Re: [Gen-art] review of draft-ietf-msec-policy-token-sec-05.txt
Brian E Carpenter <brc@zurich.ibm.com> Thu, 19 January 2006 16:25 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EzcbC-0001fX-M5; Thu, 19 Jan 2006 11:25:22 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Ezcb8-0001bx-U0 for gen-art@megatron.ietf.org; Thu, 19 Jan 2006 11:25:20 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAB04412 for <gen-art@ietf.org>; Thu, 19 Jan 2006 11:23:51 -0500 (EST)
Received: from mtagate1.de.ibm.com ([195.212.29.150]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Ezcjg-0004jb-EC for gen-art@ietf.org; Thu, 19 Jan 2006 11:34:10 -0500
Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate1.de.ibm.com (8.12.10/8.12.10) with ESMTP id k0JGP2Ol182612 for <gen-art@ietf.org>; Thu, 19 Jan 2006 16:25:03 GMT
Received: from d12av01.megacenter.de.ibm.com (d12av01.megacenter.de.ibm.com [9.149.165.212]) by d12nrmr1607.megacenter.de.ibm.com (8.12.10/NCO/VERS6.8) with ESMTP id k0JGOreD155482 for <gen-art@ietf.org>; Thu, 19 Jan 2006 17:24:53 +0100
Received: from d12av01.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av01.megacenter.de.ibm.com (8.12.11/8.13.3) with ESMTP id k0JGOr1m011084 for <gen-art@ietf.org>; Thu, 19 Jan 2006 17:24:53 +0100
Received: from sihl.zurich.ibm.com (sihl.zurich.ibm.com [9.4.16.232]) by d12av01.megacenter.de.ibm.com (8.12.11/8.12.11) with ESMTP id k0JGOqQE011069; Thu, 19 Jan 2006 17:24:52 +0100
Received: from zurich.ibm.com (sig-9-146-218-37.de.ibm.com [9.146.218.37]) by sihl.zurich.ibm.com (AIX4.3/8.9.3p2/8.9.3) with ESMTP id RAA77558; Thu, 19 Jan 2006 17:24:50 +0100
Message-ID: <43CFBD4D.2040803@zurich.ibm.com>
Date: Thu, 19 Jan 2006 17:24:45 +0100
From: Brian E Carpenter <brc@zurich.ibm.com>
Organization: IBM
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113
X-Accept-Language: en, fr, de
MIME-Version: 1.0
To: "Dondeti, Lakshminath" <ldondeti@qualcomm.com>
Subject: Re: [Gen-art] review of draft-ietf-msec-policy-token-sec-05.txt
References: <43CFAC3D.7060006@cisco.com> <992BC8ECDE438E4B8F5789A0FCCC92AD090BE4@NAEX05.na.qualcomm.com>
In-Reply-To: <992BC8ECDE438E4B8F5789A0FCCC92AD090BE4@NAEX05.na.qualcomm.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a1852b4f554b02e7e4548cc7928acc1f
Content-Transfer-Encoding: 7bit
Cc: Sam Hartman <hartmans-ietf@mit.edu>, canetti@watson.ibm.com, umeth@sparta.com, hh@sparta.com, gen-art@ietf.org, acc@sparta.com, housley@vigilsec.com
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Sender: gen-art-bounces@ietf.org
Errors-To: gen-art-bounces@ietf.org
Actually, can you comment quickly on Sam's points:
1) Misuse of ASN.1. The document cites the 1997 ASN.1, but has a
number of choices and structures that seem like they are intended to
be extended in the future. Without extensibility markers, a
conforming implementation will reject a sequence or choice with
elements not permitted by the abstract syntax.
2) There is no extensibility or versioning strategy described in the
document. How do we add fields? What should recipients of a token do
if they do not understand part of it?
3) It's not clear that the GSAKMP document combined with this document
provides enough mandatory to implement features that any two
implementations of this specification will work together. The GSAKMP
document specifies mandatory to implement mechanisms for GSAKMP.
However the policy token allows for a wide variety of combinations of
protocols. For example, a policy token could specify one protocol for
registration, one protocol for rekey, and a completely different
protocol for de-registration. If only one of these is GSAKMP, what
happens? Where is it specified what combinations a GM, a GC/KS etc
must support in terms of policy token contents?
