|
List Info
Thread: Re: Last Call: draft-ietf-openpgp-rfc2440bis (OpenPGP Message Format) to Proposed Standard
|
|
| Re: Last Call:
draft-ietf-openpgp-rfc2440bis (OpenPGP
Message Format) to Proposed Standard |
 
Sweden |
2007-03-13 09:26:42 |
Hi!
I started a review by going through the reference section.
There
seems to be some editing left to do...
There are reference to old documents, including:
RFC 2279 -> RFC 3629
RFC 1750 -> RFC 4086
There are normative reference to non-standards track RFCs,
including:
RFC 1641
RFC 1951
RFC 1991 (which documents is intended to obsolete?)
RFC 2144
The following reference are never cited in the text as far
as I can
tell. Most of them should likely be removed, but citing
[BLEICHENBACHER] at some appropriate point may be useful.
[RFC1423] Balenson, D., "Privacy Enhancement
for Internet
Electronic Mail: Part III: Algorithms,
Modes, and
Identifiers", RFC 1423, October
1993.
[RFC1641] Goldsmith, D. and M. Davis, "Using
Unicode with
MIME", RFC 1641, July 1994.
[BLEICHENBACHER] Bleichenbacher, Daniel,
"Generating Elgamal
signatures without knowing the secret
key,"
Eurocrypt 96. Note that the version in
the
proceedings has an error. A revised
version is
available at the time of writing from
<ftp://ftp.inf.ethz.ch/pub/publications/papers/ti
/isc/ElGamal.ps>
[DONNERHACKE] Donnerhacke, L., et. al, "PGP263in
- an improved
international version of PGP",
ftp://ftp.iks-
jena.de/mitarb/lutz/crypt/software/pgp/
[MAURER] Ueli Maurer, "Modelling a
Public-Key
Infrastructure", Proc. 1996
European Symposium on
Research in Computer Security (ESORICS'
96),
Lecture Notes in Computer Science,
Springer-Verlag,
vol. 1146, pp. 325-350, Sep 1996.
[RFC1983] Malkin, G., "Internet Users'
Glossary", FYI 18, RFC
1983, August 1996.
/Simon
The IESG <iesg-secretary ietf.org> writes:
> The IESG has received a request from the An Open
Specification for
> Pretty Good Privacy WG (openpgp) to consider the
following document:
>
> - 'OpenPGP Message Format '
> <draft-ietf-openpgp-rfc2440bis-19.txt> as a
Proposed Standard
>
> The IESG plans to make a decision in the next few
weeks, and solicits
> final comments on this action. Please send substantive
comments to the
> ietfietf.org mailing lists by 2007-03-27. Exceptionally,
> comments may be sent to iesgietf.org instead. In either
case, please
> retain the beginning of the Subject line to allow
automated sorting.
>
> The file can be obtained via
> http://www.ietf.org/internet-drafts/draf
t-ietf-openpgp-rfc2440bis-19.txt
>
>
> IESG discussion can be tracked via
> https://datatrack
er.ietf.org/public/pidtracker.cgi?command=view_id&dTag=4
936&rfc_flag=0
|
|
| Re: Last Call:
draft-ietf-openpgp-rfc2440bis (OpenPGP
Message Format) to Proposed Standard |
 
United Kingdom |
2007-04-03 03:05:18 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> There are reference to old documents, including:
>
> RFC 2279 -> RFC 3629
> RFC 1750 -> RFC 4086
>
Thanks.
> There are normative reference to non-standards track
RFCs, including:
>
> RFC 1641
I just removed this.
> RFC 1951
This is the definition of ZIP/DEFLATE. We have to have it.
It is also
the best documentation of ZIP there is. Nonetheless, I moved
it to
Informative despite the fact that it is a normative
reference,
because idnits complained about it, too.
> RFC 1991 (which documents is intended to obsolete?)
RFC 1991 is the RFC that describes PGP 2.6.x. With 2440bis,
we have
deprecated those mechanisms. Consequently, they are less
well-defined
in 2440bis than they were in 2440. If an implementation
wants to be
compatible with PGP 2.6.x, it is more important that this be
referenced. I moved it to informative, too, because idnits
complained.
> RFC 2144
>
This is the description of CAST5. Idnits didn't complain
about this
one, so I left it.
> The following reference are never cited in the text as
far as I can
> tell. Most of them should likely be removed, but
citing
> [BLEICHENBACHER] at some appropriate point may be
useful.
>
> [RFC1423] Balenson, D., "Privacy
Enhancement for Internet
> Electronic Mail: Part III:
Algorithms, Modes, and
> Identifiers", RFC 1423,
October 1993.
Moved to Informative. It would be a shame not to honor the
contribution that PEM made to secure email.
>
> [RFC1641] Goldsmith, D. and M. Davis,
"Using Unicode with
> MIME", RFC 1641, July 1994.
>
I just removed it.
> [BLEICHENBACHER] Bleichenbacher, Daniel,
"Generating Elgamal
> signatures without knowing the
secret key,"
> Eurocrypt 96. Note that the
version in the
> proceedings has an error. A
revised version is
> available at the time of writing
from
>
<ftp://ftp.inf.ethz.ch/pub/publications/papers/ti
> /isc/ElGamal.ps>
>
I added a reference in the discussion of Elgamal
signatures.
> [DONNERHACKE] Donnerhacke, L., et. al,
"PGP263in - an improved
> international version of
PGP", ftp://ftp.iks-
>
jena.de/mitarb/lutz/crypt/software/pgp/
>
Removed, since we're deprecating 2.6.x.
> [MAURER] Ueli Maurer, "Modelling a
Public-Key
> Infrastructure", Proc. 1996
European Symposium on
> Research in Computer Security
(ESORICS' 96),
> Lecture Notes in Computer Science,
Springer-
> Verlag,
> vol. 1146, pp. 325-350, Sep 1996.
>
I'm leaving this in, because it's a good informative
reference
despite there being no specific place for it.
> [RFC1983] Malkin, G., "Internet Users'
Glossary", FYI
> 18, RFC
> 1983, August 1996.
>
Removed.
Thanks for the comments.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.5.3
Charset: US-ASCII
wj8DBQFGEgq9sTedWZOD3gYRAtCnAKDGp+ANeguMUJB5BOH49SLIRKLRCgCc
CTCD
wfMHnpRuENGvCSJVljjeZhM=
=sa20
-----END PGP SIGNATURE-----
|
|
[1-2]
|
|