Re: [kitten] resend: [OPS-DIR] Opsdir last call review of draft-ietf-kitten-pkinit-alg-agility-04
Benjamin Kaduk <kaduk@mit.edu> Fri, 22 February 2019 14:28 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 381A3130FD1; Fri, 22 Feb 2019 06:28:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ktgnNrra0RBH; Fri, 22 Feb 2019 06:28:52 -0800 (PST)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-eopbgr790133.outbound.protection.outlook.com [40.107.79.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90771130EF2; Fri, 22 Feb 2019 06:28:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Del22jvC5tYvpAW5IcYTNjb6RvCaj+QBxKbfLsWzpeE=; b=T7Eqcj1KYCu6CcSdaCyOaTGormd95N+aAAJLT540g2AtgJpSB0PQRVKdMFx3snbNG4W4OFHn52Qjphp7qS87VrpHnZ6aBqB+7+TpU1X0gwD/ZCpysH6D3BOYDHioG9p34YYyfpRrs8OdI+cqvC8rM+jmeiPQosWk0fmDVWLF7M8=
Received: from DM5PR0102CA0011.prod.exchangelabs.com (2603:10b6:4:9c::24) by BN6PR01MB3284.prod.exchangelabs.com (2603:10b6:404:d9::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.18; Fri, 22 Feb 2019 14:28:46 +0000
Received: from BY2NAM03FT012.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::206) by DM5PR0102CA0011.outlook.office365.com (2603:10b6:4:9c::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1643.14 via Frontend Transport; Fri, 22 Feb 2019 14:28:46 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by BY2NAM03FT012.mail.protection.outlook.com (10.152.84.235) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1643.13 via Frontend Transport; Fri, 22 Feb 2019 14:28:45 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x1MESgC3021200 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 22 Feb 2019 09:28:44 -0500
Date: Fri, 22 Feb 2019 08:28:42 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Scott Bradner <sobradner@gmail.com>
CC: draft-ietf-kitten-pkinit-alg-agility.all@ietf.org, kitten@ietf.org
Message-ID: <20190222142841.GW69562@kduck.mit.edu>
References: <155043488911.4083.7977373920397028733@ietfa.amsl.com> <9146506F-8096-4C6B-BBA6-491E0A55EC0F@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <9146506F-8096-4C6B-BBA6-491E0A55EC0F@gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(346002)(39860400002)(136003)(376002)(2980300002)(189003)(199004)(186003)(1076003)(104016004)(316002)(786003)(36906005)(16586007)(55016002)(6306002)(46406003)(336012)(6246003)(54906003)(58126008)(5660300002)(50466002)(7696005)(26005)(47776003)(8676002)(14444005)(6916009)(76176011)(246002)(106466001)(88552002)(106002)(2906002)(53416004)(4326008)(86362001)(446003)(956004)(1411001)(476003)(126002)(11346002)(229853002)(97756001)(478600001)(75432002)(486006)(966005)(33656002)(305945005)(26826003)(23726003)(8936002)(426003)(356004)(18370500001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR01MB3284; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3ec64317-f7fe-46ec-eb43-08d698d20dc3
