IETF Logo Mail Archive

Re: [abfab] comments on draft-ietf-abfab-arch

Leif Johansson <leifj@mnt.se> Wed, 18 September 2013 06:37 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3A5011E8145 for <abfab@ietfa.amsl.com>; Tue, 17 Sep 2013 23:37:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.524
X-Spam-Level:
X-Spam-Status: No, score=-3.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FJfpikvex+Mz for <abfab@ietfa.amsl.com>; Tue, 17 Sep 2013 23:37:20 -0700 (PDT)
Received: from mail-ea0-f178.google.com (mail-ea0-f178.google.com [209.85.215.178]) by ietfa.amsl.com (Postfix) with ESMTP id C743111E8180 for <abfab@ietf.org>; Tue, 17 Sep 2013 23:37:19 -0700 (PDT)
Received: by mail-ea0-f178.google.com with SMTP id a15so3240026eae.9 for <abfab@ietf.org>; Tue, 17 Sep 2013 23:37:18 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=GwjH+9tqdWhytlVUq6cDeJEb0tVDaID+EWeqLxnqulg=; b=M2hSAxi66LDsUR8wwg9oaf8rmJgWr8wT1rwQGegSnEU36HM04Mom+aLa6/UnaWQlUR /QQqaPjqV+2RDcEXMXnEi9huqvkovzcfZAwMpHAVGQfaeV9g66vSFCNiTzbRpJg5wzMk /77YbL0oZSqgQcaqZws4dEX/lRcBOZWBWQQO31jiWNCbjO8EAAvRWLcU5o2Uc57wybCE 7uFLRjYXd3Y4EAxVAV5Ug7uzw2kocemEokGutfeHgN+jI+xNrbYA+8dooiYjExdddJqi UL4RMqMxym1tX/ghqPnuj+hIxHx6HpNCJVrhVNYmhAXptZD6ENTyQ1By1Vh1GRcEK/dT mcng==
X-Gm-Message-State: ALoCoQnYMhfBAZOWRHNJYvG1/CpsWMM8YwhSw0s+jYK+A+B46OXlNNfpsXiBB6sEnOwZNUpfaKPz
X-Received: by 10.15.98.194 with SMTP id bj42mr57226851eeb.12.1379486238507; Tue, 17 Sep 2013 23:37:18 -0700 (PDT)
Received: from [109.105.104.183] (dhcp49.se-tug.nordu.net. [109.105.104.183]) by mx.google.com with ESMTPSA id h52sm140815eez.3.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 17 Sep 2013 23:37:17 -0700 (PDT)
Message-ID: <52394A1B.10805@mnt.se>
Date: Wed, 18 Sep 2013 08:37:15 +0200
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: abfab@ietf.org, Jim Schaad <ietf@augustcellars.com>
References: <5227A18B.8070007@painless-security.com> <5228DF58.3030206@sunet.se>
In-Reply-To: <5228DF58.3030206@sunet.se>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [abfab] comments on draft-ietf-abfab-arch
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2013 06:37:24 -0000

On 09/05/2013 09:45 PM, Leif Johansson wrote:
> On 09/04/2013 11:09 PM, Mark Donnelly wrote:
>> Hello all!
>>
>> I work with Sam, who asked me to read the arch draft as background to
>> implementing some software around ABFAB.
> As usual its preferable to get good reviews *before* WGLC but I guess
> we'll not stand on form.
>
> Jim - your views?


poke...
>> * Section 1.1.1 (Channel Binding) mentions "the authenticator" without
>>   referencing that anywhere earlier.  Sam tells me that is the EAP term
>>   for what ABFAB calls the RP, but that's not included in the table in
>>   section 1.1.
>> * In section 1.2, it would be nice for a break to be inserted before
>>   the ASCII art graph.
>> * Also in section 1.2, in the section about Federation, there are two
>>   almost identical sentences:
>>     The federation relationship is governed by a federation agreement.
>>     A federation is governed by a federation agreement.
>>   If these say the same thing, one should be removed.  If they say
>>   different things, then the difference is entirely unclear, and it
>>   should be explained.
>> * In section 1.4, points 8, 10, and 12 talk about the Master Session
>>   Key.  As someone new to this, the MSK was referenced here without any
>>   text suggesting why it exists.  Perhaps a forward reference to
>>   Section 4.2.2 or 5 would help, but there really doesn't seem to be a
>>   good explanation in the document.
>> * Section 3.2, in the fourth paragraph, has a sentence saying:
>>     The client and the TLS need to share a common trust point for the
>>     certificate used in validating the server.
>>   "TLS" doesn't make sense to me here at all.
>> * Later in section 3.2 there's a sentence:
>>     Even when it is checked, if the trust infrastructure behind
>>     the TLS authentication is different from the trust infrastructure
>>     behind the GSS-API mutual authentication then confirming the end-
>>     points using both trust infrastructures is likely to enhance
>>     security.
>>   The lead-in to that sentence made me expect the opposite result.  In
>>   essence, this sentence says, "Even when we do the right thing, the
>>   right thing happens."  I was expecting one of them to be the wrong
>>   thing after a lead-in of "Even when."
>> * Section 3.3, paragraph 8 contains a sentence:
>>     When Service Records (SRV) and Naming
>>     Authority Pointer (NAPTR) records are used to help find a host that
>>     provides a service, the security requirements on the referrals is
>>     going to interact with the information used in the service name.
>>   The minor quibble here is that the subject (requirements) disagrees
>>   in number with the verb (is).  My larger difficulty is that I have no
>>   idea how security requirements might interact with service name
>>   information.
>> * The next sentence:
>>     If a host name is returned from the DNS referrals, and the host
>>     name is to be validated by GS-EAP, then it makes sense that the
>>     referrals themselves should be secure.
>>   This sentence establishes the need for secure referrals, but nothing
>>   is said about how that is to be achieved.
>>   Also, the typo of "GS-EAP" should be corrected to "GSS-EAP."
>> * The last sentence of section 3.4 has a typo - 'probably' should be
>>   'probable.'
>>
>> Thanks,
>> --Mark Donnelly
>> _______________________________________________
>> abfab mailing list
>> abfab@ietf.org
>> https://www.ietf.org/mailman/listinfo/abfab
>
> _______________________________________________
> abfab mailing list
> abfab@ietf.org
> https://www.ietf.org/mailman/listinfo/abfab

v2.23.0 | Report a Bug | By Email