IETF Logo Mail Archive

[core] WGLC draft-ietf-core-echo-request-tag-05

Jim Schaad <ietf@augustcellars.com> Wed, 10 July 2019 22:16 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B5EE12012A; Wed, 10 Jul 2019 15:16:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DIUrE85WaPy0; Wed, 10 Jul 2019 15:16:49 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 814CB120241; Wed, 10 Jul 2019 15:16:46 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 10 Jul 2019 15:16:40 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-core-echo-request-tag@ietf.org
CC: 'core' <core@ietf.org>
Date: Wed, 10 Jul 2019 15:16:39 -0700
Message-ID: <003901d5376d$27710960$76531c20$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdU3R0WwUSXHRxh8Sg2AOFV0PmUcNg==
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/kQDL3_ZtVWqET2wG1nnlUN8HM7E>
Subject: [core] WGLC draft-ietf-core-echo-request-tag-05
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 22:16:52 -0000

Here are some comments:

1.  The Abstract needs to say that it updates RFC 7252 - and it would be
nice if it summarized what it updated.

2.  You can clean up the text dealing with core-object-security

3.  In section 2.1 - It is not clear to me why one would use an outer option
for the echo option.   The inner one would be end-to-end and thus does the
freshness thing.  What does the outer one do?

4.  In section 2.1 (or section 2.2) - There needs to be some text about
where the echo options should be reflected in the event that either both
inner and outer options are returned or just an outer is returned.  Can you
use an inner w/o security for a new request?  I.e. is the inner echo value
considered to be a security value?

5.  Not sure if it is permissible for a proxy to modify the request in
response to a 4.01 with an echo option or not.  Clarification might be
useful on this topic.  I think I understand the paragraphs about proxies as
servers.

6.  In section 2.3 - item 1 star 2 - I would think that a server could
proactively return an echo option even if the request did not come with one.
Thus  GET - Content w/ echo - PUT w/ echo

7.  In section 2.3 - item 2 - star 2 - s/expect/except/

8.  In section 3 it says that the requests must be integrity protected, but
in section 3.1 it says that this may be an outer option and is of class E
not class I.  (And I recognize that it cannot be class I.)  I think that
section 3 is probably the incorrect one.

9.  I think that section 3.4.1 is missing something, but I have not figure
out what it is yet.  I'll continue to mull this one over.

10.  Section 3.4.2 - I think that it would be reasonable to highlight that
two OSCORE blockwise operations meet these conditions as the path is hidden
by security.

11. Section 6 - I am having problems with the idea of a forgery of an Echo
option, if the option is visible to an attacker why would they need to forge
it?

12. Appendix A - I think we have a different definition of forgery for list
item 1.  I would have labeled this as guessing not forgery.  That is
probably my security background talking.

13. Appendix A - point 2 - The security is even higher if encryption rather
than integrity is used here.

jim

v2.23.0 | Report a Bug | By Email