Re: [Hipsec] WGLC: draft-ietf-hip-cert-06

"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Mon, 20 December 2010 03:59 UTC

Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6738B3A69BF for <hipsec@core3.amsl.com>; Sun, 19 Dec 2010 19:59:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.399
X-Spam-Level:
X-Spam-Status: No, score=-106.399 tagged_above=-999 required=5 tests=[AWL=0.200, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tx4Iy+WuYS7p for <hipsec@core3.amsl.com>; Sun, 19 Dec 2010 19:59:51 -0800 (PST)
Received: from slb-smtpout-01.boeing.com (slb-smtpout-01.boeing.com [130.76.64.48]) by core3.amsl.com (Postfix) with ESMTP id 78F5C3A6931 for <hipsec@ietf.org>; Sun, 19 Dec 2010 19:59:51 -0800 (PST)
Received: from blv-av-01.boeing.com (blv-av-01.boeing.com [130.247.48.231]) by slb-smtpout-01.ns.cs.boeing.com (8.14.4/8.14.4/8.14.4/SMTPOUT) with ESMTP id oBK41Xej007735 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Sun, 19 Dec 2010 20:01:34 -0800 (PST)
Received: from blv-av-01.boeing.com (localhost [127.0.0.1]) by blv-av-01.boeing.com (8.14.4/8.14.4/DOWNSTREAM_RELAY) with ESMTP id oBK41XL0026532; Sun, 19 Dec 2010 20:01:33 -0800 (PST)
Received: from XCH-NWHT-04.nw.nos.boeing.com (xch-nwht-04.nw.nos.boeing.com [130.247.64.250]) by blv-av-01.boeing.com (8.14.4/8.14.4/UPSTREAM_RELAY) with ESMTP id oBK41XIL026527 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Sun, 19 Dec 2010 20:01:33 -0800 (PST)
Received: from XCH-NW-10V.nw.nos.boeing.com ([130.247.25.85]) by XCH-NWHT-04.nw.nos.boeing.com ([130.247.64.250]) with mapi; Sun, 19 Dec 2010 20:01:32 -0800
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: 'Gonzalo Camarillo' <Gonzalo.Camarillo@ericsson.com>, HIP <hipsec@ietf.org>
Date: Sun, 19 Dec 2010 20:01:32 -0800
Thread-Topic: [Hipsec] WGLC: draft-ietf-hip-cert-06
Thread-Index: AcuUlED9cSvlnf5HTfSNfATky0r1tgLYzMig
Message-ID: <7CC566635CFE364D87DC5803D4712A6C4CED25ABC1@XCH-NW-10V.nw.nos.boeing.com>
References: <4CFBB4EE.1020608@ericsson.com>
In-Reply-To: <4CFBB4EE.1020608@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [Hipsec] WGLC: draft-ietf-hip-cert-06
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Dec 2010 03:59:52 -0000

> -----Original Message-----
> From: hipsec-bounces@ietf.org
> [mailto:hipsec-bounces@ietf.org] On Behalf Of Gonzalo Camarillo
> Sent: Sunday, December 05, 2010 7:51 AM
> To: HIP
> Subject: [Hipsec] WGLC: draft-ietf-hip-cert-06
>
> Folks,
>
> we hereby start the WGLC on the following draft. This WGLC will end on
> December 20th.
>
> https://datatracker.ietf.org/doc/draft-ietf-hip-cert/
>
> Please, send your comments to this list.
>
> Thanks,
>

Gonzalo, I reread this draft and feel that it is ready to publish, modulo the resolution of a couple of comments below.

At the top of page 6, I believe that the line
    Subject: CN=hit-of-issuer
should read
    Subject: CN=hit-of-subject

In section 8, the second paragraph recommends to not use grouping or hash and URL encodings when HIP aware middleboxes are anticipated to be on the path.  First of all, it is not really clear how a HIP host may know about these boxes except via side information.  If the HIP host does know about them, then presumably it could also know (via side information) whether they can support grouping and hash formats, and the host could act accordingly.  Second, it is not clear whether the use of these options by a well-behaved host would make these devices more prone to attacks, or whether it is rather the use of these options by other malicious hosts that is the real problem.  It seems to me that it may be better to defer this issue to a future HIP-aware middlebox draft, where it could be specified, for instance, how a middlebox that does not want to support these formats may signal to a host that it requires "full credentials" to proceed.  So, I would like to suggest for your consideration to remove this paragraph.

- Tom