IETF Logo Mail Archive

Re: [Gen-art] Genart last call review of draft-ietf-lamps-cmp-algorithms-12

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Wed, 11 May 2022 15:15 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE839C14F722; Wed, 11 May 2022 08:15:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dDZ_sTZADlnS; Wed, 11 May 2022 08:15:23 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-ve1eur03on060c.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe09::60c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CC5EC157B5A; Wed, 11 May 2022 08:15:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FjSocTsIjY6dZNOEWS0bnSQdQ7SWRiK4HR0LQTXm+oRyjgnpexHJrQHUuOLARSAxTE6Luym8hglAT7vQ5TmXv83clOXFUFERszhJJsvDD9SZiyUgkrkjYhyfg2fs3mIC78wlinbDv5UiAFiITj3C8Tp4eFHO0Z4Tj2B/v72oKaixJt9ONKdvy+2RypYbYLMubKbID39S54+9/pTb/e6j40g3fVWCGYilNDXW1X3socpXhw4z/wN+fKxbUzoid4w2F8m1pIv49xwNBxnEOUGELXCgfSoVIwcKGE4t4ivScofhKR8tatTFUd5lxkhLQ2OpyynEod1kRF85HjKTozQYKQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4+HmQpqQ6VxpB4TJXC25tYQ+45lJi3CN77PYCJAsByc=; b=Wk8ap4c+XGGZS/gToVWl63eay68bHz5e+chetEN/ZGwI0i7lqtuisd5P7D1xxGHq+EVUlyUdPPIjXSCYeFoI4ifxxyRV9Vot+LX/k3JR+uS971ld1mAuO2DR2vk6EF+BiQ7IWlvCezsJoBxIyV5bxWS7m/5rhKuA35N7e+S1PxhAZPVRjAuReAbhrS08+fXtgwwGuBt7drlLjMoMPaqScnA2Ue4dXyleXiwptDqCRvjZPmsvEA9qtkzrqIA0MNMzjkYvcMs1Nf4ClymuJY4n9uXgJS/OwGdAH16YnKByGtQtbuRwRzr8HgQkTCBuJwCz16qgtrF8WtQBOwklSlWcrQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4+HmQpqQ6VxpB4TJXC25tYQ+45lJi3CN77PYCJAsByc=; b=kLTvxZ2kJdKqyZ6qO3R6ImuGNG6qEIi6GfTvnTjda3jlxux/ncb88Kcj2/CPsrssSfih5TPSKxT1XMEI9UikyM1fvWj06wctSTsdpGw1TacCihWaD0YuL/5Girt6t+99MHSD+ce0R6loiiiShpFe1UKhQXNXJuZz5gMJWVkUKqkZBdCYL/F2w16suUn73p/SApqyai0dZtNqRZHh3p3YEyCLghZfuWa41tlKsMnXIR55sjeIRTEH3AcgE9uGgRgb/OGTmDSBI2HF9LvCa5Se7KTOz+zpmq0zq7WliZ/h9p2bf+iJq4XCctgofZYTNGMfUlK5EfR2fZngqaDSSmkngg==
Received: from DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:4:b1::18) by DB9PR10MB5668.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:2ec::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5227.22; Wed, 11 May 2022 15:15:17 +0000
Received: from DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM ([fe80::ed10:9fc:bb3f:bbb1]) by DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM ([fe80::ed10:9fc:bb3f:bbb1%12]) with mapi id 15.20.5227.023; Wed, 11 May 2022 15:15:17 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Dan Romascanu <dromasca@gmail.com>, "gen-art@ietf.org" <gen-art@ietf.org>
CC: "draft-ietf-lamps-cmp-algorithms.all@ietf.org" <draft-ietf-lamps-cmp-algorithms.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: Genart last call review of draft-ietf-lamps-cmp-algorithms-12
Thread-Index: AQHYYSupM8YuOANaOEGiVyEKN+EoDa0Zq2HQ
Date: Wed, 11 May 2022 15:15:17 +0000
Message-ID: <DB6PR1001MB126968D72A0F572E921B8CC1FEC89@DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM>
References: <165182926726.21673.10146825579223111190@ietfa.amsl.com>
In-Reply-To: <165182926726.21673.10146825579223111190@ietfa.amsl.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2022-05-11T15:15:13Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=e09b3da0-900c-4e3e-8e04-80c31e7052fc; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1055c5ee-1d9a-4dbb-c63b-08da33610e5d
x-ms-traffictypediagnostic: DB9PR10MB5668:EE_
x-microsoft-antispam-prvs: <DB9PR10MB5668E94615549B51B8CF4FF8FEC89@DB9PR10MB5668.EURPRD10.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +c4/DB3I8pg+jhSkjirn7QS8L/00qk1qXOcALDXBUwCEHOcF/OTawunw1x5+QRGcFSqIfD6emnpH3Er+QX0gQCfS7uspohW5ECgHjsAz1u03ZG1yTm7U4kAOe0lX1jj4HXl10e+a1FHZD/rCdrpf0UX/pXPCOLjhXe1az2mkCDxqdnAbNBk/nRjJ2l0xErh4oy41GVTyjYhugJxMyZKSIhj2ke/WegL2SNz4ilI5Wxq/wbSgg0V59sNs33MimdNoaF7MQ1hNMEKvFdF/R84Os2ws9v5FgW7Wtkhv7vl4lFy+bUFRbv0IjNCU3SKAh9KuLjetfGZOBzhLXte+8dyuewZ/NGSwL0NdAA3KRtY7UhWHf0zBIP+4Eeje1kCR6Lpq1vKqzw4Q2KwUAZHjWHPtIfB0c9qMu0VLuba+ehKMRU4XQ5t3vegUOG+FeJzGqHPC7KnLEo+fwKyHqFv5ICS8FFdozUSbzf/RcqwEpIisX944QNdk9lzLsQEOhQ8J3ZjWACJYxzWdV8T66frllo6gtRdpyfQa9qEhtPRMeOrg4gALMI6qnrR5ni0dDyQkwVoolSA98OKgOtkedwcGmqnggBJypdOOwiw5byQ/nWJbey4mQtEcI+E+1rdcmXpEZnhvqD+DWq1zf+FWy3twJ++wmZ4jDrWDBl/4uzMMaUYP8djABUURv6W7YzWxYNtOYU3FYqM1qCNmZVbVHjzy8f/PYA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(5660300002)(508600001)(86362001)(6506007)(8936002)(33656002)(52536014)(7696005)(71200400001)(2906002)(83380400001)(38070700005)(26005)(82960400001)(55016003)(9686003)(38100700002)(122000001)(186003)(66476007)(316002)(66946007)(66556008)(76116006)(54906003)(110136005)(66446008)(4326008)(64756008)(8676002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 5jsUIg2Cn8QQ293letVCBsXQP86gCRN48XkPnHocUbx/OZWhOjBO3c3490wrogEYr2x8LF3NZQssO4+YIj7gs7lqO23mkdyhBWZPakGZbbSEnVAzv2uv6Z+JbZMGDrsF1E/8SpdldxYjQFIpE3TBXhUcp4fapUMjReVeXlZvdZnCMQEAQSX/NwnN0Kv6jAGGW4eZxD86nt+6RDSdIu+DeVVCgXV/0UzMTv8Yghq/A6IAVIJZV6ylf5RdHa1uE0EWILfzSFZuFNszcpEw16ShTozKdUT/t1h2UYYQ+DOKhGaMMHaWAMHxcajF/SWHb5MVZkrcZ2Ej5/7sUd0fTQF+t6LVU0bVJneW+lfitP0gm1Xky+TETF8Ck7QHJ3pjViOQstkOD1eJ38XTBXsDLdY3dRkg/+7siCoZ5K6avU8/fHyiskWweZt1QGSmLHltDNCGb1yYm6mEGHxZjnwEVxnBHmyafvNL6+8M0u6vK4lfmbtHRYErrPzx+DyCg+98zNRwKqjRqq+X/XgIB/Ti6qjTYmMPBCEPIbef8TmmphuhIiBxsOX2XaF33WY8LGvqHEaWA4kHOP8x2UVJVvVSGTJEjj9uT9ZWwCkLLJnDxXBUOpEjQ4/MVS3/k1x2USa7nwv0fE96U1Z6hLpGTXNCu69ge7L7Rz3BgK7A3K+U72HfDu6FzPeWbPERP138L6xtVUhJDhB1rdRepMuUGw9VnfhnFh+fdrgPp7BpuMDRXKksJIi/Rqb+EL60V8ljJOytuD2ltVZzqFdWSU60Iqa7obRqh9eL2DByd5GOGRYLheSVrlB5sKU0mIRiMiXGDXQ7za8m7M2VfpK3Z6pRnKLAGCGAh9ZJLOfeQbE0YJDwvYiMimoYeVedHCuX03BKpFNQMTOcxsmDf7/m2f7M2i6D2F5FJBHTO/qXNIN1G83dHnXiIOuTlqQ8VIKn5YvqEaUqXPMi2qo+g/H0TR1gWKr6ccDXdBE2z38wXRtS6pE/nJK9VfGj/YB43F5Vg5XqepTES9YRsUhcPV5b920SwDUS5izyVYFFhdUZZSIxUZLVpkbtEjkOpXWEkvZqqK7MGc7MBhA/NYfYF+tE6iIsh+WtC5f9Iizt1KKyovNqpP2h6oBjCcnXIl/AprwLnGZBihleu+ty6C5vO0gpYYZHQmAgHxpMH/i4RYJ7At3VIHO9kUT2Ic/V/2wOC6J9fBuLJMJIAQn9YD7lqltD7mIFiDIPXzSCFV2Vsf4pJQMKiDYBOTh0uH99zfPFp8hBO0nWijxNNaAbtyT2syph2UeQ9IQEL9VJmtKC3dx4r0QXmDxS17vAy/hBM6TWsldrTmsd5+Y8KXt7bxUMG5kxmh12QTSakPrUbMNPksPFY1CctWV71d7XLfjQTiWE0/CE6HYVaihvwb7Jsc0Q0ZBWEdZIoFgo26dmZUoAhS50C5OepY1A1IOlpUvzd1+W1Pub4hIvN8Tjjoean38torQffH+s8XiPd2adRWU5uNsG3QF5EfXWezqlKLAqXzuJBCa9YwH+AzGuVbMkuRpcOiyUJr8F70HM/JgM3P6tgQiHJJ9CAwA5kIbEGcsoVjlFCWthfXRqi7yvtN2v2LMbsPt7WwgSqLsNoxYsW/JILVU0kEe/uGWfB/mlTKnTemlptDtL+bEUIox9kC2kyeAFn/4+U4ttN48VC+tRjm80DjBLDedEyZx09rXgedfhd0dbDlj+SdcXlTxNkDgoamRs6EKePHM1C/n0SqkbZb8p9akhSjgvbP2Zr4KqzYs=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB6PR1001MB1269.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 1055c5ee-1d9a-4dbb-c63b-08da33610e5d
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 May 2022 15:15:17.1748 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +92QPAm8CMgkkGjVqyPSFTzN8ieP8n81Z2Et0uxuRkgxHaov4aai3YgRmEtfUFTeew1//DedAtrsMaSuY+y/vtZVRBNfIjpzMebPhJIhK2M=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR10MB5668
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/AxDb37-91OdIYz5wo8TDerQkgm4>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-lamps-cmp-algorithms-12
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 May 2022 15:15:26 -0000

