AD Review for draft-ietf-secsh-publickey-subsystem

To: ietf-ssh%netbsd.org@localhost
Subject: AD Review for draft-ietf-secsh-publickey-subsystem
From: Sam Hartman <hartmans-ietf%mit.edu@localhost>
Date: Sun, 27 Aug 2006 23:20:29 -0400 (EDT)


Hi.

I have reviewed the publickey subsystem draft for publication and have
the following comments The working group must come to consensus on
resolution for these comments and a new draft reflecting that
consensus should be uploaded.

As has previously been noted there is not a lot of energy left in the
working group.  In the interest of coming to some sort of closure one
way or another, thes comments must be addressed by October 31, 2006 or
the document will be withdrawn from publication.

1) There is no definition of the public key algorithms or the public key blobs.  Please clearly reference what the contents of the public key blob should be.

2) The abstract cannot contain references.  There needs to be a
    terminology section with the standard RFC 2119 language if you are
    going to use 2119 keywords.  id-nits (check
    http://tools.ietf.org/wg/secsh ) claims there are missing
    references.



3) What check must a server apply for the from hosts?  Is that an IP
    address/reverse DNS check?  Is the server expected to use
    cryptographic information when available (host keys)?  Presumably not, but you should say this.

4) 64-chars seems too short for local names.  A DNS domain name can be
    much longer than that.

5) Please use RFC 3066 for language tags.

Follow-Ups:
- Re: AD Review for draft-ietf-secsh-publickey-subsystem
  - From: Jon Bright
- Other comments on draft-ietf-secsh-publickey-subsystem
  - From: Nicolas Williams

Prev by Date: Re: query on ssh transport packet
Next by Date: Other comments on draft-ietf-secsh-publickey-subsystem
Previous by Thread: query on ssh transport packet
Next by Thread: Other comments on draft-ietf-secsh-publickey-subsystem
Indexes:

Home | Main Index | Thread Index | Old Index