Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshlyaev-tls13-gost-suites-08> for your review
Смышляев Станислав Вита льевич <svs@cryptopro.ru> Wed, 15 February 2023 09:54 UTC
Return-Path: <svs@cryptopro.ru>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DEFAC187980; Wed, 15 Feb 2023 01:54:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cryptopro.ru
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0UE0sa2ayKxu; Wed, 15 Feb 2023 01:54:27 -0800 (PST)
Received: from mx.cryptopro.ru (mx.cryptopro.ru [193.37.157.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B499DC14CEE4; Wed, 15 Feb 2023 01:54:26 -0800 (PST)
Content-Language: ru-RU
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
DKIM-Signature: v=1; a=rsa-sha256; d=cryptopro.ru; s=mx; c=simple/simple; t=1676454804; h=from:subject:to:date:message-id; bh=9+YZEi4tuBXtr2ZTNY0Kg0JXmyf+NL/m1o8WzzLM/yw=; b=HVALznTI5bBorTIzniaTN1l33Ama/2FWWT4F1F0RLGeeid2yWHPcxiufYpAYkeudq0py9XGwTu6 pZ1WieH+BOaWeWMT5sIx7eITUMHr+lQk203kLrhTKOdjEvtuZlt4L4SP5xcoREEFTGWoDxF2tq9eH fqMQdyVo/1SPKcUOccvi5wLo0A4/l11h63blDN6Vl24+Kg5ulbIkuihBZSryjpya4QJD0qR9UPwiO 0nQHj/xpc83BvFdHF2CW7/vQzhBkAl6vRYJE86Hg3PYANJQa/gGeJ4y47H2/R76qo0LCyA/s1yRPR /ft+pzGZgtAj76SI4TJ/Y8BWeNYSSLbdq93Q==
From: Смышляев Станислав Вита льевич <svs@cryptopro.ru>
To: Sandy Ginoza <sginoza@amsl.com>
CC: RFC Editor <rfc-editor@rfc-editor.org>, Алексеев Евгений Конста нтинович <alekseev@cryptopro.ru>, "griboedova.e.s@gmail.com" <griboedova.e.s@gmail.com>, Бабуева Александра Алек сеевна <babueva@cryptopro.ru>, Никифорова Лидия Олегов на <nikiforova@cryptopro.ru>, Rfc Ise <rfc-ise@rfc-editor.org>, "auth48archive@rfc-editor.org" <auth48archive@rfc-editor.org>
Thread-Topic: AUTH48: RFC-to-be 9367 <draft-smyshlyaev-tls13-gost-suites-08> for your review
Thread-Index: AQHZOrTe4nrxZuEOdUKl2Ry6d1pPTq7E9lKwgAmYIQCAAAFAgIABQVHg
Date: Wed, 15 Feb 2023 09:53:24 +0000
Message-ID: <7b06e5f7aa864f59a6762c989dc0b988@cryptopro.ru>
References: <20230207052729.1EFAE36694@rfcpa.amsl.com> <db802a3da7c643edabdb6d8788e9b848@cryptopro.ru> <0BE5CBE1-FA3A-4159-8415-7820A0FE37DD@amsl.com> <A4627520-76CF-4D8E-A4C6-5911D687857F@amsl.com>
In-Reply-To: <A4627520-76CF-4D8E-A4C6-5911D687857F@amsl.com>
Accept-Language: ru-RU, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.84.131]
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/E61SSofscTRkqN7P9J_SCoiTApY>
Subject: Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshlyaev-tls13-gost-suites-08> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Feb 2023 09:54:32 -0000
Dear Sandy, Thanks a lot! I approve the RFC for publication. Best regards, Stanislav Smyshlyaev, Ph.D. Deputy CEO, CryptoPro LLC -----Original Message----- From: Sandy Ginoza <sginoza@amsl.com> Sent: Tuesday, February 14, 2023 8:42 PM To: Смышляев Станислав Витальевич <svs@cryptopro.ru> Cc: RFC Editor <rfc-editor@rfc-editor.org>; Алексеев Евгений Константинович <alekseev@cryptopro.ru>; griboedova.e.s@gmail.com; Бабуева Александра Алексеевна <babueva@cryptopro.ru>; Никифорова Лидия Олеговна <nikiforova@cryptopro.ru>; Rfc Ise <rfc-ise@rfc-editor.org>; auth48archive@rfc-editor.org Subject: Re: AUTH48: RFC-to-be 9367 <draft-smyshlyaev-tls13-gost-suites-08> for your review Hi again, One additional note: please ignore the updated URLs in the references for the RFC entries. This is an error with the citation library and will be reverted before publication. We have filed a bug ticket; see https://github.com/ietf-tools/bibxml-service/issues/339. Thank you, RFC Editor/sg > On Feb 14, 2023, at 9:37 AM, Sandy Ginoza <sginoza@amsl.com> wrote: > > Hi Stanislav, > > Thank you for your updated XML file and your replies to our questions. The files are available here: > > https://www.rfc-editor.org/authors/rfc9367.xml > https://www.rfc-editor.org/authors/rfc9367.txt > https://www.rfc-editor.org/authors/rfc9367.pdf > https://www.rfc-editor.org/authors/rfc9367.html > > AUTH48 diff: > https://www.rfc-editor.org/authors/rfc9367-auth48diff.html > > Comprehensive diffs: > https://www.rfc-editor.org/authors/rfc9367-diff.html > https://www.rfc-editor.org/authors/rfc9367-rfcdiff.html (side by > side) > > > Authors, please let us know if you approve the RFC for publication. We will wait to hear from you before continuing with the process. > > Thank you, > RFC Editor/sg > > > > >> On Feb 8, 2023, at 4:07 AM, Смышляев Станислав Витальевич <svs=40cryptopro.ru@dmarc.ietf.org> wrote: >> >> Dear RFC Editor Team, >> >> Thank you so much for your careful reading of the draft and your valuable comments! >> We have addressed them. >> Please find attached the updated XML file. >> >> Best regards, >> Stanislav Smyshlyaev, Ph.D. >> Deputy CEO, CryptoPro LLC >> >> >> -----Original Message----- >> From: rfc-editor@rfc-editor.org <rfc-editor@rfc-editor.org> >> Sent: Tuesday, February 7, 2023 8:27 AM >> To: Смышляев Станислав Витальевич <svs@cryptopro.ru>; Алексеев >> Евгений Константинович <alekseev@cryptopro.ru>; >> griboedova.e.s@gmail.com; Бабуева Александра Алексеевна >> <babueva@cryptopro.ru>; Никифорова Лидия Олеговна >> <nikiforova@cryptopro.ru> >> Cc: rfc-editor@rfc-editor.org; rfc-ise@rfc-editor.org; >> auth48archive@rfc-editor.org >> Subject: Re: AUTH48: RFC-to-be 9367 >> <draft-smyshlyaev-tls13-gost-suites-08> for your review >> >> Authors, >> >> While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file. >> >> 1) <!-- [rfced] Generally, authors use a single first initial with a surname in the header. Is the use of two initials intentional? If an update is necessary, please let us know the desired form. >> >> Original (from the document header): >> S.V. Smyshlyaev, Ed. >> E.K. Alekseev >> E.S. Griboedova >> A.A. Babueva >> L.O. Nikiforova >> --> >> >> >> 2) <!-- [rfced] Please review whether any of the notes in this >> document should be in the <aside> element. It is defined as "a >> container for content that is semantically less important or >> tangential to the content that surrounds it" >> (https://authors.ietf.org/en/rfcxml-vocabulary#aside). --> >> >> >> 3) <!-- [rfced] This sentence seems to be missing a verb. Would the following suggestion make the text more clear for readers? >> >> Original: >> Each cipher suite specifies a pair of a record protection algorithm (see Section 4.1) and a hash algorithm (Section 4.2). >> >> Perhaps: >> Each cipher suite specifies a pair consisting of a record protection >> algorithm (see Section 4.1) and a hash algorithm (Section 4.2). --> >> >> >> 4) <!-- [rfced] We suggest rewording this sentence for easy comprehension. >> Does the following suggestion retain your intended meaning? >> >> Original: >> In order to decrypt and verify a protected record with sequence number seqnum the algorithm takes as an input: sender_record_write_key, which is derived from sender_write_key, nonce, additional_data and the AEADEncrypted value. >> >> Perhaps: >> In order to decrypt and verify a protected record with sequence >> number seqnum, the algorithm takes sender_record_write_key as an >> input, which is derived from sender_write_key, nonce, >> additional_data, and the AEADEncrypted value. --> >> >> >> 5) <!-- [rfced] Please review the "type" attribute of each sourcecode element in the XML file to ensure correctness. If the current list of preferred values for "type" >> (https://www.rfc-editor.org/materials/sourcecode-types.txt) does not contain an applicable type, then feel free to let us know. Also, it is acceptable to leave the "type" attribute not set. >> >> In addition, we have updated the <artwork> elements in this document >> to sourcecode. Please let us know any objections. --> >> >> >> 6) <!-- [rfced] Some tables in this document do not have titles. >> Please review, and provide titles for untitled tables if desired. --> >> >> >> 7) <!-- [rfced] This sentence seems to be missing a verb. Would the >> following suggestion make the text easier to understand for readers? >> >> Original: >> Each signature scheme specifies a pair of the signature algorithm >> (see Section 5.1) and the elliptic curve (see Section 5.2). >> >> Perhaps: >> Each signature scheme specifies a pair consisting of the signature >> algorithm (see Section 5.1) and the elliptic curve (see Section 5.2). >> --> >> >> >> 8) <!