellman over a finite field and RSA, and it discourages the use of
 static elliptic curve Diffie Hellman cipher suites." * The second sentence of
 the document's abstract begins with "Note...", which is an unnecessary
 qualifier that can just be removed, starting the sentence with "These
 prescriptions...". * That's it! Your document is great.