Document: draft-ietf-tls-deprecate-obsolete-kex Title: Deprecating Obsolete Key Exchange Methods in TLS 1.2 Reviewer: Mallory Knodel Review result: Ready with Nits I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://wiki.ietf.org/en/group/gen/GenArtFAQ>. Document: draft-ietf-tls-deprecate-obsolete-kex-?? Reviewer: Mallory Knodel Review Date: 2025-04-28 IETF LC End Date: 2025-04-28 IESG Telechat date: Not scheduled for a telechat Summary: This draft deprecates two key exchange methods and discourages use of a cipher suite for TLS. This draft is well written and straight forward. I have only minor editorial comments. Major issues: None. Minor issues: None. Nits/editorial comments: * General comment: The text of this draft is clear and presents information in an unambiguous fashion by describing the problems and solutions in an order that makes sense. * However the abstract is confusing in that all mitigations apply to TLS 1.2 and they are all key exchange methods, the split being between deprecates and discourages. So, I suggest the first sentence state, "For TLS 1.2 this document deprecates the use of key exchanges, namely Diffie-Hellman over a finite field and RSA, and it discourages the use of static elliptic curve Diffie Hellman cipher suites." * The second sentence of the document's abstract begins with "Note...", which is an unnecessary qualifier that can just be removed, starting the sentence with "These prescriptions...". * That's it! Your document is great. -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
