Thanks for the review! On Wed, Apr 10, 2019 at 5:30 PM Roman Danyliw via Datatracker < nore...@ietf.org> wrote:
> ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > (1) Abstract. Nit. There is a reference, [RFC6944], in the abstract which > isn’t permitted. > Hmm, it is really just giving a clickable reference to the document we are obsoleting. It's kind of nice to have there. But I guess you are right that it is not allowed, so I've made the text without a reference. > > (2) Section 1.2, Per “This document only provides recommendations with > respect > to mandatory-to-implement algorithms or algorithms so weak that > recommendation > cannot be recommended” > > ** Editorial: > s/algorithms so weak that recommendation cannot be recommended/ > algorithms so weak that they cannot be recommended/ > Was fixed in -08 ** The first part of the sentence doesn’t appear to be consistent with the > RFC2119 words in the Section 3.1 Table which also includes RECOMMENDED/MAY > (which is neither MTI or NOT RECOMMENDED) > It is recommended in lower case, not in 2119 meaning? (3) Section 1.3, Typo, s/from from/from/ > > (4) Section 3.1, Typo, s/cryptographics/cryptographic/ > Were already fixed. > (5) Section 3.1, ED448 appears to be the only algorithm that doesn’t have > treatment in even briefly describing its designated implementation > recommendation. > It does get mentioned in the beginning of the paragraph. But there isn't much to say really. It's there but just slightly stronger than 25519, so not really worth the effort. I think it is okay to leave it as motsly uninteresting, but if someone has some text, I'm fine with that too. > (6) Section 3.1, The sentence “It is expected that ED25519 will become the > future RECOMMENDED default algorithm …” is clear on the future. However, > looking back at the table in this section, it wasn’t clear what the current > default algorithm is. > I've changed it a little bit to indicate this by adding a sentence here: RSASHA256 is in wide use and considered strong. It has been the default algorithm for a number of years and is now slowly being replaced with ECDSAP256SHA256 due to its shorter key and signature size, resulting in smaller DNS packets. > > (7) Section 3.2, The sentence “Operation recommendation for new and > existing > deployments.” Seems to stand alone or is missing some words. Should it be > something along the lines of “This section provides operational > recommendations > …” > I've removed the sentence. > (8) Section 3.2, Typo, s/is RECOMMENDED/is the RECOMMENDED/ > > (9) Section 3.4, Editorial, s/The SHA-256/SHA-256/ > Were already fixed in -08. > (10) Section 4, Typo, s/seciton/section/ > Fixed. (11) Section 5, Editorial, s/for the use of DNSSEC/for use in DNSSEC/ > Fixed. The -09 should appear shortly with these fixes. Thanks! Paul
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop