Re: [Curdle] AD Review of draft-ietf-curdle-gss-keyex-sha2-05

Simo Sorce <simo@redhat.com> Mon, 02 July 2018 15:54 UTC

Return-Path: <simo@redhat.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1300130F90 for <curdle@ietfa.amsl.com>; Mon, 2 Jul 2018 08:54:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L6pKbEtkd2kD for <curdle@ietfa.amsl.com>; Mon, 2 Jul 2018 08:54:11 -0700 (PDT)
Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05503130E35 for <curdle@ietf.org>; Mon, 2 Jul 2018 08:54:10 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2373E814F0A3; Mon, 2 Jul 2018 15:54:10 +0000 (UTC)
Received: from rhino.ipa.ssimo.org (ovpn-116-230.phx2.redhat.com [10.3.116.230]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 973BD1C596; Mon, 2 Jul 2018 15:54:08 +0000 (UTC)
Message-ID: <79c83729b7778cab8f823d9e8dd85488e9482156.camel@redhat.com>
From: Simo Sorce <simo@redhat.com>
To: Eric Rescorla <ekr@rtfm.com>, Simo Sorce <ssorce@redhat.com>
Cc: curdle <curdle@ietf.org>, Hubert Kario <hkario@redhat.com>
Date: Mon, 02 Jul 2018 11:54:06 -0400
In-Reply-To: <CABcZeBNq3kDq5=0K4ov1yOCEAX8sqPHfYZDsNz1V6dn+WPBb0g@mail.gmail.com>
References: <CABcZeBNCUSpGihHz6bPBSALS4-34Tm7W36BCZ_Ev8OQz3KtVag@mail.gmail.com> <1526923646.10011.43.camel@redhat.com> <CABcZeBO9fhkjcfqomnmyY8YJw93u9t7B=QC05aDGBwGgAOpd_w@mail.gmail.com> <34725207.E0R9U7BB6Z@pintsize.usersys.redhat.com> <1527683712.25240.42.camel@redhat.com> <CABcZeBNq3kDq5=0K4ov1yOCEAX8sqPHfYZDsNz1V6dn+WPBb0g@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 02 Jul 2018 15:54:10 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 02 Jul 2018 15:54:10 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'simo@redhat.com' RCPT:''
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/QmkoW7yA7aHbMjNf0kyhU_VROw0>
Subject: Re: [Curdle] AD Review of draft-ietf-curdle-gss-keyex-sha2-05
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jul 2018 15:54:14 -0000

Hi Eric,
I posted a new draft with extensive modification to Section 5,
hopefully they meet your requests.

nothing has changed of the described protocol itself, just stuff got
shuffled around and I also provided a little artwork consistent with
RFC 5656 to hopefully aid at better understanding of the flow.

HTH,
Simo.

On Wed, 2018-05-30 at 06:24 -0700, Eric Rescorla wrote:
> Sure. I was thinking something like this
> 
> 5.1.
> 5.1.1. Generic Procedures
> - Generating a DH ephemeral
> - Verifying the peer's ephemeral
> - Computing the shared key
> - Verifying the output
> - Computing the key hash and MIC
> 
> 5.1.2. GSS Key Exchange Steps
> Client calls GSS_Init_sec_context()... [5.1.1 step 2]
> Server verifies Q_C and calls GSS_Accept_sec_context [5.1.1, step 4]
> Server generates ephemeral and computes the shared key [reduced 5.1.1
> step 5]
> Server call to GSS_Accept_sec_context [5.1.1 step 6]
> Client verifies Q_S and computes the shared key [5.1.1 step 7++]
> Client calls GSS_VErifyMIC [5.1.1. step 8]
> 
> It's hard for me to see if you caught everything else. If you want to
> submit a new draft, I can take a look, either before or after this
> change.
> 
> -Ekr
> 
> 
> 
> 
> 
> 
> On Wed, May 30, 2018 at 5:35 AM, Simo Sorce <ssorce@redhat.com>
> wrote:
> > On Wed, 2018-05-30 at 12:25 +0200, Hubert Kario wrote:
> > > On Tuesday, 29 May 2018 21:27:34 CEST Eric Rescorla wrote:
> > > > On Mon, May 21, 2018 at 10:27 AM, Simo Sorce <ssorce@redhat.com
> > > wrote:
> > > > > On Fri, 2018-05-18 at 14:12 -0700, Eric Rescorla wrote:
> > > > > > These changes look fine, though they only address some of
> > my comments.
> > > > > 
> > > > > Just for clarity, is the change to describe the whole DH
> > exchange in
> > > > > one place what you see missing ? Is that a deal breaker ?
> > > > > Anything else ?
> > > > 
> > > > That and the repeated text that is the same for each group.
> > > 
> > > the fix for repeated text about groups is already merged to
> > master, for ECDHE: 
> > > https://github.com/simo5/ietf/blob/eb03480d5c49e7340302e4974435f3
> > 82ba26a911/
> > > draft-ietf-curdle-gss-keyex-sha2.xml#L537-L553
> > > and for FFDHE:
> > > https://github.com/simo5/ietf/blob/eb03480d5c49e7340302e4974435f3
> > 82ba26a911/
> > > draft-ietf-curdle-gss-keyex-sha2.xml#L148-L164
> > 
> > Thanks Hubert.
> > 
> > Eric,
> > it be nice if you could give guidance on how you would like to see
> > the
> > DH exchange explanation changed, assuming that's the only thing of
> > concern left for you, feel free to point out anything else as well.
> > 
> > If you prefer to have a new draft submitted, with the changes
> > above, as
> > a baseline for further discussion, I can submit one.
> > 
> > Simo.
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle