Re: [dns-privacy] Correction to my mike statement about the provisioning draft
"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Tue, 02 April 2019 10:11 UTC
Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDF281201F1 for <dns-privacy@ietfa.amsl.com>; Tue, 2 Apr 2019 03:11:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0JBVdMahd1Jm for <dns-privacy@ietfa.amsl.com>; Tue, 2 Apr 2019 03:11:05 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83B1C1201E7 for <dns-privacy@ietf.org>; Tue, 2 Apr 2019 03:11:05 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1554199586; h=From: To:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-ms-exchange-purlcount:x-microsoft-antispam-prvs: x-forefront-prvs:x-forefront-antispam-report: received-spf:x-ms-exchange-senderadcheck:x-microsoft-antispam-message-info: Content-Type:MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=k9JeABv882OicTiq/Ims1p93F3Ipq9ib1d7NWV bzuZI=; b=b7gpv0kaRCNd4/WpwChgTu7SJcJJaXSuNNfbOOOP b00CeySrG72ziY6Hxu+j+iWh0uvSdlxtMDQEvCrsXFQCnOYWzk f/kWtOirfGSnca74FUb1qeGEYrZKzX2c26NogoNxemhNDuUs+4 oKtzupHvxuU5fm2YKMxY4EkQV7ul8LQ=
Received: from DNVEXAPP1N06.corpzone.internalzone.com (unknown [10.44.48.90]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 1bd4_470b_0d36d2e5_8a7b_44cb_90ed_f4b770a01273; Tue, 02 Apr 2019 04:06:26 -0600
Received: from DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 2 Apr 2019 04:10:47 -0600
Received: from DNVO365EDGE2.corpzone.internalzone.com (10.44.176.74) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Tue, 2 Apr 2019 04:10:47 -0600
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (10.44.176.240) by edge.mcafee.com (10.44.176.74) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 2 Apr 2019 04:10:46 -0600
Received: from DM6PR16MB2794.namprd16.prod.outlook.com (20.178.225.219) by DM6PR16MB2665.namprd16.prod.outlook.com (20.177.220.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.20; Tue, 2 Apr 2019 10:10:46 +0000
Received: from DM6PR16MB2794.namprd16.prod.outlook.com ([fe80::a948:401e:299e:4550]) by DM6PR16MB2794.namprd16.prod.outlook.com ([fe80::a948:401e:299e:4550%6]) with mapi id 15.20.1750.017; Tue, 2 Apr 2019 10:10:46 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: Watson Ladd <watsonbladd@gmail.com>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [dns-privacy] Correction to my mike statement about the provisioning draft
Thread-Index: AQHU5l0eTuiPfNjvwUOapfoMIVO3I6YopJng
Date: Tue, 02 Apr 2019 10:10:45 +0000
Message-ID: <DM6PR16MB27948470EE2E281BD2A1E418EA560@DM6PR16MB2794.namprd16.prod.outlook.com>
References: <CACsn0c=QqK+Q63yn5+dviKESUz28DLpi_uZQcNF1jXN6tBodoQ@mail.gmail.com>
In-Reply-To: <CACsn0c=QqK+Q63yn5+dviKESUz28DLpi_uZQcNF1jXN6tBodoQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [103.245.47.20]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b9debf6f-cf73-4c51-8450-08d6b7537904
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600139)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:DM6PR16MB2665;
x-ms-traffictypediagnostic: DM6PR16MB2665:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <DM6PR16MB2665C5E3C01D80F4A4EA7FF5EA560@DM6PR16MB2665.namprd16.prod.outlook.com>
x-forefront-prvs: 0995196AA2
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(376002)(366004)(346002)(136003)(32952001)(199004)(189003)(68736007)(80792005)(81156014)(478600001)(72206003)(446003)(99286004)(26005)(102836004)(2501003)(966005)(6116002)(25786009)(3846002)(71200400001)(229853002)(790700001)(9326002)(33656002)(106356001)(71190400001)(186003)(86362001)(14454004)(7696005)(110136005)(316002)(53546011)(7736002)(76176011)(5024004)(6436002)(105586002)(2906002)(8936002)(55016002)(486006)(4744005)(6506007)(8676002)(6306002)(97736004)(5660300002)(256004)(476003)(52536014)(236005)(14444005)(606006)(53936002)(54896002)(9686003)(66066001)(11346002)(74316002)(81166006)(6246003)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR16MB2665; H:DM6PR16MB2794.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: tUhujaYWubCBJlwSHPH7BR1K0C1/Jt/PQFaMc3kc9bkJFBHDWECiIHVWPWsa9ib4spE0wzmq5oJxU6B0tN24rKJntmo9mE3W1xf8yex2w4qYyyrkyRcwvhFSMv36Zx+As1Gxhrqbl/NPVt8cvK2+kiy9+N0ULMSZOFtzTKlfA2IkDt9YXNGg48GBMO3XfLX258p8ovsAvYRBJsijWIN56bTievSBMD4qZdDYoGZD8Qrhk9RtSI6wPecvqBRW5nQNpi0Ty3Lryj6gBXNXsB2mP2OCp1R30eEU6WOrGm7FZJG8gepvfN25I/Fk0LBbvG+GamU9jrwyzBG0h35r9YduRtvfne25LQLfJmNoFSOhNJmOCqLgxwRJ1PJxp4mn5hA4WyM0MGs4u7U3gqJTFHFO5j+b/1iyWdH0JYsT5FTV9OQ=
Content-Type: multipart/alternative; boundary="_000_DM6PR16MB27948470EE2E281BD2A1E418EA560DM6PR16MB2794namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: b9debf6f-cf73-4c51-8450-08d6b7537904
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2019 10:10:45.8900 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR16MB2665
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.1
X-NAI-Spam-Version: 2.3.0.9418 : core <6515> : inlines <7045> : streams <1817482> : uri <2824357>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/-yoD5_ox8CA54YqdSKySh_hPvrM>
Subject: Re: [dns-privacy] Correction to my mike statement about the provisioning draft
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 10:11:08 -0000
Hi Watson, Please see inline From: dns-privacy <dns-privacy-bounces@ietf.org> On Behalf Of Watson Ladd Sent: Friday, March 29, 2019 11:56 PM To: dns-privacy@ietf.org Subject: [dns-privacy] Correction to my mike statement about the provisioning draft CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe. ________________________________ Despite citations to SRP-6 the rfc 5054 implements 6a which doesn't have a 2 for 1 attack. [TR] Yes. It does however use SHA1 hardcoded. Probably not a good idea. [TR] SHA1 is hardcoded, but don’t see any other TLS specification using PAKE scheme other than the expired draft https://tools.ietf.org/html/draft-barnes-tls-pake-04. Is there any other PAKE scheme to use in TLS ? We seem to have thought there were other draft issues as well though. [TR] I will work on the comments received from the WG, and post an updated draft. Cheers, -Tiru Sincerely, Watson Ladd
- [dns-privacy] Correction to my mike statement abo… Watson Ladd
- Re: [dns-privacy] Correction to my mike statement… Konda, Tirumaleswar Reddy