| | 1 | The actual document shepherd writeup for draft-ietf-krb-wg-camellia-cts: |
| | 2 | |
| | 3 | (1) What type of RFC is being requested (BCP, Proposed Standard, |
| | 4 | Internet Standard, Informational, Experimental, or Historic)? Why |
| | 5 | is this the proper type of RFC? Is this type of RFC indicated in the |
| | 6 | title page header? |
| | 7 | |
| | 8 | We are requesting publication as an Informational RFC. |
| | 9 | |
| | 10 | The authors have requested publication on the standards track; |
| | 11 | however, there is no consensus within the working group to do so at |
| | 12 | this time. There is a possibility that a consensus may emerge in the |
| | 13 | future to adopt one or both of the enctypes defined in this document |
| | 14 | as mandatory to implement for Kerberos; if that happens, we will |
| | 15 | likely request that the document be reclassified as a Proposed |
| | 16 | Standard. However, no such consensus exists at this time. |
| | 17 | |
| | 18 | (2) The IESG approval announcement includes a Document Announcement |
| | 19 | Write-Up. Please provide such a Document Announcement Write-Up. Recent |
| | 20 | examples can be found in the "Action" announcements for approved |
| | 21 | documents. The approval announcement contains the following sections: |
| | 22 | |
| | 23 | Technical Summary |
| | 24 | |
| | 25 | This document specifies two encryption types and two corresponding checksum types for the Kerberos cryptosystem framework defined in RFC 3961. The new types use the Camellia block cipher in CBC-mode with ciphertext stealing and the CMAC algorithm for integrity protection. |
| | 26 | |
| | 27 | Working Group Summary |
| | 28 | |
| | 29 | This document represents the consensus of the Kerberos Working Group. |
| | 30 | |
| | 31 | Document Quality |
| | 32 | |
| | 33 | At least one major Kerberos implementor plans to include support for |
| | 34 | the encryption and checksum types described in this document. |
| | 35 | |
| | 36 | Personnel |
| | 37 | |
| | 38 | The Document Shepherd for this document is Jeffrey Hutzelman. |
| | 39 | The responsible Area Director is Stephen Farrell. |
| | 40 | |
| | 41 | (3) Briefly describe the review of this document that was performed by |
| | 42 | the Document Shepherd. If this version of the document is not ready |
| | 43 | for publication, please explain why the document is being forwarded to |
| | 44 | the IESG. |
| | 45 | |
| | 46 | I have reviewed this document, and any issues raised have been |
| | 47 | resolved to my satisfaction. I believe the document is now ready |
| | 48 | for IETF-wide review and publication as an RFC. |
| | 49 | |
| | 50 | (4) Does the document Shepherd have any concerns about the depth or |
| | 51 | breadth of the reviews that have been performed? |
| | 52 | |
| | 53 | This document is the result of an effort which involved |
| | 54 | both individuals with extensive experience with the Kerberos |
| | 55 | cryptographic framework and those who have been involved in |
| | 56 | specifying support for Camellia in other IETF protocols. |
| | 57 | It has been extensively reviewed and discussed within the |
| | 58 | working group, and all technical issues raised have been |
| | 59 | resolved. I have no concerns about the level of review |
| | 60 | this document has received. |
| | 61 | |
| | 62 | (5) Do portions of the document need review from a particular or from |
| | 63 | broader perspective, e.g., security, operational complexity, AAA, DNS, |
| | 64 | DHCP, XML, or internationalization? If so, describe the review that |
| | 65 | took place. |
| | 66 | |
| | 67 | I don't believe any particular external review is needed for this |
| | 68 | document. |
| | 69 | |
| | 70 | (6) Describe any specific concerns or issues that the Document Shepherd |
| | 71 | has with this document that the Responsible Area Director and/or the |
| | 72 | IESG should be aware of? For example, perhaps he or she is uncomfortable |
| | 73 | with certain parts of the document, or has concerns whether there really |
| | 74 | is a need for it. In any event, if the WG has discussed those issues and |
| | 75 | has indicated that it still wishes to advance the document, detail those |
| | 76 | concerns here. |
| | 77 | |
| | 78 | I have no particular concerns with this document. |
| | 79 | |
| | 80 | (7) Has each author confirmed that any and all appropriate IPR |
| | 81 | disclosures required for full conformance with the provisions of BCP 78 |
| | 82 | and BCP 79 have already been filed. If not, explain why. |
| | 83 | |
| | 84 | All authors have confirmed that any required IPR disclosures have |
| | 85 | been filed. |
| | 86 | |
| | 87 | (8) Has an IPR disclosure been filed that references this document? |
| | 88 | If so, summarize any WG discussion and conclusion regarding the IPR |
| | 89 | disclosures. |
| | 90 | |
| | 91 | I have no particular concerns about this document. NTT |
| | 92 | and Mitsubishi Electric have filed a joint IPR statement |
| | 93 | #1304, related to use of Camellia in Kerberos. Similar |
| | 94 | disclosures had been filed previously related to IPsec, |
| | 95 | TLS, S/MIME, and OpenPGP. This issue has been discussed |
| | 96 | briefly within the working group, and there were no |
| | 97 | objections to proceeding with this work once the IPR |
| | 98 | disclosure was filed. |
| | 99 | |
| | 100 | (9) How solid is the WG consensus behind this document? Does it |
| | 101 | represent the strong concurrence of a few individuals, with others |