Thanks
Brian
Dondeti, Lakshminath wrote:
> Thanks for the review Scott. I am one of the WG chairs of MSEC and I have answers to your questions below.
>
>
> -----Original Message-----
> From: gen-art-bounces@ietf.org on behalf of Scott W Brim
> Sent: Thu 1/19/2006 7:11 AM
> To: Brian E Carpenter
> Cc: gen-art@ietf.org
> Subject: [Gen-art] review of draft-ietf-msec-policy-token-sec-05.txt
>
> Summary: discuss, particularly adopt most of what Sam said.
>
> I am reading Sam's notes and I disagree with the first part of what he
> says, on flexibility. I spent some time with some pioneers of msec so
> I may be biased but there are only two flexibility mechanisms, applied
> repeatedly. Also the design is for a very constrained multicast
> environment: one-to-many with central registration. Therefore I don't
> believe his comments about flexibility or multicast (as a whole) apply
> here.
>
> On the other hand, everything he says in the middle is powerful
> and blocks it in my mind.
>
> I don't believe he should have abstained, because I believe everything
> listed can be fixed. Why allow for multiple protocols instead of
> GSAKMP? First, perhaps the WG chairs have a good technical answer;
> and if they don't, that can be fixed rather directly.
>
> <LD>MSEC group security policy token work is designed to be generic and is applicable to other group security protocols as well. I wish I could provide some existence proof, but there are plans to use the GSPT for GKDP, one of the other protocols being designed in MSEC. </ld>
>
> So it's just a significant discuss, with questions.
>
> Other medium-to-small nits:
>
> "registration provides a list of acceptable registration and
> deregistration policy and mechanisms that may be used to manage
> member-initiated joins and departures from a group. A NULL sequence
> indicates that the group does not support registration and
> deregistration of members. A member MUST be able to support at
> least one set of Registration mechanisms in order to join the group.
> When multiple mechanisms are present, a member MAY use any of the
> listed methods. The list is ordered in terms of Group Owner
> preference. A member MUST choose the highest listed mechanism that
> local policy supports."
>
> First, I assume that a NULL sequence contains nothing -- there isn't a
> sequence element that is an explicit null. If true, then when the
> list is null a member CANNOT support at least one of the mechanisms --
> there aren't any. Prefix that sentence with "if the list is not null
> ...", avoid complaints later.
>
> <LD>Editorial change? I think this is ok. </LD>
>
> Second, in the last sentence, change "highest" to something like
> "first listed". Again, avoid ambiguity.
>
> Next paragraph, re "rekey": same comment about "highest".
>
> <LD>ok</LD>
>
> I don't see anywhere where the group owner is indicated in
> signaling. How is it known? Say so explicitly.
>
> <LD>I will ask Hugh et. al. to add a sentence</LD>
>
> Finally, someone needs to examine the IANA considerations. Aha, I see
> Mr Cotton said something along those lines.
>
> <LD>I have asked the authors to respond to the IANA concern</LD>
>
> <LD>The following are editorial, right?
> A final question: Is the discuss based on whether the GSPT can be used with other protocols OR to resolve Sam's comments? Please let us know.
>
> Note: I will be offline for about the next 1 hr.
>
> </LD>
>
> Other smaller nits:
>
> "Also, the members may want to verify that the access control rules
> are adequate to protect the data that the member is submitting to
> the group."
>
> editorial: "a member may want".
>
> "tokenInfo provides information about the instance of the Policy
> Token (PT)."
>
> Add something like "see Section 3.1". This sentence as it is makes me
> wonder if that's all they are going to tell me.
>
> swb
>
> _______________________________________________
> Gen-art mailing list
> Gen-art@ietf.org
> https://www1.ietf.org/mailman/listinfo/gen-art
>
>
>
>
>
_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] review of draft-ietf-msec-policy-token-… Scott W Brim
- RE: [Gen-art] review of draft-ietf-msec-policy-to… Dondeti, Lakshminath
- Re: [Gen-art] review of draft-ietf-msec-policy-to… Brian E Carpenter
- Re: [Gen-art] review of draft-ietf-msec-policy-to… Brian E Carpenter
- [Gen-art] Re: review of draft-ietf-msec-policy-to… Brian E Carpenter