[DNSOP] Alissa Cooper's Yes on draft-ietf-dnsop-algorithm-update-07: (with COMMENT)

[Alissa Cooper via Datatracker]

Alissa Cooper has entered the following ballot position for
draft-ietf-dnsop-algorithm-update-07: Yes

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-algorithm-update/



--
COMMENT:
--

Please respond to the Gen-ART review.

In line with Mirja's comment, if the WG or someone in it were planning on
maintaining the 4.1 comparison table somewhere less stable than an RFC, that
seems like it could be useful and could be linked to from the WG datatracker
page.


___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [Gen-art] Genart telechat review of draft-ietf-dnsop-algorithm-update-07

[Alissa Cooper]

Peter, thanks for your review. I entered a Yes ballot and pointed to your 
review.

Alissa

> On Apr 6, 2019, at 5:16 AM, Peter Yee via Datatracker  
> wrote:
> 
> Reviewer: Peter Yee
> Review result: Ready with Nits
> 
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair. Please wait for direction from your
> document shepherd or AD before posting a new version of the draft.
> 
> For more information, please see the FAQ at
> 
> .
> 
> Document: draft-ietf-dnsop-algorithm-update-07
> Reviewer: Peter Yee
> Review Date: 2019-04-06
> IETF LC End Date: 2019-02-27
> IESG Telechat date: 2019-04-11
> 
> Summary:  This document updates the DNSKEY, DS, and CDS algorithm
> recommendations for use in DNSSEC based on current thinking in cryptography. 
> This document is Ready with Nits as a Standards Track publication.
> 
> Major issues: None
> 
> Minor issues: None
> 
> Nits/editorial comments:
> 
> Page 2, Section 1.1, 2nd sentence: append a comma after "New".
> 
> Page 3, Section 1.2, 2nd paragraph, 1st sentence: change "recommendation 
> cannot
> be recommended" to "they cannot be recommended".
> 
> Page 3, Section 1.2, 4th paragraph, 2nd sentence: change "recommendation" to
> "intent".
> 
> Page 3, Section 1.2, 6th paragraph, 1st sentence: change "DNSKEY's" to
> "DNSKEYs".
> 
> Page 3, Section 1.2, 6th paragraph, 3rd sentence: indicate for clarity where
> this marking will be done (essentially in a new version of this RFC).
> 
> Page 4, Section 1.3: In general, it would be nice if there were references in
> the paragraphs following the table that point to the research that led to the
> statements of strength or lack of strength of the algorithms.  Then again, 
> this
> isn't an academic paper, so references aren't strictly required either.  While
> I mostly (but not completely) agree with the notes on the individual
> algorithms, the average reader is left to take the statements as gospel rather
> than being able to make an informed decision on the current state of
> cryptography.
> 
> Page 4, Section 1.3, 3rd sentence: delete a redundant "from".
> 
> Page 5, 4th paragraph, 2nd sentence: change "cryptographics" to 
> "cryptographic".
> 
> Page 5, 4th paragraph, 3rd sentence: change "that" to "who".
> 
> Page 5, 5th paragraph, 2nd sentence: delete "The" before "GOST".  I'm 
> generally
> in favor of dropping the definite article of algorithm abbreviations.  If you
> prefer not to do so, then use the definitive article consistently throughout
> the document.
> 
> Page 5, 6th paragraph, 3rd sentence: insert "the" before "deterministic".
> 
> Page 5, 8th paragraph, 1st sentence: change "ED25519" to "Ed25519".  Change
> "ED448" to "Ed448".  Only make these two changes if you are referring to these
> algorithms by the names given to them by their authors as opposed to the
> mnemonics used within DNSSEC.  (This statement also applies to the Ed25519
> comment below.) Insert "the" before "Edwards".
> 
> Page 5, 8th paragraph, 2nd sentence: delete "the" before "EdDSA".  Delete
> "algorithm" after "EdDSA".
> 
> Page 5, 8th paragraph, 4th sentence: change "ED25519" to "Ed25519".
> 
> Page 6, Section 3.2, 2nd paragraph: insert "the" before "industry".  Change 
> "to
> move to" to "toward".  Delete "the" before "ECDSAP256SHA256 ".  Insert "the"
> before "RECOMMENDED".  Change "RSA based" to "RSA-based".
> 
> Page 6, Section 3.3, 3rd paragraph, 1st fragment: change "for" to 
> "regarding". 
> Append "are summarized in the table below." to the fragment.
> 
> Page 6, Section 3.3, 3rd paragraph, 2nd sentence: append "recommendations"
> after "These".
> 
> Page 6, 1st paragraph after table: append a period to the end of the sentence.
> 
> Page 6, 2nd paragraph after the table: append a period to the end of the
> sentence.
> 
> Page 6, 4th paragraph after the table, 2nd sentence: delete "The" before 
> "GOST".
> 
> Page 6, 5th paragraph, 1st sentence: change second "SHA-384" to "SHA-256".
> 
> Page 7, Section 3.4, 1st sentence: change the period at the end of a sentence
> to a colon.  Join the following sentence to the first sentence after deleting
> "The" before "SHA-256" and insert "the" before "RECOMMENDED".
> 
> Page 7, Section 4: this section has not been reviewed since it is to be 
> deleted
> by the RFC Editor prior to publication.
> 
> Page 8, Section 5, 2nd paragraph, 2nd sentence: consider appending "(in the
> cryptographic sense)" after "broken".
> 
> Page 9, Section 8, 1st paragraph, 1st sentence: delete an extraneous space
> after "I.".  Append a comma after "Wouters".
> 
> Page 9, Section 8, 2nd paragraph: append a comma after "Hoffman".  "Imminent"
> in this sentence is probably not the word you want in document at time of
> publication, although it's fine to prod the named individuals into submitted
> input prior to publication.
> 
> Page 9, Section 8, 3rd

