Last Call Review of draft-jivsov-openpgp-ecc-
review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30-00
Request | Review of | draft-jivsov-openpgp-ecc |
---|---|---|
Requested revision | No specific revision (document currently at 14) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2012-04-10 | |
Requested | 2012-03-15 | |
Authors | Andrey Jivsov | |
I-D last updated | 2012-03-30 | |
Completed reviews |
Genart Last Call review of -??
by Christer Holmberg
Secdir Last Call review of -?? by Brian Weis |
|
Assignment | Reviewer | Christer Holmberg |
State | Completed | |
Request | Last Call review on draft-jivsov-openpgp-ecc by General Area Review Team (Gen-ART) Assigned | |
Completed | 2012-03-30 |
review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30-00
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. Document: draft-jivsov-openpgp-ecc-10 Reviewer: Christer Holmberg Review Date: 2012-03-19 IETF LC End Date: 2012-04-09 IESG Telechat date: (if known) 2012-04-09 Summary: The draft is ready for publication, with a couple of editorial nits. Major issues: - Minor issues: - Nits/editorial comments: Q1: The “MPI” abbreviation is used throughout the document, but it is not expanded anywhere, nor is there any reference. Q2: The Abstract says: “The document aims to standardize an optimal but narrow set of parameters for best interoperability” I think it would to make it more clear what interoperability you refer to. Q3: The Abstract says: “within the framework it defines” However, the framework is not mentioned/clarified/defined anywhere in the document, so if you want to talk about a framework I think some clarification is needed. Q4: In the Introduction, please add references to OpenPGP, RSA and DSA. Also consider expansion on first occurrence. Q5: The document uses “This document”, “This specification”, “This draft” and “This standard” terminology. Please use consistent terminology. Q6: In section 5, I don’t think you need the “defined in” parts. Simply add the reference. Example: “Elliptic Curve Digital Signature Algorithm (ECDSA) [FIPS 186-3],…” Maybe similar changes can be done in some other parts of the document also. Q7: In section 5, consider modifying the following sentence: “The section 9.1. Public-Key Algorithms of [RFC4880] is expanded to define the following public key algorithm IDs” To: “This section extends section 9.1 (Public-Key Algorithms) or [RFC4880], by defining the following public key algorithm IDs” Q8: Section 5 says: “Applications MUST support ECDSA and ECDH.” Please clarify what applications you refer to. I assume you mean “Applications that implement this specification”, or something similar… The same comment also applies to section 12.1, and section 13 (the word is used many times in section 13, but it is enough to clarify it on first occurrence :) Regards, Christer