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605104)(4608103)(4709054)(2017052603328)(7153060); SRVR:BN6PR01MB3284;
X-MS-TrafficTypeDiagnostic: BN6PR01MB3284:
X-MS-Exchange-PUrlCount: 1
X-Microsoft-Exchange-Diagnostics: 1; BN6PR01MB3284; 20:v7dLj6ExVc8AVpBDMXGadMfzNF29Cvsa5T3j9y5WSeMSPwlXDwW5ZSUgIi6VGXQjleAC+FCdVWDxfITKYrxAbpI57S5oVRB3bmWNnt3b57L1ejbG3jidWo1/hw9Vu1b/7eEMycObhYxhaPPqAtyXYvy353gpXWD4YXX0WIFRZvpJbeB0i/ZX0z5qXfErBQYPF+k2kJZszf3w5G3UaW9M6LsZQZOF3Xa/nX4IvZp+Kfi/Y7wBHaSGJFP16ace8WzhMnJDvasiWgYZerwBdKQ8L7UU77vFe5KUw6IL7ATSEIrwdGbszhS4hU3dGNRvMCjZPtKJkIJcDycDqF9pKyOARxyrhpwsMfbwwqkPsAtSb8OSsf5haFX46wWVdS8ljzBhdEzi9M+LtIognhpNVV2LXt9t60vg44UgQUAPe6iToBAsvpxTmHGEqKFtu/M1r6qIQsjH+5DxUSt+GvCPokrw1ji7NgsbOefRZkV+MbRmXd0njXKvswIQ38B23uMj9cvK8YVLjqS+M3WclTLucA7307Dy5tGkVqpTrdE8wYP74WQinTKBP6JeGc7cdk04uLOQ6Elq/Th5NLBzUWpWLCE8dLQvi+LbWnsoJdSj/7+CcAQ=
X-Microsoft-Antispam-PRVS: <BN6PR01MB3284826F031357373EDCB692A07F0@BN6PR01MB3284.prod.exchangelabs.com>
X-Forefront-PRVS: 09565527D6
X-Microsoft-Exchange-Diagnostics: 1; BN6PR01MB3284; 23:+pU+OIaIFsi3/wKBUe0mQchI75IEOPf/aG1L0lH2WYb0ta++avlC3TndNIs85AFSYvV9cblvQ2Es7jofH7Nlm14jQb1npNo18zgPPAWx0qYM5+nYKHBsvMOEiTC8xIdn3hzxoOpQVFZkGLrEUEvubQHunLZqIffGcTflAGnEpq1w9jCeWs9VlOHrkvGPbQFU1xkDhDMA/Ek2L+vUzjm0zYbWfB5NPfd/kqk3SUq6T2pcZw8V19Gg/s9YjrtRbII4hDoXH6jV06lkrIZEgIGfyrEImVwjD0uh2s0rRmopBisEzw/4t+WKv6A5RcXff4LDsOulPD6Azc4C4WHAXjsl6e9xpbgLxeKLhoGD7xv7bFK0exySWDQtF16uLrPz53ufNTQmtn3pPqkuMigYiESsLSmKQ6qjvbtABBHvX78+5uZsOn5U7vnw09RU5EbvjTckHCUVXbWcci4o/DNkeGB1gEbGdfXoy2A6MDMB/y0fEU6RHYfV01WNn9OXaWQSYOkplmeLVyaT2hv9yuRW0sFnQqFBRVV9gXkRZkBXhHViZhSvHd6er64Dc0b8H4v0OobDJWNJ2/D5/V+GdfL4swLVQSInBhI9f2btlcheSbbWIvrJtLDaEuliB6ZyuMYY0C3p1IfoCVW7OF6ZcAI9YWVcY0wdpX9mGMmSohZ0reP5NPwZgQr7aLIZtEVPKTEdNQh2WKXDar0dHrPQsExlQeIA4m2z72K21XVGj/pVG5jICxHo69u81gRDNI0jPZkQiGFAeEGBWKqSkecOsrIIHgVukG9ln0EwYYTIq5Rl9WxCmjzISbes41HPxIEm1lbyU+D/ZzZzBgNU/unudUbvCNR0xHwJPcA/hstc1m2P86Tvlis148Xym9MSrMJq0i6nuyVqqdJYaSTnTqIFkm4HsqKpCuFZxlps6fsJfQRcHavHLMC2nGvT9+kn4KnreO67iHxB+4QB/XxpBx+VAHbyla+PVOie384rUx5MkX/6E6z2np02jlD0Lc7hdYBk5DpxAix7I128j31tCR9LiYT8zy+89/nD9a1M3zkPh6K6jwStGh2dhqV3IhbhstBpG8xEb8ilFqLoiPQGsFeWwcOLqLJaVqY2j1uITHk4ipU/Wt0qQ/nXBvcNxvZB8InWRbkBXbyd2Ss9TlyuhrZKrNCURYcYRbczjfo68A+6U57SNR8GlEmsArLW+FsJwSIg7ooLSGlH5wdCfpOxPiWUu2YbEsy9znt4gS6ABg93Zuy9+/vx4Cv+UPw+Yp4r1qWvQI2JlCs0
