Re: [Gen-art] Gen-ART Last Call review of draft-iab-crypto-alg-agility-07.txt
Suresh Krishnan <suresh.krishnan@ericsson.com> Wed, 02 September 2015 03:40 UTC
Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B0E41B30F3; Tue, 1 Sep 2015 20:40:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vpmEuLrcUGiI; Tue, 1 Sep 2015 20:40:32 -0700 (PDT)
Received: from usevmg20.ericsson.net (usevmg20.ericsson.net [198.24.6.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A272C1B3119; Tue, 1 Sep 2015 20:40:31 -0700 (PDT)
X-AuditID: c618062d-f79ef6d000007f54-e9-55e611a14705
Received: from EUSAAHC006.ericsson.se (Unknown_Domain [147.117.188.90]) by usevmg20.ericsson.net (Symantec Mail Security) with SMTP id 00.3A.32596.2A116E55; Tue, 1 Sep 2015 22:59:14 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC006.ericsson.se ([147.117.188.90]) with mapi id 14.03.0248.002; Tue, 1 Sep 2015 23:40:29 -0400
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
To: Russ Housley <housley@vigilsec.com>
Thread-Topic: Gen-ART Last Call review of draft-iab-crypto-alg-agility-07.txt
Thread-Index: AdDZY2sFjPHRsQskTTGKdCyd7mTdyA==
Date: Wed, 02 Sep 2015 03:40:29 +0000
Message-ID: <E87B771635882B4BA20096B589152EF63A8EBB57@eusaamb107.ericsson.se>
References: <E87B771635882B4BA20096B589152EF63A8C9181@eusaamb107.ericsson.se> <B3AB6849-3274-423D-B508-34B93E0B4A1C@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.12]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrFLMWRmVeSWpSXmKPExsUyuXRPlO4iwWehBu8XC1nc+T6X1eLqq88s Fq9e3GR3YPZYsuQnk8eqO19YA5iiuGxSUnMyy1KL9O0SuDL6J3IUfNGvaHvYzNLAOE2ti5GT Q0LARGL9rDtsELaYxIV764FsLg4hgaOMEsu/zGeFcJYxSvT0/GYCqWID6tiw8zOYLSKgLvF3 /gV2kCJmgR5GifdHPoCNEhbwkTi5djorRJGvxJtP96Ea9CSuTtsAFmcRUJFY+XobI4jNC1TT deAvO4gtJNDMKLH6eQiIzQh00vdTa8B6mQXEJW49mc8EcaqAxJI955khbFGJl4//sULYShJz Xl9jhqjXkViw+xMbhK0tsWzha2aIXYISJ2c+YZnAKDoLydhZSFpmIWmZhaRlASPLKkaO0uLU stx0I4NNjMDIOCbBpruDcc9Ly0OMAhyMSjy8CtOehAqxJpYVV+YeYpTmYFES592/5H6okEB6 YklqdmpqQWpRfFFpTmrxIUYmDk6pBsbZVcqCKzZV6DdmFf/meaSYaPBTaafue3dFI/0p/slh d1M3xerPcBR24mdNX2l1vKhtk2O0SMHju7tmLShwC42YFRw455abahKz0/9vceLa/rssX5+/ prY4Zn1iAtuh5idKXx5/+XNq55v9Bw5plfLUXV9qcc/RNuml50G3m85n5v5n7z/kLqHEUpyR aKjFXFScCACzDkewbQIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/rzF8VbkWncUoHURnW6wjd3bDLPI>
Cc: "draft-iab-crypto-alg-agility.all@ietf.org" <draft-iab-crypto-alg-agility.all@ietf.org>, General Area Review Team <gen-art@ietf.org>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-iab-crypto-alg-agility-07.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Sep 2015 03:40:34 -0000
Hi Russ, Thanks for addressing the comments. Your suggested changes look good. I have one clarification and one additional text change request inline. On 09/01/2015 07:41 PM, Russ Housley wrote: > Suresh: > > Thanks for the review. > >> Summary: The draft is almost ready for publication as a BCP but I do >> have some comments you may wish to address. >> >> Minor >> ===== >> >> * Section 1 >> >> Not sure what becomes more feasible in this sentence. I am assuming that >> it is an attack becoming more feasible. If so, suggest rewording to >> something like. >> >> OLD: >> >> As new cryptanalysis techniques are developed and computing capabilities >> improve, the work factor to break a particular cryptographic algorithm >> will reduce, becoming more feasible for more attackers. >> >> NEW: >> >> As new cryptanalysis techniques are developed and computing capabilities >> improve, the work factor to break a particular cryptographic algorithm >> will reduce, thus making it more susceptible to attackers. > > Does this resolve your concern? I have provided the whole paragraph because it pulls in some discussion from the SAAG list as well. > > Cryptographic algorithms age; they become weaker with time. As new > cryptanalysis techniques are developed and computing capabilities > improve, the work required to break a particular cryptographic > algorithm will reduce, making an attack on the algorithm more > feasible for more attackers. While it is unknown how cryptoanalytic > attacks will evolve, it is certain that they will get better. It is > unknown how much better they will become, or when the advances will > happen. Advances in computing power available to the attacker will > eventually make any algorithm obsolete. For this reason, protocols > need mechanisms to migrate from one algorithm suite to another over > time. Sounds good. > >> * Section 2.6 >> >> Would it be useful to put in a recommendation here to use strongest >> possible algorithms/suites and longest possible keys for such long lived >> trust anchor certificates? > > I thought about that, but I was concerned that we would see silly key sizes. I am aware of an attack that was mounted against a very well known site where the attacker provided bogus certificates that were signed with public keys that were 50,000+ bits long. The attacker sent these over and over, until each of the servers in the data center were dong nothing but public key operations. There were two fixes. First, put a limit on the key size. Second, validate the certificate before doing any operations with the embedded public key. So, your suggestion is in violation to one part of the fix. > > For performance, you want keys that are long enough to be safe and secure, perhaps with some margin, but not overkill. I hope Section 2.7 already makes this point. Makes sense. > >> * Section 3.4 >> >> The default server or >> responder configuration SHOULD disable such algorithms > > I do not understand this comment. This text seems to be at odds with the earlier statement that "Some nations specify cryptographic algorithms, and then require their use through legislation or regulations" It would be nice to clarify. > >> * Security considerations >> >> The reference to RFC5166 seems to be wrong and talks about evaluation of >> congestion control mechanisms. Just randomly searching through the RFC >> index led to me to RFC5116 that seems to be about authentication >> encryption algorithms. If this is the correct reference, it needs to be >> fixed in both this section and in the references section. > > Oops. It should reference RFC 5116. Great. > > >> Editorial >> ========= >> >> * The document is missing a Table of contents. The ID guidelines >> recommends a Table of Contents for drafts that are longer than 15 pages. > > I added a Table of Contents. > >> * Section 1 >> >> s/one or more algorithm identifier/one or more algorithm identifiers/ > > Fixed. OK. > >> * Section 2 >> >> OLD: >> one or more algorithm or suite identifier >> >> NEW: >> one or more algorithm or suite identifiers > > If you are talking about Section 2.1, this has been rewritten based on another comment: > > IETF protocols that make use of cryptographic algorithms MUST support > one or more algorithm or suite. The protocol MUST include a > mechanism to identify the algorithm or suite that is being used. s/one or more algorithm or suite/one or more algorithms or suites/ > >> * Section 2.2 >> >> OLD: >> one or more strong mandatory-to-implement algorithm or suite >> >> NEW: >> one or more strong mandatory-to-implement algorithm or suites > > Fixed. OK. > >> * Section 3.1 >> >> s/The IETF has alway/The IETF has always/ > > Fixed. OK. > >> s/as well as meeting/and should also meet/ > > How about: > > The selected > algorithms need to be resistant to side-channel attacks and also meet > the performance, power, and code size requirements on a wide variety > of platforms. Great. > > >> s/depending of the population/depending on the population/ > > Fixed. Great. Thanks Suresh
- [Gen-art] Gen-ART Last Call review of draft-iab-c… Suresh Krishnan
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Russ Housley
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Suresh Krishnan
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Jari Arkko
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Stephen Farrell
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Russ Housley