Re: [Emu] AD review of draft-ietf-emu-rfc5448bis-06
Jari Arkko <jari.arkko@piuha.net> Mon, 09 March 2020 12:24 UTC
Return-Path: <jari.arkko@piuha.net>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED5743A0E5C for <emu@ietfa.amsl.com>; Mon, 9 Mar 2020 05:24:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XsP57GXs0eiF for <emu@ietfa.amsl.com>; Mon, 9 Mar 2020 05:24:37 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by ietfa.amsl.com (Postfix) with ESMTP id B0C523A0E5B for <emu@ietf.org>; Mon, 9 Mar 2020 05:24:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 2A75D660130; Mon, 9 Mar 2020 14:24:36 +0200 (EET)
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V7dz0yVuAJVx; Mon, 9 Mar 2020 14:24:34 +0200 (EET)
Received: from [127.0.0.1] (p130.piuha.net [IPv6:2001:14b8:1829::130]) by p130.piuha.net (Postfix) with ESMTPS id 4A4EB66012C; Mon, 9 Mar 2020 14:24:34 +0200 (EET)
From: Jari Arkko <jari.arkko@piuha.net>
Message-Id: <22008082-7E5D-4198-AE0C-AACD5F6AFBCE@piuha.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_9786E3A2-78B0-4FB2-8EFA-2863B271BAC4"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Mon, 09 Mar 2020 14:24:33 +0200
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFC0216EF8F6F@marchand>
Cc: "emu@ietf.org" <emu@ietf.org>, Vesa Lehtovirta <vesa.lehtovirta@ericsson.com>
To: Roman Danyliw <rdd@cert.org>
References: <359EC4B99E040048A7131E0F4E113AFC0216EF8F6F@marchand>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/OFaOi9iLQiUyA6RCSArQgPTfO4g>
Subject: Re: [Emu] AD review of draft-ietf-emu-rfc5448bis-06
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2020 12:24:40 -0000
Roman, Many thanks for your review. We have gone through all the reviews and comments and are about to post a new draft version in few hours, currently in https://arkko.com/ietf/eap/draft-ietf-emu-rfc5448bis-from--06.diff.html <https://arkko.com/ietf/eap/draft-ietf-emu-rfc5448bis-from--06.diff.html> Here are the responses to your comments: > I conducted an AD review of draft-ietf-emu-rfc5448bis-06 and this document is in good shape. Thanks for all of the work on it. I have minor questions and editorial nits which can be addressed with the IETF Last Call feedback. > > Minor: > -- Can you revisit the history -- why was RFC4187 informational? I'm guessing this draft is informational because it updates RFC4187, right? Yes. And, in addition to what Joe said, the original RFC was informational also because at the time it was not a part of a working group charter but was AD sponsored (albeit it was reviewed and discussed in the EAP working group as well). Considering later events, with hundreds millions or billions of devices supporting this protocol, perhaps it would have been more correct to make it a Proposed Standard. But I don’t think it is worth the effort to change the status now. > -- Section 7.1. Per "The use of pseudonyms in this situation is at best limited" - unclear to me what this means? Is this say that pseudonyms is not recommended because the re-use is creates a tracking opportunity (per the next sentence)? The text was unclear, but the idea is that 5G SUCIs already do a better job here, so downgrading to the possibly multi-use pseudonyms is not wise. Text has been clarified in -07. > -- Section 7.1. Per "Outside 5G, there is a full choice to use ...", what is a "full choice”? The text has been clarified in -07. > Editorial Nits: > > -- Section 1. s/EAP-AKA' is also an algorithm update for the used hash functions./EAP-AKA' also updates the algorithm used in the hash functions./ Corrected in -07. > -- Section 1. s/The update ensures/This update ensures/ Corrected in -07. > -- Section 1. Typo. s/how how/how/ Corrected in -07. > -- Section 3.5. Consider giving the table an explicit number (e.g., Table 1) and s/The attribute table is shown below/The attribute table is shown in Table 1./ Corrected in -07. > -- Section 5.2. s/However, to ensure privacy/However, to enhance privacy/ -- there is no "absolute privacy” Corrected in -07. > -- Section 5.2. s/for at attacker/for an attacker/ Corrected in -07. > -- Section 7.3. s/an backwards/a backwards/ Corrected in -07. Jari
- [Emu] AD review of draft-ietf-emu-rfc5448bis-06 Roman Danyliw
- Re: [Emu] AD review of draft-ietf-emu-rfc5448bis-… Joseph Salowey
- Re: [Emu] AD review of draft-ietf-emu-rfc5448bis-… Jari Arkko