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: qirsaaB+JL+8JcKJKQ4pUpdb40MB32tU2CHuk0dy2Z06J1nNNtfpWl8NSeWETpXp8CUsgce4vyhujmbAbSLKWH4pd/9zDALOZHtnhAZrsFtltQ5KnZ1fslrZ9RTuHu3ryLfAFdGQ3jhGz/TCtY2l0tAqoSvtpKKfPmOSO7ODZ6dp0ZeiXwEtR5JE9eR34VYMYs/rAvEPdH5k50dmQKum73X/1tbDFBqYcj+J/gPUsBvBuclkyOywyUmh6feyc+SfSJAvo4VrkIApwSOwYdNjwkEbx0NwdTRvG3NBHP56V7/g2C2LrVc8pN7tll75QuRYyfbFF3U99LI4BntmB81Vl8f9K7nk6mTwzk3RrH/p8nTTX0o7In5mqR/IMS/27x2S53Nf83F5FIwOiOthBbdONBwMMz2F1WQQcxguo9pQ3eE=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Feb 2019 14:28:45.7969 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 3ec64317-f7fe-46ec-eb43-08d698d20dc3
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR01MB3284
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/K8lXa-zXRGH9s5E1OFsoEhV58Sk>
Subject: Re: [kitten] resend: [OPS-DIR] Opsdir last call review of draft-ietf-kitten-pkinit-alg-agility-04
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 14:28:59 -0000
Hi Scott, I think the original at least partially worked, as the authors/shepherd have told me they plan to update the document accordingly. Thank you for the review! -Ben On Fri, Feb 22, 2019 at 09:26:11AM -0500, Scott Bradner wrote: > I am resending this because the review tool seems to have failed to properly distribute it > > Scott > > > Begin forwarded message: > > > > From: Scott Bradner <sob@sobco.com> > > Subject: [OPS-DIR] Opsdir last call review of draft-ietf-kitten-pkinit-alg-agility-04 > > Date: February 17, 2019 at 3:21:29 PM EST > > To: <ops-dir@ietf.org> > > Cc: kitten@ietf.org, ietf@ietf.org, draft-ietf-kitten-pkinit-alg-agility.all@ietf.org > > > > Reviewer: Scott Bradner > > Review result: Has Nits > > > > This is an OPS-DIR review of PKINIT Algorithm Agility > > (draft-ietf-kitten-pkinit-alg-agility). This ID updates PKINIT following the > > guidelines in BCP 201 to make it algorithm agile and to expose acceptable > > algorithms. > > > > This is a very well written clear document. I do not find any operational > > issues with the document except that the document could use a section on > > interoperability (old server-new client, new server-old client). > > > > There are a few words about the topic deep in section 6 about the supportedKDFs > > field but I do not see a general discussion or a discussion about the kdf > > field. The text about the supportedKDFs field could be moved to a new section > > and each of the old/new combinations could be addressed. I see this as an > > operational issue because compatibility issues are a frequent source of > > operational headaches. > > > > > > _______________________________________________ > > OPS-DIR mailing list > > OPS-DIR@ietf.org > > https://www.ietf.org/mailman/listinfo/ops-dir >
- [kitten] Opsdir last call review of draft-ietf-ki… Scott Bradner
- [kitten] resend: [OPS-DIR] Opsdir last call revie… Scott Bradner
- Re: [kitten] resend: [OPS-DIR] Opsdir last call r… Benjamin Kaduk
- Re: [kitten] Opsdir last call review of draft-iet… Benjamin Kaduk
- Re: [kitten] Opsdir last call review of draft-iet… Scott Bradner