Thanks for the review!
On Wed, Apr 10, 2019 at 5:30 PM Roman Danyliw via Datatracker <
nore...@ietf.org> wrote:
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> (1) Abstract. Nit. There is a reference, [RFC6944], in the abstract which
> isn’t permitted.
>
Hmm, it is really just giving a clickable reference to the document we are
obsoleting. It's kind of nice to have there. But I guess you are right that
it is not allowed, so I've made the text without a reference.
>
> (2) Section 1.2, Per “This document only provides recommendations with
> respect
> to mandatory-to-implement algorithms or algorithms so weak that
> recommendation
> cannot be recommended”
>
> ** Editorial:
> s/algorithms so weak that recommendation cannot be recommended/
> algorithms so weak that they cannot be recommended/
>
Was fixed in -08
** The first part of the sentence doesn’t appear to be consistent with the
> RFC2119 words in the Section 3.1 Table which also includes RECOMMENDED/MAY
> (which is neither MTI or NOT RECOMMENDED)
>
It is recommended in lower case, not in 2119 meaning?
(3) Section 1.3, Typo, s/from from/from/
>
> (4) Section 3.1, Typo, s/cryptographics/cryptographic/
>
Were already fixed.
> (5) Section 3.1, ED448 appears to be the only algorithm that doesn’t have
> treatment in even briefly describing its designated implementation
> recommendation.
>
It does get mentioned in the beginning of the paragraph. But there isn't
much to say really. It's there but just slightly stronger than 25519, so
not really worth the effort. I think it is okay to leave it as motsly
uninteresting, but if someone has some text, I'm fine with that too.
> (6) Section 3.1, The sentence “It is expected that ED25519 will become the
> future RECOMMENDED default algorithm …” is clear on the future. However,
> looking back at the table in this section, it wasn’t clear what the current
> default algorithm is.
>
I've changed it a little bit to indicate this by adding a sentence here:
RSASHA256 is in wide use and considered strong. It has been the
default
algorithm for a number of years and is now slowly being replaced
with
ECDSAP256SHA256 due to its shorter key and signature size,
resulting in
smaller DNS packets.
>
> (7) Section 3.2, The sentence “Operation recommendation for new and
> existing
> deployments.” Seems to stand alone or is missing some words. Should it be
> something along the lines of “This section provides operational
> recommendations
> …”
>
I've removed the sentence.
> (8) Section 3.2, Typo, s/is RECOMMENDED/is the RECOMMENDED/
>
> (9) Section 3.4, Editorial, s/The SHA-256/SHA-256/
>
Were already fixed in -08.
> (10) Section 4, Typo, s/seciton/section/
>
Fixed.
(11) Section 5, Editorial, s/for the use of DNSSEC/for use in DNSSEC/
>
Fixed.
The -09 should appear shortly with these fixes.
Thanks!
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
