IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

AD Review for draft-ietf-secsh-publickey-subsystem




Hi.

I have reviewed the publickey subsystem draft for publication and have
the following comments The working group must come to consensus on
resolution for these comments and a new draft reflecting that
consensus should be uploaded.

As has previously been noted there is not a lot of energy left in the
working group.  In the interest of coming to some sort of closure one
way or another, thes comments must be addressed by October 31, 2006 or
the document will be withdrawn from publication.

1) There is no definition of the public key algorithms or the public key blobs.  Please clearly reference what the contents of the public key blob should be.

2) The abstract cannot contain references.  There needs to be a
    terminology section with the standard RFC 2119 language if you are
    going to use 2119 keywords.  id-nits (check
    http://tools.ietf.org/wg/secsh ) claims there are missing
    references.



3) What check must a server apply for the from hosts?  Is that an IP
    address/reverse DNS check?  Is the server expected to use
    cryptographic information when available (host keys)?  Presumably not, but you should say this.

4) 64-chars seems too short for local names.  A DNS domain name can be
    much longer than that.

5) Please use RFC 3066 for language tags.



Home | Main Index | Thread Index | Old Index