[ippm] Orie Steele's Discuss on draft-ietf-ippm-encrypted-pdmv2-09: (with DISCUSS)
Orie Steele via Datatracker <noreply@ietf.org> Wed, 23 October 2024 21:33 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ippm@ietf.org
Delivered-To: ippm@ietfa.amsl.com
Received: from [10.244.8.251] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id CE639C19ECBE; Wed, 23 Oct 2024 14:33:18 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Orie Steele via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.25.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172971919850.2450321.16964447304358536444@dt-datatracker-78dc5ccf94-w8wgc>
Date: Wed, 23 Oct 2024 14:33:18 -0700
Message-ID-Hash: N5FEVG4MRD3KYKHV335ZAVWJTZNGVHQR
X-Message-ID-Hash: N5FEVG4MRD3KYKHV335ZAVWJTZNGVHQR
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ippm.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-ippm-encrypted-pdmv2@ietf.org, ippm-chairs@ietf.org, ippm@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Orie Steele <orie@transmute.industries>
Subject: [ippm] Orie Steele's Discuss on draft-ietf-ippm-encrypted-pdmv2-09: (with DISCUSS)
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/YFmKAUfGyU91aHEeXu2sgv4c1V0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Owner: <mailto:ippm-owner@ietf.org>
List-Post: <mailto:ippm@ietf.org>
List-Subscribe: <mailto:ippm-join@ietf.org>
List-Unsubscribe: <mailto:ippm-leave@ietf.org>
Orie Steele has entered the following ballot position for draft-ietf-ippm-encrypted-pdmv2-09: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ippm-encrypted-pdmv2/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thanks to Marc Blanchet for the ARTART review. I agree with his comments. I think the appendix section A.2 should probably be removed. If it is necessary to specify the details of HPKE more concretely, that should be done in the body of the document. I also agree with Roman's DISCUSS on mandatory to implement algorithms and HPKE. ### Discuss HPKE has a PSK Mode (and AuthKEM Mode), but this document does not mention which modes of HPKE are supported. It was not obvious to me how the salt and nonce values are used. Typically HPKE supports auxiliary application information using info and aad: https://datatracker.ietf.org/doc/html/rfc9180#name-auxiliary-authenticated-app I see this sentence: Encrypted PDMv2 has most of the metadata fields encrypted except for PSNTP which is also used as a nonce in HPKE AEAD. I would suggest explaining exactly what you are setting the value of "info" and "aad" too, and perhaps include some test vectors.
- [ippm] Orie Steele's Discuss on draft-ietf-ippm-e… Orie Steele via Datatracker
- [ippm] Re: Orie Steele's Discuss on draft-ietf-ip… nalini.elkins@insidethestack.com