Re: [Ace] Warren Kumari's No Objection on draft-ietf-ace-key-groupcomm-17: (with COMMENT)
Warren Kumari <warren@kumari.net> Mon, 18 December 2023 18:02 UTC
Return-Path: <warren@kumari.net>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89D8AC14F685 for <ace@ietfa.amsl.com>; Mon, 18 Dec 2023 10:02:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ql-vH_qJk7mX for <ace@ietfa.amsl.com>; Mon, 18 Dec 2023 10:02:38 -0800 (PST)
Received: from mail-qt1-x833.google.com (mail-qt1-x833.google.com [IPv6:2607:f8b0:4864:20::833]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D5E7C14F616 for <ace@ietf.org>; Mon, 18 Dec 2023 10:02:37 -0800 (PST)
Received: by mail-qt1-x833.google.com with SMTP id d75a77b69052e-425a2b4df7bso35059431cf.0 for <ace@ietf.org>; Mon, 18 Dec 2023 10:02:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari.net; s=google; t=1702922557; x=1703527357; darn=ietf.org; h=cc:to:subject:message-id:date:in-reply-to:from:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=L1WoRrlwIWqCrtxHXljskS1BVJ4f/hyt2uSy5WqQ3Hc=; b=ECwaEHJlhpRoX+duYe36dwyZWA+dQPrvGd/BhVzWt7cmbg8vyyNkRngYfh/l6d/e+l 9mY9CW9+59MohO43FTvvIMe6JXVtF24P7BeB2JcQWFSbIOfsqqncr/O5xw8UCh2JIlPt 5FRrPW2l9nWFdasGDg+ec75LYBW5do2qZV4pM8oPjOWwfh7SdVCq4HjU5Ceqtuewvn1U jsqAwsywpUsv6ulZth9FKcgRoabwZD/TKQZQ4jTLo0f9XWWDNhTvLQU8rV1Oxy6DL43y ecUoKNVT/lVMx4MxlernNdABBuhzZeyQmFh5qpz/X2Ocl4FNMFVDSkqYPWILLn5dWrlt H/8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702922557; x=1703527357; h=cc:to:subject:message-id:date:in-reply-to:from:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=L1WoRrlwIWqCrtxHXljskS1BVJ4f/hyt2uSy5WqQ3Hc=; b=CSXQXzBfzi7v/VRQteHOgvhvdDxnpP0HERic9BJ67T6aRMoN1iE5RXTx6xuAN+FtPT gLUaDx1xVu6r70iYI/uN7Ww8+qE7n/hnzHFb2JPx6oNAB7T+hNmSf9Pem7d5zbJeEkzd /7mwb8BSA6OSIz2smtbXCebg0Qb7Or9nv/4lkPNgfIOZcMF52SWf6YzxjXkfNxggdkAC ODWoDrfSXKUYls+Lyp9os+WbK79UME1Qy4RPeTfEWXQCUANz3k1ztzfzIRYcBgDlbrHj gjuSkdvZ7FqvgDLPzxGTaar/8OWDTlxPWQjBy0fPFRvYFMPqf1WBRHCaphQqKb++9Yzk 94dA==
X-Gm-Message-State: AOJu0Yw9E8x5EWJT8z8WbhGSctq5v+ZNfpm+yZwrjcLmVRpA1UwNIXlE q1oeECALMdAKQJBo5rBzJ0a9p86yUrVT3Hvz0h6laQ==
X-Google-Smtp-Source: AGHT+IFxlLzgknUg6lhdehHlU0faQM79WT6gHVZpQbDw5mFiuWPfQcdkBrFFDVmbnt06H6HCivfth5+gq19r292XBfc=
X-Received: by 2002:ac8:7f48:0:b0:425:9e49:6f84 with SMTP id g8-20020ac87f48000000b004259e496f84mr23473819qtk.122.1702922556743; Mon, 18 Dec 2023 10:02:36 -0800 (PST)
Received: from 649336022844 named unknown by gmailapi.google.com with HTTPREST; Mon, 18 Dec 2023 10:02:36 -0800
Mime-Version: 1.0
References: <170128766702.2854.10197854210438647153@ietfa.amsl.com> <080bb7a1-3ce2-4f10-b045-2420983a4a78@ri.se>
From: Warren Kumari <warren@kumari.net>
X-Mailer: Superhuman Desktop (2023-12-15T20:06:54Z)
X-Superhuman-ID: lqb83xde.d03d2602-73eb-4856-9058-41670c2fed26
X-Superhuman-Draft-ID: draft0021355a97b01594
In-Reply-To: <080bb7a1-3ce2-4f10-b045-2420983a4a78@ri.se>
Date: Mon, 18 Dec 2023 10:02:36 -0800
Message-ID: <CAHw9_iL6DeUVz-ZSjm01PVu=_bJNFn2Y6j18Y2pMfDyH80MvEQ@mail.gmail.com>
To: Marco Tiloca <marco.tiloca@ri.se>
Cc: The IESG <iesg@ietf.org>, draft-ietf-ace-key-groupcomm@ietf.org, ace-chairs@ietf.org, ace@ietf.org, mglt.ietf@gmail.com, Francesca Palombini <francesca.palombini@ericsson.com>
Content-Type: multipart/alternative; boundary="000000000000133737060ccc8e9e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/jvXjeT4ZS7n_O5KnORKHmTHU-_4>
Subject: Re: [Ace] Warren Kumari's No Objection on draft-ietf-ace-key-groupcomm-17: (with COMMENT)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Dec 2023 18:02:42 -0000
