Re: [Ace] Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)

Mike Jones <Michael.Jones@microsoft.com> Thu, 31 October 2019 00:41 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F30FA120168; Wed, 30 Oct 2019 17:41:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c1apsM7W4lrN; Wed, 30 Oct 2019 17:41:04 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-eopbgr650131.outbound.protection.outlook.com [40.107.65.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F4AA12011A; Wed, 30 Oct 2019 17:41:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oUdAvJVyMbmXx0IENiFZg/Jo8OUpPtAnXfbHhlBpef+J1he/aGBOH/Vawk1HX7ITCf8dPsyj79P2ufppBBW4I6/ElaFykwYoz6YSshAof++/gLIchFcBJSFX08uIfCbefU55iy6EltTdDLBtzlhlMpnqm9PcnZJEJE1H6ABxzia0BSVenZB6rQoHVXphJI3zk3YrFW9P40qyHKX3Vt3bdbhfuFMcveSuZboDvqCOG0bF9KJkp+wIkF3WoQsd2JAgq5AzquRaBlI6nF9ggNhGiBaNxf35oHv/fM4hz4fHfrMwcS6hozK0teWBF0Ve3ndo4hqT9jQsW5rCZHWsaAbrQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TQ6QLfdb+R9qR4dM3OhuJc/vPY5TQzoBOOJ4qYXpA4I=; b=feX1Yh7MZi+SZejobYx66A4PcEKULpttYRzm/4wuViGw8M+UFq95upmy82jBeAaG2ENHKt7dMlu2kGU0kwUo9EKBoEkP92Cco8IeVVLPVu53QE9oakVwjQ03kGkkwsb4efJVOcYTZGpuN72KkGjJ6xkrDYZmhMUWBqy0v66M4jzgYxRTAAZ7NTsEOibhLx3gGX+1oEXfim0Rftf+wCUtambBDgp5A8kLPfhEajsDwQbdIC7DR5USFMSit94cDAS1W0bBdx79PBaP9Ri3KOI0gIREPiVCkQZ1VOe4WAi4UAjnmfstXGdP/p/ZmKNkasvMUs/GYVWsOH/EhpHseCC+Ww==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TQ6QLfdb+R9qR4dM3OhuJc/vPY5TQzoBOOJ4qYXpA4I=; b=QJ7Ko6oopnMr204Ua4ELB+Ts+5dXnXAx1J5jE8ePvwfaQY1dtCeUUasjUIU6LqzZxdCPVDWP2HAa0RpYoPacYv8AgaKn/KcQBKSP9bBPr2ccq4k+OD9GYxan2tUdvZQprl2Y420Dp3cUiaCuLOUnWCSulAjiXYGS96TKEKcacj0=
Received: from MN2PR00MB0574.namprd00.prod.outlook.com (20.178.255.147) by MN2PR00MB0478.namprd00.prod.outlook.com (20.178.241.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2442.0; Thu, 31 Oct 2019 00:41:01 +0000
Received: from MN2PR00MB0574.namprd00.prod.outlook.com ([fe80::adbb:7ec8:334:2f7]) by MN2PR00MB0574.namprd00.prod.outlook.com ([fe80::adbb:7ec8:334:2f7%9]) with mapi id 15.20.2448.000; Thu, 31 Oct 2019 00:41:01 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Adam Roach <adam@nostrum.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-ace-cwt-proof-of-possession@ietf.org" <draft-ietf-ace-cwt-proof-of-possession@ietf.org>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "rdd@cert.org" <rdd@cert.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
Thread-Index: AQHVjh8iuBIwh7C9DUuSsaSDMfSiAqdz6mcw
Date: Thu, 31 Oct 2019 00:41:00 +0000
Message-ID: <MN2PR00MB0574F445885BFFC39FEAC173F5630@MN2PR00MB0574.namprd00.prod.outlook.com>
References: <157232923891.16185.1675206642162092837.idtracker@ietfa.amsl.com>
In-Reply-To: <157232923891.16185.1675206642162092837.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=bf85945f-1413-4bfd-915b-0000c5527111; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-10-31T00:37:07Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [2001:4898:80e8:a:5a14:4e20:1624:50c8]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: e2a04d78-2d9a-4961-4c31-08d75d9b00da
x-ms-traffictypediagnostic: MN2PR00MB0478:
x-microsoft-antispam-prvs: <MN2PR00MB04784CCDEAAD746C2F738217F5630@MN2PR00MB0478.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02070414A1
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(366004)(346002)(376002)(396003)(39860400002)(189003)(13464003)(199004)(51914003)(74316002)(186003)(5660300002)(66476007)(486006)(6436002)(11346002)(446003)(14444005)(46003)(64756008)(66556008)(81166006)(4326008)(476003)(9686003)(76176011)(305945005)(6306002)(71200400001)(7696005)(6116002)(256004)(66946007)(8676002)(99286004)(81156014)(14454004)(7736002)(86362001)(478600001)(55016002)(76116006)(6506007)(53546011)(102836004)(8990500004)(71190400001)(66446008)(2906002)(10290500003)(966005)(229853002)(6246003)(25786009)(54906003)(110136005)(316002)(22452003)(52536014)(33656002)(8936002)(10090500001); DIR:OUT; SFP:1102; SCL:1; SRVR:MN2PR00MB0478; H:MN2PR00MB0574.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4UnMN1KDSzKOaIZtPDCpD+k0M0h9jZgXHSvfPMaPiWs0oC8u9/zYLnCYNQ1uJRGo6xyQcSOhGXcrMKAXSyteZUd0CoUxz6ggA9fh+ni35mQYbT/mkMEM10a9EjwQABiZYmS/4p/wulovL/HYq2b4nIMj41LMYSiCwMsVIPu7SNOZl5GAuf6iqGEQT4zKu1cEMFThoBiEBz5XoZ8FGNRUBXKCvM2HD+f3Z8ovwzBwK3cDBxos+IcHV7s+j7xqRte/tH2Gocs2sUPgECTbSaAbrbDiUtZLEX4ksxCEbBBgRSSCvWjHxDxyd6WokeB3iU0FECY2gEOa0hDt4idWQAzbUADK04RQ3BYWUywXfcj1aM5ITFaOcaWW2VQkjcYq/8+Kyo8GM0/HyqETMSowX1SdDhJG0V9EhfTVdCfcQZ6duCRwVo0afaAiA+WS8ySIOrky
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e2a04d78-2d9a-4961-4c31-08d75d9b00da
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Oct 2019 00:41:01.0055 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: e0cujuW9ZRe081rqrjVEUH222VLEwzbz0JCLJCgmWa5IsHzjeP+4nNnIuEQZFAEQ7oewckJRqo8jYx4VwxJlVQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR00MB0478
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/Ukc9XDuXjv2P5E48nIlr6mN8WsI>
Subject: Re: [Ace] Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 00:41:07 -0000

