(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)? Why
is this the proper type of RFC? Is this type of RFC indicated in the
title page header?
This draft is intended for Standards track; this is indicated in the title page
header as well as in the data tracker.
(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:
Technical Summary
This document adds Elliptic Curve Cryptography (ECC) cipher suites to
TLS 1.0-1.2. These cipher suites have some technical
advantages over the currently defined RSA and DH/DSS cipher suites in
terms of key size and performance. This document does not entail any
changes to the TLS base specification.
Note that Appendix B lists the changes from RFC 4492.
Working Group Summary
The WG was able to achieve consensus on advancing this
document to Proposed Standard. Moving RFC 4492 to Standards
Track was the main reason for the draft. It seemed odd to specify
MTI algorithms based on ECC in TLS1.3 and have the TLS1.0-1.2
RFC for the same algorithms be Informational.
Note that we needed to consult the CFRG on the "use of contexts".
Our thanks to them for contributing to this work.
Document Quality
This is a bis draft so the majority of the draft has been reviewed by
the IETF already. The -00 version of the individual draft allows easy
diff to what was published as RFC 4492. Note that more was taken
out than put in.
Personnel
Sean Turner is the Document Shepherd.
Stephen Farrell is the responsible AD.
(3) Briefly describe the review of this document that was performed by
the Document Shepherd. If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.
This version of the draft (-12) is ready for publication.
(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?
There are no concerns about the breadth or depth of the reviews.
(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.
No portions of the document need review from a particular or from
broader perspective.
(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.
See the answer to #8.
(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.
Yes - the authors have each confirmed that any and all appropriate IPR
disclosures required have been made.
(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.
IPR has not been filed on this document, but IPR was filed on RFC 4492.
The prevailing WG belief is that the previously disclosed IPR has expired.
(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?
This says it all:
https://www.youtube.com/watch?v=2NEbe_brJAQ
(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)
There are no known threats of appeal.
(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.
Nits reports a lot of DOWNREFs, but our AD will make doubly sure that
only actual DOWNREFs are called out in the IETF LC.
(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.
N/A
(13) Have all references within this document been identified as
either normative or informative?
Yes
(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?
No, but there are normative references to draft-ietf-curdle-pkix and that draft
should be with the IESG on or about the same time as this draft.
(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.
!!!!-> YES - DOWNREFs are needed to two CFRG RFCs:
RFC 7748RFC 8032
(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.
Yes this draft will obsolete 4492 and this is reflected on the title page
header.
(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).
Three registries were defined in RFC 4492. One’s name was altered by
RFC 7919 and this draft reflects that new name.
This draft also reflects the WG consensus to move the registration
policies from IETF Review to Specification Required for all three of
the 4492-defined registries.
(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.
The expert is probably going to be ekr, but the review really just needs
to be limited to whether there’s actually a publicly available specification.
(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.
These extensions are implemented so the Shepherd is confident that the
formal language is a-okay.