Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic-tls-34.txt> NOW AVAILABLE

[rfc-editor@rfc-editor.org]

Authors,

While reviewing this document during AUTH48, please resolve 
(as necessary) the following questions, which are also in the XML 
file.

1) <!-- [rfced]  Please insert any keywords (beyond those that 
appear in the title) for use on https://www.rfc-editor.org/search. 
-->


2) <!-- [rfced] Please review the items marked "Note:" and let us know 
if any should be marked as <aside>.  Some are not clear to us, 
especially those that contain RFC 2119 keywords.  

For example:
   Note:  An endpoint MUST NOT reject a ClientHello that offers a cipher
      suite that it does not support, or it would be impossible to
      deploy a new cipher suite.  This also applies to
      TLS_AES_128_CCM_8_SHA256.

-->


3) <!-- [rfced]  We are having difficulty parsing the following sentence. 

Current:
   The same number of bytes are always sampled, but an allowance needs 
   to be made for the endpoint removing protection, which will not know 
   the length of the Packet Number field.

Perhaps:
   The same number of bytes are always sampled, but an allowance needs 
   to be made for the removal of protection by the endpoint, which 
   will not know the length of the Packet Number field. 
-->


4) <!-- [rfced]  FYI  We have updated the following cross reference to point 
to Section 9.5 (Header Protection Timing Side Channels) rather than 
9.4 (Header Protection Analysis). Please let us know if changes are 
necessary:

Current:
   Endpoints responding to an apparent key update MUST NOT generate a
   timing side-channel signal that might indicate that the Key Phase bit
   was invalid (see Section 9.5).
-->


5) <!-- [rfced]  We are having difficulty parsing the following:

Current:
   Using dummy keys will generate no variation in the
   timing signal produced by attempting to remove packet protection, and
   results in all packets with an invalid Key Phase bit being rejected.

Perhaps:
   The use of dummy keys introduces no variation in the
   timing signal, which could be altered by attempting to remove packet 
   protection, and results in all packets with an invalid Key Phase bit 
   being rejected.
-->


6) <!-- [rfced]  FYI  We have made the following edit to improve readability.
Let us know if any changes are necessary:

Original:
   QUIC extensions MUST describe how replay attacks affect their
   operation, or prohibit their use in 0-RTT.  

Current:
   QUIC extensions MUST either describe how replay attacks affect their
   operation or prohibit the use of the extension in 0-RTT.  
-->


7) <!-- [rfced]  Note that we have updated the date and URL listed for 
[AEBounds] to match the information shown at that URL.

Original:
   [AEBounds] Luykx, A. and K. Paterson, "Limits on Authenticated
              Encryption Use in TLS", 8 March 2016,
              <http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>.

Current:
   [AEBounds] Luykx, A. and K. Paterson, "Limits on Authenticated
              Encryption Use in TLS", 28 August 2017,
              <https://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>.
 -->


8) <!-- [rfced]  FYI  We have made the following update to improve 
readability. Please let us know if other changes are necessary:

Original:
   *  The number of ciphertext blocks an attacker uses in forgery
      attempts is bounded by v * l, the number of forgery attempts and
      the size of each packet (in blocks).

Current:
   *  The number of ciphertext blocks an attacker uses in forgery
      attempts is bounded by v * l, which is the number of forgery 
      attempts multiplied by the size of each packet (in blocks). 
-->


9) <!-- [rfced] Throughout the text, the following term appears to be used 
inconsistently. Please review these occurrences and let us know if/how they
may be made consistent.  

application data / Application Data / Application data

Note that RFC-to-be 9000 <draft-ietf-quic-transport> uses the lowercase 
form consistently.  
-->


Thank you.

