Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic-tls-34.txt> NOW AVAILABLE
rfc-editor@rfc-editor.org Tue, 27 April 2021 07:41 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: c430@rfc-editor.org
Delivered-To: c430@rfc-editor.org
Received: by rfc-editor.org (Postfix, from userid 30) id B07ADF40797; Tue, 27 Apr 2021 00:41:49 -0700 (PDT)
To: mt@lowentropy.net, sean@sn3rd.com
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, lars@eggert.org, lucaspardue.24.7@gmail.com, matt.joras@gmail.com, martin.h.duke@gmail.com, Zaheduzzaman.Sarker@ericsson.com, mnot@mnot.net, c430@rfc-editor.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20210427074149.B07ADF40797@rfc-editor.org>
Date: Tue, 27 Apr 2021 00:41:49 -0700
Subject: Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic-tls-34.txt> NOW AVAILABLE
X-BeenThere: c430@rfc-editor.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <c430.rfc-editor.org>
List-Unsubscribe: <https://www.rfc-editor.org/mailman/options/c430>, <mailto:c430-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <http://www.rfc-editor.org/pipermail/c430/>
List-Post: <mailto:c430@rfc-editor.org>
List-Help: <mailto:c430-request@rfc-editor.org?subject=help>
List-Subscribe: <https://www.rfc-editor.org/mailman/listinfo/c430>, <mailto:c430-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Apr 2021 07:41:49 -0000
Authors, While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file. 1) <!-- [rfced] Please insert any keywords (beyond those that appear in the title) for use on https://www.rfc-editor.org/search. --> 2) <!-- [rfced] Please review the items marked "Note:" and let us know if any should be marked as <aside>. Some are not clear to us, especially those that contain RFC 2119 keywords. For example: Note: An endpoint MUST NOT reject a ClientHello that offers a cipher suite that it does not support, or it would be impossible to deploy a new cipher suite. This also applies to TLS_AES_128_CCM_8_SHA256. --> 3) <!-- [rfced] We are having difficulty parsing the following sentence. Current: The same number of bytes are always sampled, but an allowance needs to be made for the endpoint removing protection, which will not know the length of the Packet Number field. Perhaps: The same number of bytes are always sampled, but an allowance needs to be made for the removal of protection by the endpoint, which will not know the length of the Packet Number field. --> 4) <!-- [rfced] FYI We have updated the following cross reference to point to Section 9.5 (Header Protection Timing Side Channels) rather than 9.4 (Header Protection Analysis). Please let us know if changes are necessary: Current: Endpoints responding to an apparent key update MUST NOT generate a timing side-channel signal that might indicate that the Key Phase bit was invalid (see Section 9.5). --> 5) <!-- [rfced] We are having difficulty parsing the following: Current: Using dummy keys will generate no variation in the timing signal produced by attempting to remove packet protection, and results in all packets with an invalid Key Phase bit being rejected. Perhaps: The use of dummy keys introduces no variation in the timing signal, which could be altered by attempting to remove packet protection, and results in all packets with an invalid Key Phase bit being rejected. --> 6) <!-- [rfced] FYI We have made the following edit to improve readability. Let us know if any changes are necessary: Original: QUIC extensions MUST describe how replay attacks affect their operation, or prohibit their use in 0-RTT. Current: QUIC extensions MUST either describe how replay attacks affect their operation or prohibit the use of the extension in 0-RTT. --> 7) <!-- [rfced] Note that we have updated the date and URL listed for [AEBounds] to match the information shown at that URL. Original: [AEBounds] Luykx, A. and K. Paterson, "Limits on Authenticated Encryption Use in TLS", 8 March 2016, <http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>. Current: [AEBounds] Luykx, A. and K. Paterson, "Limits on Authenticated Encryption Use in TLS", 28 August 2017, <https://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>. --> 8) <!-- [rfced] FYI We have made the following update to improve readability. Please let us know if other changes are necessary: Original: * The number of ciphertext blocks an attacker uses in forgery attempts is bounded by v * l, the number of forgery attempts and the size of each packet (in blocks). Current: * The number of ciphertext blocks an attacker uses in forgery attempts is bounded by v * l, which is the number of forgery attempts multiplied by the size of each packet (in blocks). --> 9) <!