Re: [Emu] TEAP - RFC 7170 - Errata ID 5768
Joseph Salowey <joe@salowey.net> Tue, 26 May 2020 04:27 UTC
Return-Path: <joe@salowey.net>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E7A63A0831 for <emu@ietfa.amsl.com>; Mon, 25 May 2020 21:27:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JXfnKlYTO2bu for <emu@ietfa.amsl.com>; Mon, 25 May 2020 21:27:22 -0700 (PDT)
Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com [IPv6:2607:f8b0:4864:20::72f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B6263A082F for <emu@ietf.org>; Mon, 25 May 2020 21:27:22 -0700 (PDT)
Received: by mail-qk1-x72f.google.com with SMTP id f18so2578091qkh.1 for <emu@ietf.org>; Mon, 25 May 2020 21:27:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LIY3GZQftC3rTBqc+E5a9hi1zZlP2dUvSR0NfvqOObI=; b=iajAaMOWB8M8SZarnwjeogLmV/6QZfpsD1FFqE2rWiNXcokxMqZeoYwX1q4VNF4DvW uv9NWb0eFh4dYbuMJ/FPBQSUnFPgK8rfkb9cttSLuOTAs52R9wf4QnsZrAsRwdE0aiIe KAOtdQyKhNz7KxnLKb/KAenOV/YTok1O1BpO8YY3TZ/dFY70890Vzz62m2OhgHjiTLZf sa6n/hxx/wo+t5kyX3gsIkZ+qPEswo/6JKAsP1XQtuLkg/wSAsqSRM0Q3ifR9hRvDwrl D0B27LHVWJ0CPZ2p27MAX9SWfaahcc0+sREiSGfJTCzfPtQgalWTlkZo21+DqgXQN5OF 4a/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LIY3GZQftC3rTBqc+E5a9hi1zZlP2dUvSR0NfvqOObI=; b=NcP+AfElBalMw52LO8Q6cgd2xlhqrb9D+djRRsISpia/wBEyebC7J8TxiXzDFnYydK 77eOxqNwL1Uiy5SKLbeCPGGt2F3wxMykRdnZKSJBcxDQgsOP+qfhViT4QosOVoGtFvNA MArJSvjZJyK+kjxyzqp8uH1t771DkfFOQdxEUr/7nbWPtNDPF4T1pjb7/5MdP/PxtSu6 CKggCyVYnMR/Sky6inmrwGWXenGL4pkcxVz+wgBvBMFAKzK0NAaGtJXKH8DdltKxkw84 anrmesX4Q0m/7uaX28faT2IVycOzglwtRPPS5h0/IwRd8pg3e7PRe0wuXooZRg3FB+h2 R2tA==
X-Gm-Message-State: AOAM5308s6FeX3qVFt2gex9YTI1JTJElPzjn2nrKwby8icW6SJ19LeWg MKLQKf/V/FxcA0ZWlzU5B8cQk7QcuGkJAZiPBncvvw==
X-Google-Smtp-Source: ABdhPJzNnU72rlCeklobYNrSqWJkrLx4loZZJ/KXNUJitlSfJ7rV8rBgNOPFflournvbVO6vB1t1bT9eKNxWMKYNUmI=
X-Received: by 2002:a37:4c48:: with SMTP id z69mr29128502qka.138.1590467241354; Mon, 25 May 2020 21:27:21 -0700 (PDT)
MIME-Version: 1.0
References: <CABXxEz-LyyWcxvArfoU=JEcAEtun9T2wkADAB9_sw8zdGc2R2g@mail.gmail.com> <CH2PR21MB138134E39EBC0EF2F4EBE9C4D1B40@CH2PR21MB1381.namprd21.prod.outlook.com>
In-Reply-To: <CH2PR21MB138134E39EBC0EF2F4EBE9C4D1B40@CH2PR21MB1381.namprd21.prod.outlook.com>
From: Joseph Salowey <joe@salowey.net>
Date: Mon, 25 May 2020 21:27:10 -0700
Message-ID: <CAOgPGoDsV-f2iNt2c1nnyPF8nTnabRyqsVBU+MWuwnswTWZw-A@mail.gmail.com>
To: Jorge Vergara <jovergar=40microsoft.com@dmarc.ietf.org>
Cc: Oleg Pekar <oleg.pekar.2017@gmail.com>, Jouni Malinen <j@w1.fi>, EMU WG <emu@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f2cae505a6858204"
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/F2fpRQMAwqf_fhkT-nmFYyqTY0Y>
Subject: Re: [Emu] TEAP - RFC 7170 - Errata ID 5768
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2020 04:27:25 -0000
On Fri, May 22, 2020 at 1:18 PM Jorge Vergara <jovergar= 40microsoft.com@dmarc.ietf.org> wrote: > My review of this errata and the current responses from Oleg: > > > > 1. I agree with this proposed resolution. I do think this is an > important omission that needs to be clarified in the RFC. Otherwise it is > somewhat guesswork that truncation is the right action. I think the current > wording leans toward truncation, but I definitely asked this question > myself while implementing. > > [Joe] Why not just change the TLV to be variable length? It seems if we hardcode the length to 100 we risk having the same problem in the future? > > 1. > 2. This bleeds into Alan’s TLS 