IETF Logo Mail Archive

Re: [Ace] Secdir last call review of draft-ietf-ace-wg-coap-eap-09

Dan Garcia Carrillo <garciadan@uniovi.es> Thu, 25 January 2024 13:32 UTC

Return-Path: <garciadan@uniovi.es>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B2AFC14F69A; Thu, 25 Jan 2024 05:32:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=unioviedo.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sNtRijJcvVBA; Thu, 25 Jan 2024 05:32:23 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2088.outbound.protection.outlook.com [40.107.20.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58DE5C14F69E; Thu, 25 Jan 2024 05:32:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BujtN2FeWi8u8gQnA4M2cKW4Y27/h0kggVNfY8ADzdAdg5fzSm78BPSSk0wdu7xqx6uQeMopyhvc6G3vhjrszs2seRPp74Txqe6vOmgvy0qtQklLXT9ma1Zdn66RKXpqFEEFU+7ZaP7EnU8MHNosUOSOUWt0sVHxdifDvP+v8mDmvLFaWp5oDY/SlHD2+f+aBfntBnqWao4Noqhy3NRDYt/I1J8P/bOHp2ZraaMiQH05nkl7o559alECurmyLGFrAugAWa4lAEVl59IdQCzvNUTvM/DeUuKLHWU9pkx+Ni15QGqYriAa86mF8JxNcokUpKh2b2OkhffOZrh/OZprBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=SeUUwreRUvHGak1tVkqGv5+t2k8NgNAIT9XP6rkt+qQ=; b=MPKrQqCtJt+sksKDLoYvVdlWDq4A6Iqvj3whh04hEgiL7gd+Oh3nSnU8C3SvWcDnBEzINyaUVwf8Wngfi/HG21QNQmqOa9fg7wC/RfaAFILAJKOvewDfFMnR8blp3WQGa+2tCEavWy5G0fW/w9yTzyzm09SZPFKmQXeLehKFHA+Ajmo2JI+7b9Gv94FIt8wbpIIarJ2mD0xDZVilGP75Od4Rc+7J6aJgPEaHT2kjpxignWP1ypSwEYiWbpvmo/O20LrbhzceAD4vV2PBmv1rAA8qcMbRxKJAhnkL1WoTSQnAVaAv3Pwhdu7fBT83CT2Bk7fK8qGNst/VjC71Da7E0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uniovi.es; dmarc=pass action=none header.from=uniovi.es; dkim=pass header.d=uniovi.es; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unioviedo.onmicrosoft.com; s=selector2-unioviedo-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SeUUwreRUvHGak1tVkqGv5+t2k8NgNAIT9XP6rkt+qQ=; b=LI7oE03i7XJtAPJLcEXKYmMivT36k3U2iuSVlVR8zb5bxTE8vVVpI/6xzJTl/3x0/HzHBAWrPMYkmvUsMVFYDZYWt50Noj23Muns/eiT9gg1wzz8mXR2G5/Bd+eGaSTKhQ4H7kCfMd9FqVptkQ5A8ZrTjLhgFoKQBYTACbEYscg=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uniovi.es;
Received: from AS4PR08MB8093.eurprd08.prod.outlook.com (2603:10a6:20b:588::18) by PAXPR08MB7419.eurprd08.prod.outlook.com (2603:10a6:102:2ba::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22; Thu, 25 Jan 2024 13:32:18 +0000
Received: from AS4PR08MB8093.eurprd08.prod.outlook.com ([fe80::6790:fd23:1f81:c189]) by AS4PR08MB8093.eurprd08.prod.outlook.com ([fe80::6790:fd23:1f81:c189%6]) with mapi id 15.20.7228.026; Thu, 25 Jan 2024 13:32:18 +0000
Content-Type: multipart/alternative; boundary="------------93bTHFdFRG7Tntr0beFBYbFV"
Message-ID: <a8a49723-f083-408b-90a1-1876c024b15e@uniovi.es>