Thanks for your review, Adam.  The questionable comment syntax that you pointed out has been changed to the unsurprising representation /HMAC 256-256/ in https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-10#section-3.3.

				Best wishes,
				-- Mike

-----Original Message-----
From: Adam Roach via Datatracker <noreply@ietf.org>; 
Sent: Monday, October 28, 2019 11:07 PM
To: The IESG <iesg@ietf.org>;
Cc: draft-ietf-ace-cwt-proof-of-possession@ietf.org; ace-chairs@ietf.org; rdd@cert.org; ace@ietf.org
Subject: Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)

Adam Roach has entered the following ballot position for
draft-ietf-ace-cwt-proof-of-possession-09: No Objection

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fiesg%2Fstatement%2Fdiscuss-criteria.html&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C1c9c12805d7c4b7ed6f408d75c3641ff%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079260432123647&amp;sdata=yV4geJmqHs6nE2KEz1HxXf55xRRlGQJdLgHEeKkzxus%3D&amp;reserved=0
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-cwt-proof-of-possession%2F&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C1c9c12805d7c4b7ed6f408d75c3641ff%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079260432123647&amp;sdata=iOQpEcoj42%2FrW8qN8c38l931EGH%2BTM0qNgL1aC9aM3E%3D&amp;reserved=0



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


Thanks for the work everyone put into defining this mechanism. I have one very minor comment that the authors may wish to take into account.

ยง3.3:

>     /alg/ 3 : /HMAC256//256/ 5,

This use of "//" seems problematic, given RFC 8610's vague reservation of this sequence for some kind of "comment to end of line" designation:

   (There are currently no end-of-line comments.  If we want to add
   them, "//" sounds like a reasonable delimiter given that we already
   use slashes for comments, but we could also go, for example,
   for "#".)

Given the potential ambiguity introduced by RFC 8610, perhaps consider some other syntax here instead of "//".