-- [rfced] Table 3: Is the space before the comma in the Signature Algorithm column intentional? For example, should the following: >> >> |gostr34102012_256a|GOST R 34.10-2012 , 32-byte key length|RFC 7091| >> >> be updated as follows: >> |gostr34102012_256a|GOST R 34.10-2012, 32-byte key length|RFC 7091| >> --> >> >> >> 9) <!-- [rfced] There seems to be a missing article in this sentence. >> Would a rephrase be appropriate here? >> >> Original: >> Key exchange and authentication process in case of using the >> TLS13_GOST profile is defined in Section 6.1, Section 6.2 and Section 6.3. >> >> Perhaps: >> The key exchange and authentication process for using the TLS13_GOST >> profile is defined in Sections 6.1, 6.2, and 6.3. --> >> >> >> 10) <!-- [rfced] We have updated the usage of "which" to "that" for >> the following items in this list since they appear to be restrictive clauses. >> Please let us know any objections. >> >> Original: >> * If server authentication via a certificate is required, the >> extension_data field of the "signature_algorithms" extension MUST >> contain the values defined in Section 5, which correspond to the GOST >> R 34.10-2012 signature algorithm. >> >> * If server authentication via a certificate is required and the >> client uses optional "signature_algorithms_cert" extension, the >> extension_data field of this extension SHOULD contain the values >> defined in Section 5, which correspond to the GOST R 34.10-2012 signature algorithm. >> >> Current: >> * If server authentication via a certificate is required, the >> extension_data field of the "signature_algorithms" extension MUST >> contain the values defined in Section 5 that correspond to the GOST R >> 34.10-2012 signature algorithm. >> >> * If server authentication via a certificate is required and the >> client uses optional "signature_algorithms_cert" extension, the >> extension_data field of this extension SHOULD contain the values >> defined in Section 5 that correspond to the GOST R 34.10-2012 >> signature algorithm. --> >> >> >> 11) <!-- [rfced] Some author comments are present in the XML. Please >> confirm that no updates related to these comments are outstanding. >> Note that the comments will be deleted prior to publication. --> >> >> >> 12) <!-- [rfced] Table 6: Note that we have closed the breaks in the >> Description to avoid having multiple underscores following 256. >> However, this makes the table extend beyond the margins. May we remove the Reference column and add text that each row references this RFC? For example: >> >> IANA has added the following values to the "TLS Cipher Suites" >> registry with a reference to this RFC: >> >> +=====+=========================================+=======+===========+ >> |Value|Description |DTLS-OK|Recommended| >> +=====+=========================================+=======+===========+ >> |0xC1,|TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L|N |N | >> |0x03 | | | | >> ... >> >> >> In addiiton, IANA lists the values with no space, for example, >> 0x00,0x00, while this document includes a space after the comma. We >> do not believe any updates are required, but please review. >> --> >> >> >> 13) <!-- [rfced] We suggest rephrasing this sentence for easy comprehension. >> Does the following suggestion retain your intended meaning? In >> addition, please confirm that the reference to table 5 is correct. >> >> Original: >> Due to historical reasons in addition to the curve identifier values >> listed in Table 5 there exist some additional identifier values that >> correspond to the signature schemes as follows. >> >> Perhaps: >> In addition to the curve identifier values listed in Table 5, there >> are some additional identifier values that correspond to the >> signature schemes for historical reasons. They are as follows: --> >> >> >> 14) <!