Date: Thu, 25 Jan 2024 14:32:16 +0100
User-Agent: Mozilla Thunderbird
Reply-To: garciadan@uniovi.es
Cc: garciadan@uniovi.es, secdir@ietf.org, ace@ietf.org, draft-ietf-ace-wg-coap-eap.all@ietf.org, last-call@ietf.org
Content-Language: en-GB
To: Deb Cooley <debcooley1@gmail.com>
References: <170601163753.46347.3725201997179804291@ietfa.amsl.com> <44875647-3537-430e-8e07-001ed61e7540@uniovi.es> <CAGgd1Oe9uZZs0wx=1zRGve5u+ttN+vui2X_B1Dt5RyUmB+GRjg@mail.gmail.com>
From: Dan Garcia Carrillo <garciadan@uniovi.es>
Organization: Universidad de Oviedo
In-Reply-To: <CAGgd1Oe9uZZs0wx=1zRGve5u+ttN+vui2X_B1Dt5RyUmB+GRjg@mail.gmail.com>
X-ClientProxiedBy: PA7P264CA0177.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:36f::14) To AS4PR08MB8093.eurprd08.prod.outlook.com (2603:10a6:20b:588::18)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: AS4PR08MB8093:EE_|PAXPR08MB7419:EE_
X-MS-Office365-Filtering-Correlation-Id: ff86bd37-645c-4677-45b5-08dc1daa0d5c
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: VoBbtuQqszubvmId3tbAJnw4Nhp9yPkiBEGvN0MqYLsWtTkWF0WmIoAoZsnTM0KV6QJLnYQDVgId0jqTrmFWZ1UJoaKndpxLSGo6PLru93igR/vzmViLiTkZHRUHZBFqn5wnx2tKBkWby4kZX/90MpUksOi9+vNS4oznmuqvMsCTIAQm4n4WnU8DfdiCEOllq/STA2BMlh6+y0Bu9hGfx+O2UNEmVb/OaKQ4GihpDVzYN7b3AzxRIK/2Ut44bO0P6ctyX3bTVTsDctEaKhJZA0eWkwf0MPEdY8ROz9CHJ5iSHtRHzGqqlDWkokO28fQazab3P2vmikmMQN0RSSXZ4q92BMxuF+OL3JM05Tvy5CbwjqEbQeAuqURJ/KWNLylsEr7TG4FKREZGC121YadUzcF5C4HiOLFfo/mEdFx3DbLODjLG7E2AAsloO18QsyDQr8Wj/aAOdEdWtjMeGD7omujzQGD2EhcCUl9IrdAyX+wWOgnza5QmDELrs3V8fxJ0VazOSXdqEdv40F6V1P+kPoEYO83ccYaYQ8xWkl8uXaLM9CzjWRA0SfbFAcLM/OAzx9sPqUmA+0nbad8CihBYy6swn5nlINJX0wQriFvzpaSRdYBxrp81MAhbC508bz8s2JRct4W48qxCHDeGJaav0g==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS4PR08MB8093.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(376002)(346002)(39860400002)(136003)(396003)(230922051799003)(186009)(1800799012)(451199024)(64100799003)(31686004)(786003)(66946007)(66556008)(66476007)(6916009)(5660300002)(316002)(8936002)(4326008)(3450700001)(2616005)(8676002)(26005)(2906002)(83380400001)(6512007)(36916002)(86362001)(478600001)(41300700001)(33964004)(36756003)(53546011)(6506007)(31696002)(6486002)(38100700002)(45980500001)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: uTAcegg0dN+XAhrqUZnkB9xfz/L+gCmtF1UTr84HYL17BfCpRUXMiWHHBbqztUGf7wRM0/nv9WURhwSjSQ+J8sfqQA/YTGlchbmYlxnHiQGnaVOLcSSvmeYRi69+OGMN5O6kn8w++pmkcqTb407vClQ7iCVtVfNUuzhAQJxh+SfqW96bre2MDdmIc5naeauCu0azHyP2EmZQ6kBHI7Iv1amQbqiol4q2IG5QioIC/gGXewv1QZi/cHLrLGnmZD9N6DnUzMwLaESbCUKM4xhm+8/YmdtW0CGvdZ+DQFSq+RT4trgriDLmbhG5usH7VZ6jIS6zI383RCscWFglgNgiJ5ciMEOmQeG9qV/HAPjR1HgO44TQ7qbYwvud3l0uxsc7rVHZCjnoNWBYlXlRO5lqJQFn6cGYkJh7wKuV+FKZYk6h5AVkI796VIrHv92G3kOwFBaLr96R7rG/tcSGJ3z4+a8LPVkSYckH9XtI2+lglcsAqvtLC54/ig2gF7mMU0+TWpi0RTGaHGQKVNKgfQzqwetNA127DB2qCw4iJhFVgMey5GviEsgktJ87hCSIAlUK0a+5gZjUgPVCEq1bxGY85XMfM7cK6QS5cS6DrwgcfcQFaaQJrVT16Wvn5UxYG5IsHWF4skFqtVWd+XEETdZQ/LVH8D4vaUX697obwlkou6IsaYWojaBJJggIBr6C05DYCkUwIaIbjJEJlj1WVB8+I69YC4FwudfDAped9j6d4XbmqaWZlo9tPqxxwmQLJUL/yNhgeNMFdmT+C7oMc8ZEa+Y45cGkZuEAV+YMXANBXvvrj3WmbKzYOYYzhStNEdV1JZYY3spLfroq0Ld0JQ68zY0HFqQ1m9YzFC8V9D6Sp9ZT5L2Mk4lbNmzRVkj87RlmIcEV9pt8XJfhObJFXnUarPF5hhngLdPtgrKxo4wRYcpwa0Rw8Dr0ySd9a3eB1vkI1ZlJ+Q6CfWSRXjLPpHMispViyjx3cgGFN8Ii0T3zNUXBiZVC27+0oHY6l8y16IIlQnLKS/WEgmVRfYdg70g5poRg88Lg9RXqjfbHghesqCIasrofF6XpNVq0BxmAAcfUYbOP8/L0zt7sDCX6WvCFhaYCAXFMVGleTgzYQu7XWOe5JLO0p7YaLMGKUOYgaERqRMh489MknDhCcY1V70/dyq3UyY7rKwiqYN2l0uJG0gc9b6AOtpvk8qS4eYLLtTjzlR+2sWB9erTVsl9mY3om1OVLIzMHuyQCxGvn2xhjFM38JFYQ4NKR67oQu3bLc/2Jfl6i2opR/Zx91XmotD3rzZyDTYJRRbahD32WsynXEzU/DlJNw1CuDGbXd914dJjRruHnPGF6Gc8Vp336DTj4foTbnqLRCzusD/aETVsEjoBKvmw6Fw17hLThjq4fNRMsf3Q7xcBd6eYD2+RYpNLiRIlm6krycsbbtN+xy2kU6/iL34iVFrnh+qGts9Clcq2adgSs57VYdPeluKMAMIPgpMkwXP9kQBHLpo7pC7P1FN9qB8wzW+vWSKZYG9LDDc6NWPhtsXwEL6iqbDCDG7yQUo3WadnFIL8meezOHZdb6HiVc0kubovsvF0Dm68ExyNM
X-OriginatorOrg: uniovi.es
X-MS-Exchange-CrossTenant-Network-Message-Id: ff86bd37-645c-4677-45b5-08dc1daa0d5c
X-MS-Exchange-CrossTenant-AuthSource: AS4PR08MB8093.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jan 2024 13:32:18.6315 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 05ea74a3-92c5-4c31-978a-925c3c799cd0
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: tJ2dVAEFhLFCcnnfKmYOhvTzoLFW9IjonUAyu+Sv5CPtvxUBHBXEo/wGV2r78YnxwxhCxf/N9K95zeCxKCcS7w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR08MB7419
X-MS-Exchange-CrossPremises-AuthSource: AS4PR08MB8093.eurprd08.prod.outlook.com
X-MS-Exchange-CrossPremises-AuthAs: Internal
X-MS-Exchange-CrossPremises-AuthMechanism: 14
X-MS-Exchange-CrossPremises-Mapi-Admin-Submission:
X-MS-Exchange-CrossPremises-MessageSource: StoreDriver
X-MS-Exchange-CrossPremises-BCC:
X-MS-Exchange-CrossPremises-OriginalClientIPAddress: 156.35.171.42
X-MS-Exchange-CrossPremises-TransportTrafficType: Email
X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:NSPM; SKIP:0;
X-MS-Exchange-CrossPremises-SCL: 1
X-MS-Exchange-CrossPremises-Processed-By-Journaling: Journal Agent
X-OrganizationHeadersPreserved: PAXPR08MB7419.eurprd08.prod.outlook.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/IGhxNPmlZRodSs0rey1-lgjDtWg>
Subject: Re: [Ace] Secdir last call review of draft-ietf-ace-wg-coap-eap-09
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jan 2024 13:32:28 -0000

Great, thank you.

Best regards.


El 25/1/24 a las 14:26, Deb Cooley escribió:
> My 5.1 comment:  I skimmed RFC 4017 and it seems sufficient.  I also 
> looked to see if EAP methods include it as a reference (and many of 
> them do).  It is my opinion that w/ the addition of a reference and 
> some clarifying text will allow you to claim that the MSK is a 'strong 
> cryptographic key', and therefore ok to use the HKDF KDF Expand directly.
>
> I apologize for not catching this in the early review!
>
> Deb
>
> On Thu, Jan 25, 2024 at 5:46 AM Dan Garcia Carrillo 
> <garciadan@uniovi.es> wrote:
>
>     Dear Deb,
>
>     Thank you for the update on the review.
>
>     Please let us comment inline.
>
>     El 23/1/24 a las 13:07, Deb Cooley via Datatracker escribió:
>>     Reviewer: Deb Cooley
>>     Review result: Has Nits
>>
>>     I have reviewed this document as part of the security directorate's
>>     ongoing effort to review all IETF documents being processed by the
>>     IESG.  These comments were written primarily for the benefit of the
>>     security area directors.  Document editors and WG chairs should treat
>>     these comments just like any other last call comments.
>>
>>     Document: draft-ietf-ace-wg-coap-eap-09
>>     Reviewer: Deb Cooley
>>     Review Date: 2024-01-23
>>
>>     The summary of the review is 'Has Nits'.
>>
>>     0.  All of my early review comments have been addressed.  TY
>     Great, thank you.
>>     1.  Section 5.1, last paragraph:  The MSK can be assumed to be 'fresh key
>>     material', but do all EAP methods yield 'strong cryptographic key' by Section
>>     3.3 of RFC 5869?  If some EAP methods do not yield strong keys, then either the
>>     KDF Extract should be used, or those methods should not be allowed.  (I did not
>>     look this up, so telling me that you all checked is a fine answer)
>
>     This is a very good point.
>
>     In this sense, we limit the applicability of EAP methods to the
>     ones compliant with the mandatory requirements of RFC4017. We will
>     add  this clarification to the text.
>
>     Regarding the use of Extract, as it says in RFC5869, if we
>     understand that the MSK is cryptographically strong by the
>     requirements of RFC4017, we can directly use expand.
>
>       
>
>     RFC5869
>
>     In some applications, the input key material IKM may already be
>
>     present as a cryptographically strong key (for example, the premaster
>
>     secret in TLS RSA cipher suites would be a pseudorandom string,
>
>     except for the first two octets).In this case, one can skip the
>
>     extract part and use IKM directly to key HMAC in the expand step.
>
>
>     That said, we do not see any inconvenient, far from it, that in
>     addition to the requisites of RFC4017 for EAP methods to be used,
>     to use extract as well for the case of CoAP-EAP to create a
>     specific key.
>
>     Do you think this is an adequate approximation, o could we leave
>     it as it currently is with these clarifications?
>
>     Using extract would change the design a bit, and we would have to
>     define the new process, selecting the salt (e.g., a transcript
>     hash of the exchange up to that point to generate a PRK). We
>     understand that this would delay the process further and maybe we
>     will be doing something unnecessary.
>
>     What do you think?
>
>
>>     2.  Section 5.2:  It would be useful to have an actual example of the info part
>>     of the KDF. How is CS constructed - spaces, commas? Are there spaces between CS
>>     and the string?
>>
>     We will add an example of this.
>
>     Thank you.
>
>     Best regards.
>

v2.23.0 | Report a Bug | By Email