On Fri, Dec 15, 2023 at 12:22 PM, Marco Tiloca <marco.tiloca@ri.se> wrote: > Hello Warren, > > Thanks a lot for your review! Please find in line below our detailed > replies to your comments. > > A Github PR where we have addressed your comments is available at [PR]. > Awesome, thank you. All looks good to me! W > Unless any concern is raised, we plan to soon merge this PR (and the other > ones related to other received reviews), and to submit the result as > version -18 of the document. > > Thanks, > /Marco > > [PR] https://github.com/ace-wg/ace-key-groupcomm/pull/165 > > On 2023-11-29 20:54, Warren Kumari via Datatracker wrote: > > Warren Kumari has entered the following ballot position for > draft-ietf-ace-key-groupcomm-17: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot-positions%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C4c1aa823359841f0231308dbf114ffad%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638368844728564431%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=glipPpF8qR4XdpmB2pNm5hBOYLOPxph4lOpOlbMHdV0%3D&reserved=0 > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here:https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-ace-key-groupcomm%2F&data=05%7C01%7Cmarco.tiloca%40ri.se%7C4c1aa823359841f0231308dbf114ffad%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638368844728570855%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xAxbw8qHY2nryW00RMHAW7ZpYqntdyEE96nqN%2FKBVWw%3D&reserved=0 > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you for writing this document - I found it both useful, and an easy read. > > I do have a nit / readability suggestion: > > "New keying material is generated and distributed to the group upon > membership changes (rekeying), if the application requires backward > security (i.e., new group members must be prevented from accessing > communications in the group prior to their joining) and forward > security (i.e., former group members must be prevented from > accessing communications in the group after their leaving)." > > I found this wording confusing - I think that it is the comma after "upon > membership changes (rekeying)". This initially sounds like "new keys are > generated on every membership change. If the application requires backward > security then [something else / something additional". I *think* that just > dropping the comma fixes it... > > > ==>MT > > We have rephrased the paragraph as follows. > > OLD > > New keying material is generated and distributed to the group upon > membership changes (rekeying), if the application requires backward > security (i.e., new group members must be prevented from accessing > communications in the group prior to their joining) and forward security > (i.e., former group members must be prevented from accessing communications > in the group after their leaving). > > NEW > > New keying material is intended to be generated and distributed to the > group upon membership changes (rekeying). If the application requires > backward security (i.e., new group members must be prevented from accessing > communications in the group prior to their joining), then a rekeying has to > occur every time new members join the group. If the application requires > forward security (i.e., former group members must be prevented from > accessing communications in the group after their leaving), then a rekeying > has to occur every time current members leave the group or are evicted from > the group. > > <== > > You also have a typo: "It is REQUIRED of application profiles of this > specificaton to" - specification. > > > ==>MT > > Yes, fixed in a previous editorial PR at https://github.com/ace-wg/ > ace-key-groupcomm/pull/156/files > > <== > > > > -- > Marco Tiloca > Ph.D., Senior Researcher > > Phone: +46 (0)70 60 46 501 > > RISE Research Institutes of Sweden AB > Box 1263 > 164 29 Kista (Sweden) > > Division: Digital Systems > Department: Computer Science > Unit: Cybersecurity > https://www.ri.se > >
- [Ace] Warren Kumari's No Objection on draft-ietf-… Warren Kumari via Datatracker
- Re: [Ace] Warren Kumari's No Objection on draft-i… Marco Tiloca
- Re: [Ace] Warren Kumari's No Objection on draft-i… Warren Kumari