[DNSOP] Ongoing discussion of DoH, DoT, and related issues

[Barry Leiba]

A mailing list has been created for the ongoing discussion of issues
with DNS over HTTPS, DNS over TLS, implementation choices for those,
application usage, operational concerns, privacy concerns, performance
concerns, and any other such.  Please take all that related discussion
to the new list and please stop discussing it on DOH, DPRIVE, DNSOP,
and any other lists — that will keep the related discussion in one
place, and avoid fragmenting it and having people repeat themselves
because of the fragmentation.

The new list is called ADD — Applications Doing DNS:
   https://www.ietf.org/mailman/listinfo/add
...and it's in the "to" list of this message.  Subscriptions are now open.

With this message I’m asking the working group chairs for DOH, DPRIVE,
and DNSOP to be strict about stopping discussion of these topics on
their lists, and directing people to the new “ADD” list.

Of course, work directly relevant to the charters of these working
groups should continue on their respective lists, as usual.

For the longer term, the relevant ADs are discussing the right path.
At the moment that looks like a BoF in Montreal (IETF 105) aimed at
forming an “ADD” working group, most likely in the ART Area but with
significant crossover expected and desired from Ops, Sec, Int, and
probably the rest of the solar system IETF community.

Barry Leiba, ART AD

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Genart telechat review of draft-ietf-dnsop-algorithm-update-07

[Michael Sinatra]

On 2019-04-06 02:16, Peter Yee via Datatracker wrote:

> Page 9, Section 8, 2nd paragraph: append a comma after "Hoffman".  "Imminent"
> in this sentence is probably not the word you want in document at time of
> publication, although it's fine to prod the named individuals into submitted
> input prior to publication.

As one of the "imminent" reviewers, I had previously had some concerns
around some of the language of the recommendations.  The latest few
drafts have settled those concerns, in concert with discussions with
other folks in the WG and outside.  I think the document is ready to go,
pending resolution of the various nits identified in the Genart review.

Michael Sinatra

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Genart telechat review of draft-ietf-dnsop-algorithm-update-07

[Paul Wouters]

On Mon, 8 Apr 2019, Michael Sinatra wrote:


On 2019-04-06 02:16, Peter Yee via Datatracker wrote:


Page 9, Section 8, 2nd paragraph: append a comma after "Hoffman".  "Imminent"
in this sentence is probably not the word you want in document at time of
publication, although it's fine to prod the named individuals into submitted
input prior to publication.


As one of the "imminent" reviewers, I had previously had some concerns
around some of the language of the recommendations.  The latest few
drafts have settled those concerns, in concert with discussions with
other folks in the WG and outside.  I think the document is ready to go,
pending resolution of the various nits identified in the Genart review.


I will be working on all the input we got from the IESG and others. Thanks!

The word "imminent" was a joke in the draft, as it referred to people
who had promised to review the document upon adoption. A little nudge
to keep them honest. It should have been removed after the -00 version :)

Paul

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop