[ippm] Secdir early review of draft-ietf-ippm-encrypted-pdmv2-01

Adam Montville via Datatracker <noreply@ietf.org> Tue, 28 June 2022 21:07 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: ippm@ietf.org
Delivered-To: ippm@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CD68EC157B56; Tue, 28 Jun 2022 14:07:47 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Adam Montville via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-ippm-encrypted-pdmv2.all@ietf.org, ippm@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 8.5.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <165645046783.27142.13270958883597547653@ietfa.amsl.com>
Reply-To: Adam Montville <adam.montville.sdo@gmail.com>
Date: Tue, 28 Jun 2022 14:07:47 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/cMDQL2yunDyhHBuJ76B07Qr-OLA>
Subject: [ippm] Secdir early review of draft-ietf-ippm-encrypted-pdmv2-01
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.39
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2022 21:07:47 -0000

Reviewer: Adam Montville
Review result: Not Ready

I apologize for missing the deadline for this early review.

I'm saying the draft is not yet ready primarily because it's early, and there
is a "TBD" in "5.3 Security Goals for Authentication". That said, I'm not sure
there's much to add here beyond the communicating parties being mutually

The security considerations section addresses authentication by stating, "the
Authentication and Authorization of Clients and Servers is thus delegated to
the respective Organizations." I would add that the selected encryption scheme
(HPKE incorporating KEM, KDF, and AEAD) should cover this requirement.

I'll also mention that authentication is mentioned in 5.3 but seemingly ignored
in the list of things PDMv3 DOH needs to consider (see the middle of page 12).

Otherwise, the security considerations section covers the relevant threat
scenarios reasonably well, and the document seems to provide a methodology to
provide delegated trust, as claimed.