| | 102 | being silent, or does the WG as a whole understand and agree with it? |
| | 103 | |
| | 104 | There is consensus within the working group to publish this document. |
| | 105 | |
| | 106 | (10) Has anyone threatened an appeal or otherwise indicated extreme |
| | 107 | discontent? If so, please summarise the areas of conflict in separate |
| | 108 | email messages to the Responsible Area Director. (It should be in a |
| | 109 | separate email because this questionnaire is publicly available.) |
| | 110 | |
| | 111 | There have been no expressions of discontent. |
| | 112 | |
| | 113 | (11) Identify any ID nits the Document Shepherd has found in this |
| | 114 | document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts |
| | 115 | Checklist). Boilerplate checks are not enough; this check needs to be |
| | 116 | thorough. |
| | 117 | |
| | 118 | This document has been run through the idnits tool, and was reviewed |
| | 119 | manually for compliance with requirements not checked by the automatic |
| | 120 | tool. |
| | 121 | |
| | 122 | (12) Describe how the document meets any required formal review |
| | 123 | criteria, such as the MIB Doctor, media type, and URI type reviews. |
| | 124 | |
| | 125 | No formal review criteria apply to this document. |
| | 126 | |
| | 127 | (13) Have all references within this document been identified as |
| | 128 | either normative or informative? |
| | 129 | |
| | 130 | References have been split appropriately. |
| | 131 | |
| | 132 | (14) Are there normative references to documents that are not ready for |
| | 133 | advancement or are otherwise in an unclear state? If such normative |
| | 134 | references exist, what is the plan for their completion? |
| | 135 | |
| | 136 | There are no normative references to other documents that are not |
| | 137 | ready for advancement. |
| | 138 | |
| | 139 | (15) Are there downward normative references references (see RFC 3967)? |
| | 140 | If so, list these downward references to support the Area Director in the |
| | 141 | Last Call procedure. |
| | 142 | |
| | 143 | This document contains a normative reference to RFC3713, |
| | 144 | and informational document which describes the Camellia |
| | 145 | cipher. We don't see a problem with this, even if the |
| | 146 | document is published on the standards track, as this is |
| | 147 | consistent with current practice within the IETF relating |
| | 148 | to descriptions of cryptographic algorithms. |
| | 149 | |
| | 150 | This document also contains normative references to two |
| | 151 | NIST special publications. While these are not IETF |
| | 152 | documents, we feel they are suitably stable to be used as |
| | 153 | normative references by a protocol specification. |
| | 154 | |
| | 155 | (16) Will publication of this document change the status of any |
| | 156 | existing RFCs? Are those RFCs listed on the title page header, listed |
| | 157 | in the abstract, and discussed in the introduction? If the RFCs are not |
| | 158 | listed in the Abstract and Introduction, explain why, and point to the |
| | 159 | part of the document where the relationship of this document to the |
| | 160 | other RFCs is discussed. If this information is not in the document, |
| | 161 | explain why the WG considers it unnecessary. |
| | 162 | |
| | 163 | This document does not change the status of any existing RFCs. |
| | 164 | As noted in the abstract and introduction, this document does specify |
| | 165 | new encryption and checksum types to be used within the framework |
| | 166 | defined by RFC3961. However, it does not make any changes to the |
| | 167 | framework itself, and so does not update RFC3961. |
| | 168 | |
| | 169 | (17) Describe the Document Shepherd's review of the IANA considerations |
| | 170 | section, especially with regard to its consistency with the body of the |
| | 171 | document. Confirm that all protocol extensions that the document makes |
| | 172 | are associated with the appropriate reservations in IANA registries. |
| | 173 | Confirm that any referenced IANA registries have been clearly |
| | 174 | identified. Confirm that newly created IANA registries include a |
| | 175 | detailed specification of the initial contents for the registry, that |
| | 176 | allocations procedures for future registrations are defined, and a |
| | 177 | reasonable name for the new registry has been suggested (see RFC 5226). |
| | 178 | |
| | 179 | This document defines new Kerberos encryption and checksum |
| | 180 | types, which require assignment of numbers in IANA-managed |
| | 181 | namespaces. The IANA considerations section correctly |
| | 182 | identifies the required registrations. |
| | 183 | |
| | 184 | (18) List any new IANA registries that require Expert Review for future |
| | 185 | allocations. Provide any public guidance that the IESG would find |
| | 186 | useful in selecting the IANA Experts for these new registries. |
| | 187 | |
| | 188 | This document creates no registries requiring Expert Review. |
| | 189 | |
| | 190 | (19) Describe reviews and automated checks performed by the Document |
| | 191 | Shepherd to validate sections of the document written in a formal |
| | 192 | language, such as XML code, BNF rules, MIB definitions, etc. |
| | 193 | |
| | 194 | No part of this document is written in a formal language |
| | 195 | requiring such verification. |
![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