-- [rfced] Appendixes A.1.1 and A.2.1 start with the following sentence. >> We are having trouble parsing this text. Please clarify. >> >> Original: >> Test examples are given for the following order of using the >> TLS13_GOST >> profile: >> >> Perhaps A: >> Test examples are given in the following order to use the TLS13_GOST >> profile: >> >> Perhaps B: >> The following test examples are provided for using the TLS13_GOST profile: >> >> --> >> >> >> 15) <!-- [rfced] For clarity, may we update this text as follows? >> >> Original: >> 3. The server side only authentication is used. >> >> Perhaps: >> 3. Authentication is only used on the server side. >> --> >> >> >> 16) <!-- [rfced] May we update instances of "legasy_session_id" to >> use "legacy" or is the use of "legasy" intentional? >> --> >> >> >> 17) <!-- [rfced] For clarity, may we update the text as follows? >> >> Original: >> 3. The server and client sides authentication is used. >> >> Perhaps: >> 3. Authentication is used on the server and client sides. >> --> >> >> >> 18) <!-- [rfced] Throughout the text, the following terminology >> appears to be used inconsistently. Please review these occurrences >> and let us know if/how they may be made consistent. We will update >> the document to use the forms on the left if there are no objections. >> >> signature scheme vs. SignatureScheme >> hash algorithm vs. Hash algorithm --> >> >> >> 19) <!-- [rfced] Please review the "Inclusive Language" portion of >> the online Style Guide >> <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> >> and let us know if any changes are needed. Note that our script did >> not flag any words in particular, but this should still be reviewed >> as a best practice. --> >> >> >> Thank you. >> >> RFC Editor >> >> >> >> On Feb 6, 2023, at 8:48 PM, rfc-editor@rfc-editor.org wrote: >> >> *****IMPORTANT***** >> >> Updated 2023/02/06 >> >> RFC Author(s): >> -------------- >> >> Instructions for Completing AUTH48 >> >> Your document has now entered AUTH48. Once it has been reviewed and >> approved by you and all coauthors, it will be published as an RFC. >> If an author is no longer available, there are several remedies >> available as listed in the FAQ (https://www.rfc-editor.org/faq/). >> >> You and you coauthors are responsible for engaging other parties >> (e.g., Contributors or Working Group) as necessary before providing >> your approval. >> >> Planning your review >> --------------------- >> >> Please review the following aspects of your document: >> >> * RFC Editor questions >> >> Please review and resolve any questions raised by the RFC Editor >> that have been included in the XML file as comments marked as >> follows: >> >> <!-- [rfced] ... --> >> >> These questions will also be sent in a subsequent email. >> >> * Changes submitted by coauthors >> >> Please ensure that you review any changes submitted by your >> coauthors. We assume that if you do not speak up that you agree to >> changes submitted by your coauthors. >> >> * Content >> >> Please review the full content of the document, as this cannot >> change once the RFC is published. Please pay particular attention to: >> - IANA considerations updates (if applicable) >> - contact information >> - references >> >> * Copyright notices and legends >> >> Please review the copyright notice and legends as defined in RFC >> 5378 and the Trust Legal Provisions (TLP – >> https://trustee.ietf.org/license-info/). >> >> * Semantic markup >> >> Please review the markup in the XML file to ensure that elements of >> content are correctly tagged. For example, ensure that <sourcecode> >> and <artwork> are set correctly. See details at >> <https://authors.ietf.org/rfcxml-vocabulary>. >> >> * Formatted output >> >> Please review the PDF, HTML, and TXT files to ensure that the >> formatted output, as generated from the markup in the XML file, is >> reasonable. Please note that the TXT will have formatting >> limitations compared to the PDF and HTML. >> >> >> Submitting changes >> ------------------ >> >> To submit changes, please reply to this email using ‘REPLY ALL’ as >> all the parties CCed on this message need to see your changes. The >> parties >> include: >> >> * your coauthors >> >> * rfc-editor@rfc-editor.org (the RPC team) >> >> * other document participants, depending on the stream (e.g., >> IETF Stream participants are your working group chairs, the >> responsible ADs, and the document shepherd). >> >> * auth48archive@rfc-editor.org, which is a new archival mailing list >> to preserve AUTH48 conversations; it is not an active discussion >> list: >> >> * More info: >> >> https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USx >> IAe6P8O4Zc >> >> * The archive itself: >> https://mailarchive.ietf.org/arch/browse/auth48archive/ >> >> * Note: If only absolutely necessary, you may temporarily opt out >> of the archiving of messages (e.g., to discuss a sensitive matter). >> If needed, please add a note at the top of the message that you >> have dropped the address. When the discussion is concluded, >> auth48archive@rfc-editor.org will be re-added to the CC list and >> its addition will be noted at the top of the message. >> >> You may submit your changes in one of two ways: >> >> An update to the provided XML file >> — OR — >> An explicit list of changes in this format >> >> Section # (or indicate Global) >> >> OLD: >> old text >> >> NEW: >> new text >> >> You do not need to reply with both an updated XML file and an >> explicit list of changes, as either form is sufficient. >> >> We will ask a stream manager to review and approve any changes that >> seem beyond editorial in nature, e.g., addition of new text, deletion >> of text, and technical changes. Information about stream managers >> can be found in the FAQ. Editorial changes do not require approval from a stream manager. >> >> >> Approving for publication >> -------------------------- >> >> To approve your RFC for publication, please reply to this email >> stating that you approve this RFC for publication. Please use ‘REPLY >> ALL’, as all the parties CCed on this message need to see your approval. >> >> >> Files >> ----- >> >> The files are available here: >> https://www.rfc-editor.org/authors/rfc9367.xml >> https://www.rfc-editor.org/authors/rfc9367.html >> https://www.rfc-editor.org/authors/rfc9367.pdf >> https://www.rfc-editor.org/authors/rfc9367.txt >> >> Diff file of the text: >> https://www.rfc-editor.org/authors/rfc9367-diff.html >> https://www.rfc-editor.org/authors/rfc9367-rfcdiff.html (side by >> side) >> >> Diff of the XML: >> https://www.rfc-editor.org/authors/rfc9367-xmldiff1.html >> >> The following files are provided to facilitate creation of your own >> diff files of the XML. >> >> Initial XMLv3 created using XMLv2 as input: >> https://www.rfc-editor.org/authors/rfc9367.original.v2v3.xml >> >> XMLv3 file that is a best effort to capture v3-related format updates >> only: >> https://www.rfc-editor.org/authors/rfc9367.form.xml >> >> >> Tracking progress >> ----------------- >> >> The details of the AUTH48 status of your document are here: >> https://www.rfc-editor.org/auth48/rfc9367 >> >> Please let us know if you have any questions. >> >> Thank you for your cooperation, >> >> RFC Editor >> >> -------------------------------------- >> RFC9367 (draft-smyshlyaev-tls13-gost-suites-08) >> >> Title : GOST Cipher Suites for Transport Layer Security (TLS) Protocol Version 1.3 >> Author(s) : S. Smyshlyaev, Ed., E. Alekseev, E. Griboedova, A. Babueva, L. Nikiforova >> WG Chair(s) : >> Area Director(s) : >> >> >> >> <rfc9367.xml> >
- [auth48] AUTH48: RFC-to-be 9367 <draft-smyshlyaev… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Никифорова Лидия Олегов на
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Смышляев Станислав Вита льевич
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Никифорова Лидия Олегов на
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Бабуева Александра Алек сеевна
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Смышляев Станислав Вита льевич
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Алексеев Евгений Конста нтинович
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9367 <draft-smyshl… Смышляев Станислав Вита льевич