Skip to main content

Last Call Review of draft-jivsov-openpgp-ecc-
review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30-00

Request Review of draft-jivsov-openpgp-ecc
Requested revision No specific revision (document currently at 14)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2012-04-10
Requested 2012-03-15
Authors Andrey Jivsov
I-D last updated 2012-03-30
Completed reviews Genart Last Call review of -?? by Christer Holmberg
Secdir Last Call review of -?? by Brian Weis
Assignment Reviewer Christer Holmberg
State Completed
Request Last Call review on draft-jivsov-openpgp-ecc by General Area Review Team (Gen-ART) Assigned
Completed 2012-03-30
review-jivsov-openpgp-ecc-genart-lc-holmberg-2012-03-30-00
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART,
please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.



Please resolve these comments along with any other Last Call comments you may
receive.



Document:                                         draft-jivsov-openpgp-ecc-10

Reviewer:                                           Christer Holmberg

Review Date:                                     2012-03-19

IETF LC End Date:                             2012-04-09

IESG Telechat date: (if known)   2012-04-09



Summary:           The draft is ready for publication, with a couple of
editorial nits.



Major issues:     -



Minor issues:     -



Nits/editorial comments:



Q1:         The “MPI” abbreviation is used throughout the document, but it is
not expanded anywhere, nor is there any reference.





Q2:         The Abstract says:



                “The document aims to standardize an optimal but narrow set of
                parameters for best interoperability”



I think it would to make it more clear what interoperability you refer to.





Q3:         The Abstract says:



                “within the framework it defines”



                However, the framework is not mentioned/clarified/defined
                anywhere in the document, so if you want to talk about a
                framework I think some clarification is needed.





Q4:         In the Introduction, please add references to OpenPGP, RSA and DSA.
Also consider expansion on first occurrence.





Q5:         The document uses “This document”, “This specification”, “This
draft” and “This standard” terminology. Please use consistent terminology.





Q6:         In section 5, I don’t think you need the “defined in” parts. Simply
add the reference.



                Example:             “Elliptic Curve Digital Signature
                Algorithm (ECDSA) [FIPS 186-3],…”



                Maybe similar changes can be done in some other parts of the
                document also.





Q7:         In section 5, consider modifying the following sentence:



                “The section 9.1. Public-Key Algorithms of [RFC4880] is
                expanded to define the following public key algorithm IDs”



                To:



                “This section extends section 9.1 (Public-Key Algorithms) or
                [RFC4880], by defining the following public key algorithm IDs”





Q8:         Section 5 says:



                “Applications MUST support ECDSA and ECDH.”



                Please clarify what applications you refer to. I assume you
                mean “Applications that implement this specification”, or
                something similar…



                The same comment also applies to section 12.1, and section 13
                (the word is used many times in section 13, but it is enough to
                clarify it on first occurrence :)





Regards,



Christer