Dan

Many thanks for your review. Please find my proposal below.

> Von: Dan Romascanu via Datatracker <noreply@ietf.org>
> 
> Ready with nits.
> 
> Nits/editorial comments:
> 
> 1. It would be useful to provide references for terms at first occurrence. For
> example Section 2 directly mentions OOBCertHash, CertStatus, Challenge,
> PBMParameter, DHBMParameter, etc. without providing a reference.

Theses are ASN.1 values or types specified in RFC 4210 (CMP), RFC 4211 (CRMF), CMP Updates, and RFC 5652 (CMS).
Not to overload the text in the Section 2 to Section 6, I propose to add a paragraph to Section 1.1.

New text:
   In the following sections the ASN.1 values and types are listed where
   algorithm identifier and output values are provided. Theses ASN.1 values
   and types are defined in CMP [RFC4210], CRMF [RFC4211],
   CMP Updates [I-D.ietf-lamps-cmp-updates], or CMS [RFC5652].

> 
> 2. Section 2.2 - provide reference for X.509 at first occurrence (probably
> [RFC4210])

Old text:
   The SHA-3 family of hash functions is defined in FIPS Pub 202
   [NIST.FIPS.202] and includes fixed output length variants SHA3-224,
   SHA3-256, SHA3-384, and SHA3-512, as well as extendable-output
   functions (SHAKEs) SHAKE128 and SHAKE256.  Currently SHAKE128 and
   SHAKE256 are the only members of the SHA3-family which are specified
   for use in X.509 and PKIX [RFC8692], and CMS [RFC8702] as one-way
   hash function for use with RSASSA-PSS and ECDSA as one-way hash
   function for use with RSASSA-PSS and ECDSA.

New text:
   The SHA-3 family of hash functions is defined in FIPS Pub 202
   [NIST.FIPS.202] and includes fixed output length variants SHA3-224,
   SHA3-256, SHA3-384, and SHA3-512, as well as extendable-output
   functions (SHAKEs) SHAKE128 and SHAKE256.  Currently SHAKE128 and
   SHAKE256 are the only members of the SHA3-family which are specified
   for use in X.509 certificates [RFC8692] and CMS [RFC8702] as one-way
   hash function for use with RSASSA-PSS and ECDSA.

> 
> 3. For clarity and in order to avoid confusions it would be useful to expand MAC

I extended 'MAC' to 'message authentication code (MAC)' in its first occurrence in Sections 4.4, 6, 6.1, and 6.2. 

> 
> 4. For clarity it would be useful to position Table 3 to start at top of the page to
> avoid split at printing

I will try doing it with the next update. I have to look it up how to do this using xml2rfc :-)


Does these changes sufficiently address your comment?

Hendrik

v2.23.0 | Report a Bug | By Email