Re: [Ace] Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)

Adam Roach <adam@nostrum.com> Thu, 31 October 2019 01:15 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1917912006D; Wed, 30 Oct 2019 18:15:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.679
X-Spam-Level:
X-Spam-Status: No, score=-1.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VAaGaKnHdWCv; Wed, 30 Oct 2019 18:15:04 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BED4712006B; Wed, 30 Oct 2019 18:15:04 -0700 (PDT)
Received: from Svantevit.local (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x9V1Et7R006892 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 30 Oct 2019 20:14:58 -0500 (CDT) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1572484501; bh=DFrdzLl2w6qPc9Erw235IdX1OYNd+nc4fwgHhG0rvsQ=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=OfMEYB78+haGZA1jWylTW6m19G6O+X+Xx+dKVt1z90JMuToPaoAF4tL8d45XLtNM+ MLAE6TAiZHRi62nHrvXIFN6GqtcAP8kehEvwj1GGPyEKcUyATuBMfzhGHtQgb+2/Ma LfriczTX0331DZOsYgwjfibUaEhbEs/5fB7UZeNA=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be Svantevit.local
To: Mike Jones <Michael.Jones@microsoft.com>, The IESG <iesg@ietf.org>
Cc: "draft-ietf-ace-cwt-proof-of-possession@ietf.org" <draft-ietf-ace-cwt-proof-of-possession@ietf.org>, "ace-chairs@ietf.org" <ace-chairs@ietf.org>, "rdd@cert.org" <rdd@cert.org>, "ace@ietf.org" <ace@ietf.org>
References: <157232923891.16185.1675206642162092837.idtracker@ietfa.amsl.com> <MN2PR00MB0574F445885BFFC39FEAC173F5630@MN2PR00MB0574.namprd00.prod.outlook.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <58b3c920-2358-b0ce-8945-c3f72822649a@nostrum.com>
Date: Wed, 30 Oct 2019 20:14:50 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <MN2PR00MB0574F445885BFFC39FEAC173F5630@MN2PR00MB0574.namprd00.prod.outlook.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/biLKzn3nrSJXtvvz6l5c8gGtukw>
Subject: Re: [Ace] Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Oct 2019 01:15:06 -0000

Thanks! Looks good to me.

/a

On 10/30/19 7:41 PM, Mike Jones wrote:
> Thanks for your review, Adam.  The questionable comment syntax that you pointed out has been changed to the unsurprising representation /HMAC 256-256/ in https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-10#section-3.3.
>
> 				Best wishes,
> 				-- Mike
>
> -----Original Message-----
> From: Adam Roach via Datatracker <noreply@ietf.org>;
> Sent: Monday, October 28, 2019 11:07 PM
> To: The IESG <iesg@ietf.org>;
> Cc: draft-ietf-ace-cwt-proof-of-possession@ietf.org; ace-chairs@ietf.org; rdd@cert.org; ace@ietf.org
> Subject: Adam Roach's No Objection on draft-ietf-ace-cwt-proof-of-possession-09: (with COMMENT)
>
> Adam Roach has entered the following ballot position for
> draft-ietf-ace-cwt-proof-of-possession-09: No Objection
>
> When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)
>
>
> Please refer to https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fiesg%2Fstatement%2Fdiscuss-criteria.html&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C1c9c12805d7c4b7ed6f408d75c3641ff%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079260432123647&amp;sdata=yV4geJmqHs6nE2KEz1HxXf55xRRlGQJdLgHEeKkzxus%3D&amp;reserved=0
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-cwt-proof-of-possession%2F&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C1c9c12805d7c4b7ed6f408d75c3641ff%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637079260432123647&amp;sdata=iOQpEcoj42%2FrW8qN8c38l931EGH%2BTM0qNgL1aC9aM3E%3D&amp;reserved=0
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
>
> Thanks for the work everyone put into defining this mechanism. I have one very minor comment that the authors may wish to take into account.
>
> ยง3.3:
>
>>      /alg/ 3 : /HMAC256//256/ 5,
> This use of "//" seems problematic, given RFC 8610's vague reservation of this sequence for some kind of "comment to end of line" designation:
>
>     (There are currently no end-of-line comments.  If we want to add
>     them, "//" sounds like a reasonable delimiter given that we already
>     use slashes for comments, but we could also go, for example,
>     for "#".)
>
> Given the potential ambiguity introduced by RFC 8610, perhaps consider some other syntax here instead of "//".
>
>