Last Call Review of draft-ietf-tls-rfc4492bis-14
review-ietf-tls-rfc4492bis-14-opsdir-lc-wijnen-2017-04-12-00
| Request | Review of | draft-ietf-tls-rfc4492bis |
|---|---|---|
| Requested revision | No specific revision (document currently at 17) | |
| Type | Last Call Review | |
| Team | Ops Directorate (opsdir) | |
| Deadline | 2017-03-03 | |
| Requested | 2017-02-17 | |
| Authors | Yoav Nir , Simon Josefsson , Manuel Pégourié-Gonnard | |
| Draft last updated | 2017-04-12 | |
| Completed reviews |
Opsdir Last Call review of -14
by
Bert Wijnen
(diff)
Secdir Last Call review of -14 by Scott G. Kelly (diff) |
|
| Assignment | Reviewer | Bert Wijnen |
| State | Completed | |
| Review |
review-ietf-tls-rfc4492bis-14-opsdir-lc-wijnen-2017-04-12
|
|
| Reviewed revision | 14 (document currently at 17) | |
| Result | Ready | |
| Completed | 2017-04-12 |
review-ietf-tls-rfc4492bis-14-opsdir-lc-wijnen-2017-04-12-00
As far as I can tell, this document describes a number of ecc
cipher suites that can be used by TLS servers and clients. It describes
the interaction btween the client and server for the various cipher
suites used.
So for all I can tell, this has no operational or network management
impacts on the internet.
NITS:
- abstract states:
protocol. In particular, it specifies the use of Ephemeral Elliptic
Curve Diffie-Hellman (ECDHE)....
I would have expected the acronym to be EECDH ???
in fact the text in section 2:
All of them use Ephemeral ECDH (ECDHE)....
makes me think that indeed EECDH is a much better acronym or abbreviation
But you can ignore this, it is probably just my preference how I would
abbreviate.
- Introduction states:
o the use of the Elliptic Curve Diffie-Hellman key agreement scheme with
ephemeral keys to establish the TLS premaster secret, and o the use of ECDSA
certificates for authentication of TLS peers.
Why do you use the full text (not acronym) in the first bullet and only an
acronym in the 2nd bullet?
Bert Wijnen