1.3 document somewhat, but I agree with > Jouni that this will need to change when the rest of the document is > eventually updated to TLS 1.3. There are enough TLS 1.3 related things to > address in TEAP that I don’t exactly view this as an errata. I view it as a > needed update, whether in this document, Alan’s document, or both. > > [Joe] I tend to agree that this is not an errata. However an update to TEAP should address these. > > 1. > 2. Agree with Jouni that I don’t see the point of the 0x37 octet, but > regardless this clarification of how it is encoded is positive (minor) > change. > > [Joe] I think the original reason to include the TEAP method ID in the specification was to make sure that we differentiated between similar crypto binding implementations in other protocols such as EAP-FAST. I don't think there is much ambiguity here, but I am OK with including 0x37 in the description. > > > Thanks, > > Jorge > > > > *From:* Emu <emu-bounces@ietf.org> *On Behalf Of * Oleg Pekar > *Sent:* Tuesday, May 5, 2020 6:27 AM > *To:* Jouni Malinen <j@w1.fi>; EMU WG <emu@ietf.org> > *Subject:* [Emu] TEAP - RFC 7170 - Errata ID 5768 > > > > Hi Jouni, > > I propose the following fix for the issues described in this errata id: > > 1) In Section "4.2.13. Crypto-Binding TLV" make "EMSK Compound MAC" and > "MSK Compound MAC" fields 32 octets long (currently 20 octets). The MAC > value is truncated at 32 octets if it is longer than 32 octets or padded to > a length of 32 octets with zeros to the right if it is less than 32 octets. > The length of the TLV should be changed to 100 bytes (currently 76). > > > > The motivation is to keep collision-resistance strength of MAC on 128 bit. > Hash value truncation is described in "NIST Special Publication 800-107 > Revision 1: Recommendation for Applications Using Approved Hash Algorithms" > <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvlpubs.nist.gov%2Fnistpubs%2FLegacy%2FSP%2Fnistspecialpublication800-107r1.pdf&data=02%7C01%7Cjovergar%40microsoft.com%7C42c90b35b93f4261402008d7f0f817c4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637242821105169728&sdata=MS6AaYWPCm377ZvleMjVIfLCkaCaq6E24NQXSYK%2FNls%3D&reserved=0> > > > > > 2) In Section "5.3. Computing the Compound MAC" specify that "MAC is the > MAC function negotiated in TLS of TEAP Phase 1" (currently it says TLS > 1.2) > > > > The motivation is to support TLS 1.2, 1.3 and possibly later TLS versions. > > > > 3) In Section "5.3. Computing the Compound MAC" when specifying the list > of field to be placed in the BUFFER" should say "...2 A single octet > contains TEAP EAP method type 0x37". Alternatively it could be "...2 A > single octet contains EAP Type of the inner EAP method related to the > calculation or 0 if no inner EAP method was executed" (currently "...2 The > EAP Type sent by the other party in the first TEAP message") > > > > Please note that there's still a discussion on sending Crypto-Binding TLV > on "Authentication inner EAP method" or "Inner EAP method that exports MSK" > only. > > > > Thanks > > Oleg > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu >
- [Emu] TEAP - RFC 7170 - Errata ID 5768 Oleg Pekar
- Re: [Emu] TEAP - RFC 7170 - Errata ID 5768 Jorge Vergara
- Re: [Emu] TEAP - RFC 7170 - Errata ID 5768 Joseph Salowey
- Re: [Emu] TEAP - RFC 7170 - Errata ID 5768 Jorge Vergara
- Re: [Emu] TEAP - RFC 7170 - Errata ID 5768 Oleg Pekar
- Re: [Emu] TEAP - RFC 7170 - Errata ID 5768 Joseph Salowey