[Gen-art] Re: Gen-ART review of draft-santesson-tls-ume-04.txt
Russ Housley <housley@vigilsec.com> Thu, 13 April 2006 15:17 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FU3a2-0000dB-3i; Thu, 13 Apr 2006 11:17:58 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FU3a1-0000cg-BC for gen-art@ietf.org; Thu, 13 Apr 2006 11:17:57 -0400
Received: from woodstock.binhost.com ([144.202.243.4]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1FU3a0-0008RM-1N for gen-art@ietf.org; Thu, 13 Apr 2006 11:17:57 -0400
Received: (qmail 18810 invoked by uid 0); 13 Apr 2006 15:17:52 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.201.221) by woodstock.binhost.com with SMTP; 13 Apr 2006 15:17:52 -0000
Message-Id: <7.0.0.16.2.20060413105655.059696f0@vigilsec.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.0.16
Date: Thu, 13 Apr 2006 11:17:26 -0400
To: Tom-PT Taylor <taylor@nortel.com>, Stefan Santesson <stefans@microsoft.com>, Ari Medvinsky <arimed@microsoft.com>, Joshua Ball <joshball@microsoft.com>
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <443D5D6E.70107@nortel.com>
References: <443D5D6E.70107@nortel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 287c806b254c6353fcb09ee0e53bbc5e
Cc: gen-art@ietf.org
Subject: [Gen-art] Re: Gen-ART review of draft-santesson-tls-ume-04.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org
Tom:
>I was selected as General Area Review Team reviewer for this specification
>(for background on Gen-ART, please see
>http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
>
>Document: draft-santesson-tls-ume-04.txt
>Intended Status: Proposed Standard (Individual submission via AD)
>Shepherding AD: Russ Housley
>Review Trigger: IETF Last Call (ends 13 April 2006)
>
>Summary: This draft raised some questions in my mind that may need
>to be answered before it goes forward. One of these questions
>actually implies the need for new text in draft-santesson-tls-supp-00.txt.
>
>I have some suggestions for editing.
>
>---------------------
>
>Substantive comments:
>
>1. Section 1.2 Design Considerations, second sentence. This sentence
>is talking about a possible alternative design approach to protect
>the data being sent. A concern over inappropriate dissemination is
>expressed in the Security Considerations section of the draft.
>
>The proposal in the Security Considerations section that the client
>use discretion in sending the information is a half-hearted look at
>the issue, since an attacker can view the SupplementalData in
>transit. The authors may need to make up their minds whether
>exposure is an issue or not.
I do not agree. The solution is not described will in
draft-santesson-tls-supp-00.txt, but the double handshake is the
solution. I have written a description of it in the security
considerations of draft-housley-tls-authz-extns-03.txt. I'm please
to include that text in this document if you believe it will help.
>2. The protocol requires assignment of an extension type number to
>the user_mapping extension. Similarly, a supplemental data type
>number needs to be assigned to user_mapping_data. I suppose this can
>be left to IANA to assign the next available number, since the
>numbering sequence doesn't seem to have any protocol significance.
Leaving the number assignment to IANA is the usual practice.
>3. A literal reading of 2246bis section 4.3 suggests, based on the
>upper bounds of the various data structures in section 3 of the
>present document, that the user_mapping_data_list doesn't provide
>enough space to hold even one instance of UserMappingData. Is such a
>cavalier use of upper bounds normal TLS specification usage?
I think of these values as maximum buffer sizes. Take a look at
2246bis, and you will see many cases like this.
>4. Is there any relationship between the value of
>user_principal_name and the value of domain_name, if they are both
>present in the same UpnDomainHint instance?
Text was added in draft-santesson-tls-ume-05.txt to address a similar
Last Call comment. It has already had many eyes look at it, so I
hope you are also satisfied.
>5. In section 4, after the user_mapping extension has been
>negotiated, the sending of the SupplementalData message is only a
>MAY. Is this the intended strength?
Text was added in draft-santesson-tls-ume-05.txt to address a similar
Last Call comment. It has already had many eyes look at it, so I
hope you are also satisfied,
>6. In section 5, Security Considerations, there are two SHOULD
>bullets for client behaviour. The first one raises a question in my
>mind that may need additional text in
>draft-santesson-tls-supp-00.txt. The question is: what is the
>behaviour expected of a server that receives supplemental data of a
>type that has not been negotiated as an extension?
Good point. I suggest:
OLD:
If present, the SupplementalData handshake message MUST contain a
non-empty SupplementalDataEntry structure carrying data associated
with at least one defined SupplementalDataType. An explicit
agreement that governs presence of any supplemental data MUST be
concluded between client and server for each SupplementalDataType
using the TLS extensions in the client and server hello messages.
NEW:
If present, the SupplementalData handshake message MUST contain a
non-empty SupplementalDataEntry structure carrying data associated
with at least one defined SupplementalDataType. An explicit
agreement that governs presence of any supplemental data MUST be
concluded between client and server for each SupplementalDataType
using the TLS extensions in the client and server hello messages.
Receiving an unexpected SupplementalData handshake message
results in a fatal error, and the receiver MUST close the connection
with a fatal unexpected_message alert.
>7. Same bullets: any time a SHOULD is specified, the document should
>also describe the exceptional case. When would a client send
>supplemental data it has not negotiated? Isn't this a protocol
>violation? What exception do you see for the second bullet?
Is this handled by the above text too?
Russ
_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART review of draft-santesson-tls-u… Tom-PT Taylor
- [Gen-art] Re: Gen-ART review of draft-santesson-t… Russ Housley
- Re: [Gen-art] Re: Gen-ART review of draft-santess… Brian E Carpenter
- [Gen-art] Re: Gen-ART review of draft-santesson-t… Tom-PT Taylor
- [Gen-art] RE: Gen-ART review of draft-santesson-t… Stefan Santesson
- [Gen-art] Re: Gen-ART review of draft-santesson-t… Tom-PT Taylor