Last Call Review of draft-jivsov-openpgp-ecc-
review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30-00

Request Review of draft-jivsov-openpgp-ecc
Requested rev. no specific revision (document currently at 14)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2012-04-10
Requested 2012-03-15
Draft last updated 2012-03-30
Completed reviews Genart Last Call review of -?? by Christer Holmberg
Secdir Last Call review of -?? by Brian Weis
Assignment Reviewer Christer Holmberg
State Completed
Review review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30
Review completed: 2012-03-30

Review
review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30

I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

 

Please resolve these comments along with any other Last Call comments you may receive.

 

Document:                                         draft-jivsov-openpgp-ecc-10

Reviewer:                                           Christer Holmberg

Review Date:                                     2012-03-19

IETF LC End Date:                             2012-04-09

IESG Telechat date: (if known)   2012-04-09 

 

Summary:           The draft is ready for publication, with a couple of editorial nits.

 

Major issues:     -

 

Minor issues:     -

 

Nits/editorial comments:

 

Q1:         The “MPI” abbreviation is used throughout the document, but it is not expanded anywhere, nor is there any reference.

 

 

Q2:         The Abstract says:

 

                “The document aims to standardize an optimal but narrow set of parameters for best interoperability”

 

I think it would to make it more clear what interoperability you refer to.

 

 

Q3:         The Abstract says:

 

                “within the framework it defines”

 

                However, the framework is not mentioned/clarified/defined anywhere in the document, so if you want to talk about a framework I think some clarification is needed.

 

 

Q4:         In the Introduction, please add references to OpenPGP, RSA and DSA. Also consider expansion on first occurrence.

 

 

Q5:         The document uses “This document”, “This specification”, “This draft” and “This standard” terminology. Please use consistent terminology.

 

 

Q6:         In section 5, I don’t think you need the “defined in” parts. Simply add the reference.

 

                Example:             “Elliptic Curve Digital Signature Algorithm (ECDSA) [FIPS 186-3],…”

 

                Maybe similar changes can be done in some other parts of the document also.

 

 

Q7:         In section 5, consider modifying the following sentence:

 

                “The section 9.1. Public-Key Algorithms of [RFC4880] is expanded to define the following public key algorithm IDs”

 

                To:

 

                “This section extends section 9.1 (Public-Key Algorithms) or [RFC4880], by defining the following public key algorithm IDs”

 

 

Q8:         Section 5 says:

 

                “Applications MUST support ECDSA and ECDH.”

 

                Please clarify what applications you refer to. I assume you mean “Applications that implement this specification”, or something similar…

 

                The same comment also applies to section 12.1, and section 13 (the word is used many times in section 13, but it is enough to clarify it on first occurrence :)

 

 

Regards,

 

Christer