RFC Editor


On Apr 27, 2021, at 12:27 AM, rfc-editor@rfc-editor.org wrote:

*****IMPORTANT*****

Updated 2021/04/27

RFC Author(s):
--------------

Instructions for Completing AUTH48

Your document has now entered AUTH48.  Once it has been reviewed and 
approved by you and all coauthors, it will be published as an RFC.  
If an author is no longer available, there are several remedies 
available as listed in the FAQ (https://www.rfc-editor.org/faq/).

You and you coauthors are responsible for engaging other parties 
(e.g., Contributors or Working Group) as necessary before providing 
your approval.

Planning your review 
---------------------

Please review the following aspects of your document:

*  RFC Editor questions

  Please review and resolve any questions raised by the RFC Editor 
  that have been included in the XML file as comments marked as 
  follows:

  <!-- [rfced] ... -->

  These questions will also be sent in a subsequent email.

*  Changes submitted by coauthors 

  Please ensure that you review any changes submitted by your 
  coauthors.  We assume that if you do not speak up that you 
  agree to changes submitted by your coauthors.

*  Content 

  Please review the full content of the document, as this cannot 
  change once the RFC is published. Please pay particular attention to:
  - IANA considerations updates (if applicable)
  - contact information
  - references

*  Copyright notices and legends

  Please review the copyright notice and legends as defined in
  RFC 5378 and the Trust Legal Provisions 
  (TLP – https://trustee.ietf.org/license-info/).

*  Semantic markup

  Please review the markup in the XML file to ensure that elements of  
  content are correctly tagged.  For example, ensure that <sourcecode> 
  and <artwork> are set correctly.  See details at 
  <https://xml2rfc.tools.ietf.org/xml2rfc-doc.html>.

*  Formatted output

  Please review the PDF, HTML, and TXT files to ensure that the 
  formatted output, as generated from the markup in the XML file, is 
  reasonable.  Please note that the TXT will have formatting 
  limitations compared to the PDF and HTML.


Submitting changes
------------------

To submit changes, please reply to this email with one of the following, 
using ‘REPLY ALL’ as all the parties CC’ed on this message need to see 
your changes:

An update to the provided XML file
— OR —
An explicit list of changes in this format

Section # (or indicate Global)

OLD:
old text

NEW:
new text

You do not need to reply with both an updated XML file and an explicit 
list of changes, as either form is sufficient.

We will ask a stream manager to review and approve any changes that seem
beyond editorial in nature, e.g., addition of new text, deletion of text, 
and technical changes.  Information about stream managers can be found in 
the FAQ.  Editorial changes do not require approval from a stream manager.


Approving for publication
--------------------------

To approve your RFC for publication, please reply to this email s
tating that you approve this RFC for publication.  Please use ‘REPLY ALL’
as all the parties CC’ed on this message need to see your approval.


Files 
-----

The files are available here:
  https://www.rfc-editor.org/authors/rfc9001.xml
  https://www.rfc-editor.org/authors/rfc9001.html
  https://www.rfc-editor.org/authors/rfc9001.pdf
  https://www.rfc-editor.org/authors/rfc9001.txt

Diff file of the text:
  https://www.rfc-editor.org/authors/rfc9001-diff.html

Diff of the XML: 
  https://www.rfc-editor.org/authors/rfc9001-xmldiff1.html

The following file is provided to facilitate creation of your own 
diff files of the XML.  The file is a best effort to capture v3-related format updates 
only: 
  https://www.rfc-editor.org/authors/rfc9001.form.xml


Tracking progress
-----------------

The details of the AUTH48 status of your document are here:
  https://www.rfc-editor.org/auth48/rfc9001

Please let us know if you have any questions.  

Thank you for your cooperation,

RFC Editor

--------------------------------------
RFC9001 (draft-ietf-quic-tls-34)

Title            : Using TLS to Secure QUIC
Author(s)        : M. Thomson, Ed., S. Turner, Ed.
WG Chair(s)      : Lars Eggert, Lucas Pardue, Matt Joras
Area Director(s) : Martin Duke, Zaheduzzaman Sarker