Hi tl;dr: Looks fine, please publish
I am not a cryptographer and not competent to comment on the issues that this draft is trying to solve or on the quality of this solution. Speaking strictly as a developer, the text is clear and understandable. Doing the mental exercise of estimating what it would take to implement this in my code, it was very easy to add the prescribed tests in the two places they would be needed, with about 5 lines of extra code apiece. (of course it helps to have access to the OpenSSL library with functions such as ec_GFp_simple_is_at_infinity() and ec_GFp_simple_is_on_curve() rather than having to implement them myself) Yoav On Apr 9, 2013, at 12:46 AM, Paul Hoffman <[email protected]> wrote: > [[ So far, we have received only *one* review of this document, from Tero. If > we don't receive more reviews, the document might not progress due to lack of > interest. Please review this document within the next week and contribute > your review to the list. ]] > > Greetings. This is the start of the WG Last Call for > draft-ietf-ipsecme-dh-checks; the WG period will end in two weeks, on April > 15. The current draft is available at > http://tools.ietf.org/html/draft-ietf-ipsecme-dh-checks-01 > > Given that this will be a Standards Track document, it is important for it to > be reviewed by as many people as possible. Possible results of individual > reviewing the document are: > > - "Looks fine, please publish" > > - "Looks fine, here are some comments" > > - "Has some problems, here they are" > > - Other things of that sort > > Many people on this mailing list are IPsec implementers but are mostly or > completely silent on the mailing list. If you are one of those people, doing > a WG Last Call review is a good way to participate usefully in the WG. Please > strongly consider (a) reading the current draft and (b) sending a message to > the list with your short or long review. If there are too few reviews on this > document, we could get pushback from the IESG about the document. > > --Paul Hoffman _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
