Last Call Review of draft-ietf-tls-rfc4492bis-14
review-ietf-tls-rfc4492bis-14-opsdir-lc-wijnen-2017-04-12-00

Request Review of draft-ietf-tls-rfc4492bis
Requested rev. no specific revision (document currently at 17)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2017-03-03
Requested 2017-02-17
Authors Yoav Nir, Simon Josefsson, Manuel Pégourié-Gonnard
Draft last updated 2017-04-12
Completed reviews Opsdir Last Call review of -14 by Bert Wijnen (diff)
Secdir Last Call review of -14 by Scott Kelly (diff)
Assignment Reviewer Bert Wijnen
State Completed
Review review-ietf-tls-rfc4492bis-14-opsdir-lc-wijnen-2017-04-12
Reviewed rev. 14 (document currently at 17)
Review result Ready
Review completed: 2017-04-12

Review
review-ietf-tls-rfc4492bis-14-opsdir-lc-wijnen-2017-04-12

As far as I can tell, this document describes a number of ecc
cipher suites that can be used by TLS servers and clients. It describes
the interaction btween the client and server for the various cipher
suites used.

So for all I can tell, this has no operational or network management
impacts on the internet.


NITS:
- abstract states:

   protocol.  In particular, it specifies the use of Ephemeral Elliptic
   Curve Diffie-Hellman (ECDHE)....

  I would have expected the acronym to be EECDH ???

  in fact the text in section 2:

    All of them use Ephemeral ECDH (ECDHE)....
 
  makes me think that indeed EECDH is a much better acronym or abbreviation
  But you can ignore this, it is probably just my preference how I would
  abbreviate.


- Introduction states:

o the use of the Elliptic Curve Diffie-Hellman key agreement scheme with ephemeral keys to establish the TLS premaster secret, and o the use of ECDSA certificates for authentication of TLS peers.

Why do you use the full text (not acronym) in the first bullet and only an acronym in the 2nd bullet?

Bert Wijnen