[Gen-art] Gen-ART Telechat review of draft-ietf-tokbind-negotiation-11
Paul Kyzivat <pkyzivat@alum.mit.edu> Wed, 18 April 2018 18:43 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94C7E126CD8; Wed, 18 Apr 2018 11:43:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KUJ6wCJGI-Df; Wed, 18 Apr 2018 11:43:12 -0700 (PDT)
Received: from alum-mailsec-scanner-2.mit.edu (alum-mailsec-scanner-2.mit.edu [18.7.68.13]) by ietfa.amsl.com (Postfix) with ESMTP id A6AFF1200FC; Wed, 18 Apr 2018 11:43:08 -0700 (PDT)
X-AuditID: 1207440d-7e7ff70000006fd3-62-5ad791b9ee6e
Received: from outgoing-alum.mit.edu (OUTGOING-ALUM.MIT.EDU [18.7.68.33]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by alum-mailsec-scanner-2.mit.edu (Symantec Messaging Gateway) with SMTP id CA.77.28627.9B197DA5; Wed, 18 Apr 2018 14:43:06 -0400 (EDT)
Received: from PaulKyzivatsMBP.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.13.8/8.12.4) with ESMTP id w3IIh32v021281 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 18 Apr 2018 14:43:05 -0400
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
To: draft-ietf-tokbind-negotiation.all@ietf.org
Cc: General Area Review Team <gen-art@ietf.org>
Message-ID: <b52e85fa-941b-0721-ec8a-34daf979c843@alum.mit.edu>
Date: Wed, 18 Apr 2018 14:43:03 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrHIsWRmVeSWpSXmKPExsUixO6iqLtr4vUog7nHtCx2tPxlsbj66jOL A5PHkiU/mQIYo7hsUlJzMstSi/TtErgyLm39wlTQK1lxZvNRtgbG58JdjJwcEgImEn3P/7F3 MXJxCAnsYJJ49GI9I4TzkEni1sxlTCBVbAJaEnMO/WcBsYUFXCXeT3/NCGKLCOhLrP83iw3E Zgay/z5ZDFbPK2Av8XzSDXYQm0VAVaJ34gmwuKhAmsT9zZMYIWoEJU7OfMIC0WsmMW/zQ2YI W1zi1pP5TBC2vETz1tnMExj5ZiFpmYWkZRaSlllIWhYwsqxilEvMKc3VzU3MzClOTdYtTk7M y0st0jXSy80s0UtNKd3ECAlE3h2M/9fJHGIU4GBU4uFN8L8eJcSaWFZcmXuIUZKDSUmU97w1 UIgvKT+lMiOxOCO+qDQntfgQowQHs5II787HV6KEeFMSK6tSi/JhUtIcLErivGwme6OEBNIT S1KzU1MLUotgsjIcHEoSvKbAiBMSLEpNT61Iy8wpQUgzcXCCDOcBGs4BUsNbXJCYW5yZDpE/ xWjMMeV5fw8zx4n3U3qYhVjy8vNSpcR5t00AKhUAKc0ozYObBksmrxjFgZ4T5r0LUsUDTERw 814BrWICWnXNGOSP4pJEhJRUA6PmGceDf1YVZ90N/LmrO3ezvenmOeazffe+UToabMnZt7zB L2HlhdrctP4gt74MRZHleg7F9yzyNjc57RW0Mz0hMVN1w+4bXjdXXC6ZcobvvdcquSmZQgut J3azHDzR5Mi1faXEbU7x9QHrNjXK8pY8vxpdEiF242THlQhT63XPY/3ub6tkKlNiKc5INNRi LipOBACOgjV+AQMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/rIzlYoqLLkASxafNWEnGU-NG55U>
Subject: [Gen-art] Gen-ART Telechat review of draft-ietf-tokbind-negotiation-11
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Apr 2018 18:43:13 -0000
For IESG Evaluation reviews: I am the assigned Gen-ART reviewer for this
draft. The General Area Review Team (Gen-ART) reviews all IETF documents
being processed by the IESG for the IETF Chair. Please wait for
direction from your document shepherd or AD before posting a new version
of the draft. For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Document: draft-ietf-tokbind-negotiation-11
Reviewer: Paul Kyzivat
Review Date: 2018-04-18
IETF LC End Date: 2017-11-27
IESG Telechat date: 2018-05-08
Summary:
This draft is on the right track but has open issues, described in the
review.
Issues:
Major: 0
Minor: 1
Nits: 0
(1) MINOR:
Section 2 states the following requirement:
... it SHOULD
indicate the latest (highest valued) version in
TokenBindingParameters.token_binding_version.
Section 4 states:
The client receiving the "token_binding" extension MUST terminate the
handshake with a fatal "unsupported_extension" alert if any of the
following conditions are true:
...
2. "token_binding_version" is higher than the Token Binding protocol
version advertised by the client.
These don't state the precise meaning of "highest valued version". For
example, if the supplied version is 3.5, what does it say about other
versions supported? Presumably it covers 3.0...3.5. But what about lower
major versions? I guess it must mean that 1.0...1.x and 2.0...2.y are
also supported for some value of x and y. But *what* values of x and y?
All that were ever defined? And what are the rules about versions 0.n?
This use of versioning implies that a particular discipline be followed
for defining new major/minor version numbers, and for implementors. But
no such discipline is described.
Additional text is needed to nail all of this down.
The above restates what I included in my Last Call review of -10. In
followup to that I had some discussion with the author about this but we
didn't reach agreement. The author replied to me that:
"Similarly to TLS <= 1.2 version negotiation, this says nothing about
any other protocol versions supported by the client. It only means that
the server may respond with version X.Y where X<=3 and Y<=5. If the
client happens to not support the version the server has chosen, the
client will not use Token Binding on this connection."
I'm not familiar with TLS version negotiation, but I just peeked at TLS
1.2 and 1.3. I found the following from TLS 1.3 enlightening:
- The TLS 1.2 version negotiation mechanism has been deprecated in
favor of a version list in an extension. This increases
compatibility with existing servers that incorrectly implemented
version negotiation.
Apparently the TLS 1.2 version negotiation isn't a very good one to
follow in this regard. Enumerating supported versions is more robust.
In any case this document doesn't have any text to state that the
version negotiation should be the same as TLS 1.2.
So I continue to suggest that the complete mechanism for negotiating the
version be specified.
- [Gen-art] Gen-ART Telechat review of draft-ietf-t… Paul Kyzivat
- Re: [Gen-art] Gen-ART Telechat review of draft-ie… Andrei Popov
- Re: [Gen-art] Gen-ART Telechat review of draft-ie… John Bradley