[TLS] AD review of draft-ietf-tls-md5-sha1-deprecate-03

Fri, 02 Oct 2020 16:43:47 -0700 

Hi!

I've assumed the role of responsible AD on this document.  As such, I performed 
an AD review of draft-ietf-tls-md5-sha1-deprecate-03.  

Thanks for writing this document to address an important crypto maintenance 
tasks in TLS v1.2.  I have a few clarifying and pro forma editorial items of 
feedback.  

** Please address the following IDNits:

-- The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

-- The draft header indicates that this document updates RFC5246, but the
     abstract doesn't seem to mention this, which it should.

-- The draft header indicates that this document updates RFC7525, but the
     abstract doesn't seem to mention this, which it should.

** Section 1.  Editorial. 
-- s/RFC 5246 [RFC5246]/[RFC5246]/

-- s/RFC 6151 [RFC6151]/[RFC6151]/

-- s/RFC7525 [RFC7525]/[RFC7525]/

** Section 1.  Editorial.  For symmetry with the rest of the text:

OLD
RFC 6151 [RFC6151]
   details the security considerations, including collision attacks for
   MD5, published in 2011.  

NEW
In 2011, [RFC6151]  detailed the security considerations, including collision 
attacks for MD5.  

** Section 1.  Please provide a reference for "Wang, et al".  Is there a 
reference to provide for the "the potential for brute-force attack"

** Section 6.  Editorial Nit. s/RFC5246 [RFC5246]/[RFC5246]/

** Section 6.  Move the text "In Section 7.4.1.4.1: the text should be revised 
from" out of the "OLD" block of text to be its own intro paragraph so that the 
OLD vs. NEW is  a clear cut-and-paste.

** Section 7.  Editorial. s/ RFC7525 [RFC7525]/[RFC7525]/

** Section 7.  SHA-1 is also not mentioned in RFC7525.  Recommend:

OLD
The prior text did not explicitly include
   MD5 and this text adds it to ensure it is understood as having been
   deprecated.

NEW
The prior text did not explicitly include MD5 or SHA-1; and this text adds 
guidance to ensure that these algorithms have been deprecated.

** Section 7.  Editorial.  Grammar.

OLD
In addition, the use of the SHA-256 hash algorithm is RECOMMENDED,
   SHA-1 or MD5 MUST NOT be used

NEW
In addition, the use of the SHA-256 hash algorithm is RECOMMENDED; and SHA-1 or 
MD5 MUST NOT be used

** Section 10.2  Please make RFC5246 a normative reference.

Regards,
Roman

_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls

Reply via email to