-- [rfced] Throughout the text, the following term appears to be used inconsistently. Please review these occurrences and let us know if/how they may be made consistent. application data / Application Data / Application data Note that RFC-to-be 9000 <draft-ietf-quic-transport> uses the lowercase form consistently. --> Thank you. RFC Editor On Apr 27, 2021, at 12:27 AM, rfc-editor@rfc-editor.org wrote: *****IMPORTANT***** Updated 2021/04/27 RFC Author(s): -------------- Instructions for Completing AUTH48 Your document has now entered AUTH48. Once it has been reviewed and approved by you and all coauthors, it will be published as an RFC. If an author is no longer available, there are several remedies available as listed in the FAQ (https://www.rfc-editor.org/faq/). You and you coauthors are responsible for engaging other parties (e.g., Contributors or Working Group) as necessary before providing your approval. Planning your review --------------------- Please review the following aspects of your document: * RFC Editor questions Please review and resolve any questions raised by the RFC Editor that have been included in the XML file as comments marked as follows: <!-- [rfced] ... --> These questions will also be sent in a subsequent email. * Changes submitted by coauthors Please ensure that you review any changes submitted by your coauthors. We assume that if you do not speak up that you agree to changes submitted by your coauthors. * Content Please review the full content of the document, as this cannot change once the RFC is published. Please pay particular attention to: - IANA considerations updates (if applicable) - contact information - references * Copyright notices and legends Please review the copyright notice and legends as defined in RFC 5378 and the Trust Legal Provisions (TLP – https://trustee.ietf.org/license-info/). * Semantic markup Please review the markup in the XML file to ensure that elements of content are correctly tagged. For example, ensure that <sourcecode> and <artwork> are set correctly. See details at <https://xml2rfc.tools.ietf.org/xml2rfc-doc.html>. * Formatted output Please review the PDF, HTML, and TXT files to ensure that the formatted output, as generated from the markup in the XML file, is reasonable. Please note that the TXT will have formatting limitations compared to the PDF and HTML. Submitting changes ------------------ To submit changes, please reply to this email with one of the following, using ‘REPLY ALL’ as all the parties CC’ed on this message need to see your changes: An update to the provided XML file — OR — An explicit list of changes in this format Section # (or indicate Global) OLD: old text NEW: new text You do not need to reply with both an updated XML file and an explicit list of changes, as either form is sufficient. We will ask a stream manager to review and approve any changes that seem beyond editorial in nature, e.g., addition of new text, deletion of text, and technical changes. Information about stream managers can be found in the FAQ. Editorial changes do not require approval from a stream manager. Approving for publication -------------------------- To approve your RFC for publication, please reply to this email s tating that you approve this RFC for publication. Please use ‘REPLY ALL’ as all the parties CC’ed on this message need to see your approval. Files ----- The files are available here: https://www.rfc-editor.org/authors/rfc9001.xml https://www.rfc-editor.org/authors/rfc9001.html https://www.rfc-editor.org/authors/rfc9001.pdf https://www.rfc-editor.org/authors/rfc9001.txt Diff file of the text: https://www.rfc-editor.org/authors/rfc9001-diff.html Diff of the XML: https://www.rfc-editor.org/authors/rfc9001-xmldiff1.html The following file is provided to facilitate creation of your own diff files of the XML. The file is a best effort to capture v3-related format updates only: https://www.rfc-editor.org/authors/rfc9001.form.xml Tracking progress ----------------- The details of the AUTH48 status of your document are here: https://www.rfc-editor.org/auth48/rfc9001 Please let us know if you have any questions. Thank you for your cooperation, RFC Editor -------------------------------------- RFC9001 (draft-ietf-quic-tls-34) Title : Using TLS to Secure QUIC Author(s) : M. Thomson, Ed., S. Turner, Ed. WG Chair(s) : Lars Eggert, Lucas Pardue, Matt Joras Area Director(s) : Martin Duke, Zaheduzzaman Sarker
- [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic-tls… rfc-editor
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… rfc-editor
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Martin Thomson
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Sandy Ginoza
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Martin Thomson
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Sandy Ginoza
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Jean Mahoney
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Martin Thomson
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Jean Mahoney
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Martin Thomson
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Jean Mahoney
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Sean Turner
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Martin Thomson
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Jean Mahoney
- Re: [C430] AUTH48 [JM]: RFC 9001 <draft-ietf-quic… Sean Turner