Last Call Review of draft-ietf-curdle-rsa-sha2-10

Request Review of draft-ietf-curdle-rsa-sha2
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2017-09-11
Requested 2017-08-28
Authors denis bider
Draft last updated 2017-09-01
Completed reviews Genart Last Call review of -10 by Russ Housley (diff)
Secdir Last Call review of -10 by Vincent Roca (diff)
Assignment Reviewer Russ Housley
State Completed
Review review-ietf-curdle-rsa-sha2-10-genart-lc-housley-2017-09-01
Reviewed rev. 10 (document currently at 12)
Review result Almost Ready
Review completed: 2017-09-01


I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at

Document: draft-ietf-curdle-rsa-sha2-10
Reviewer: Russ Housley
Review Date: 2017-09-01
IETF LC End Date: 2017-09-11
IESG Telechat date: unknown

Summary: Almost Ready

Major Concerns: None

Minor Concerns:

I think that a better title for this document would be:

   Use of RSA Keys with SHA-256 and SHA-512 in Secure Shell (SSH)

These are two of the hash function in the SHA2 family, and there is no
ambiguity about them being part of the SHA3 family.  Similarly, I think
that the Abstract and Section 1 should explicitly names these two hash
functions.  The current wording seems to include SHA-224 and SHA-384,
and that is not the intent of the author.

In Section 3, I suggest:
   s/using SHA-2 [SHS] as hash./using SHA-256 or SHA-512 [SHS] as hash./
   s/the hash used is SHA-2 256./the hash used is SHA-256./
   s/the hash used is SHA-2 512./the hash used is SHA-512./

Note:  I did not propose changing the strings in case people have already
implemented against this specification.  If no one has implemented yet,
then I would change those too.

Section 5.1 should be expanded to say that following the NIST advice on
key sizes and SHA-1 outside the US Government is prudent.

Nits: None