Last Call Review of draft-ietf-dcrup-dkim-crypto-12
review-ietf-dcrup-dkim-crypto-12-secdir-lc-wouters-2018-06-11-00

Request Review of draft-ietf-dcrup-dkim-crypto
Requested rev. no specific revision (document currently at 14)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-06-12
Requested 2018-05-29
Other Reviews Genart Last Call review of -12 by Pete Resnick (diff)
Review State Completed
Reviewer Paul Wouters
Review review-ietf-dcrup-dkim-crypto-12-secdir-lc-wouters-2018-06-11
Posted at https://mailarchive.ietf.org/arch/msg/secdir/WhJNBKOtx3-vJl2Yi1BDmY2GjmQ
Reviewed rev. 12 (document currently at 14)
Review result Has Nits
Draft last updated 2018-06-11
Review completed: 2018-06-11

Review
review-ietf-dcrup-dkim-crypto-12-secdir-lc-wouters-2018-06-11

NITS:
I believe the [FIPS-180-4-2015] reference should be replaced with a reference to RFC-6376

Remove or indicate the RFC Editor should remove the following text:

      Discussion Venue:    Discussion about this draft is directed to the
      dcrup@ietf.org [1] mailing list.

This sentence doesn't parse easily:

     This is an additional DKIM signature algorithm added to Section 3.3
   of [RFC6376] as envisioned in Section 3.3.4 of [RFC6376].

It should simply say something like "This document adds an additional key algorithm type to the DKIM Key Type Registry and a new signature type to the DKIM Hash Algorithms Registry"

This text reads a little odd:

   Ed25519 is a widely used cryptographic technique, so the security of
   DKIM signatures using new signing algorithms should be at least as
   good as those using old algorithms.

It seems to suggest that being "widely used" is a guarantee for being "at least as good as older stuff". Better would be to just point to the Security Considerations of RFC 8032

Section 4 and 8 have an introductory lines that says "update as follows" followed by a dot instead of a colon. That is a little confusing to the reader, as if some text is missing before the dot.