Re: [Lake] đź”” WG last call for draft-ietf-lake-traces-04
John Mattsson <john.mattsson@ericsson.com> Mon, 12 June 2023 09:11 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F4B4C15256E for <lake@ietfa.amsl.com>; Mon, 12 Jun 2023 02:11:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lT4lgb7ie9oW for <lake@ietfa.amsl.com>; Mon, 12 Jun 2023 02:11:42 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on20606.outbound.protection.outlook.com [IPv6:2a01:111:f400:7d00::606]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 277EEC152565 for <lake@ietf.org>; Mon, 12 Jun 2023 02:11:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=C3sLpONVSd103OETtDh7jMUhI8T7fwaHL0d12+2mH/zDbct86RoOyatX5NW/DmOpFtngOa44YNP8DQPyOWWH6LCC9kVL5wPqo3G23bj910/HHDH7qzSy12RKarMq+CJ+op/ZtwiTRZdmdNxygIENCjeVvNEZlFnWZ3fm5J99ujoQf9LBjACwRsAI/M5EC1BHIQ4wuSsW0LYZMPvDNMOnmuBZ+1V0WESuU7rQOkvt6ZiGWRPVt0jNpZG4H/Q2+9VjFwX3Of5RjYjKpvjh1F+aTbyqM3W+rxsbH3jMtAvqlFtFTPZjFdzpwcSTQX1hUFDy5M/e9mbJeqdVIX7y4zo4NA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LDAy9W4LvqJ3DXGxPVaN6J7ZnKe2saR4gPrXffHGXJU=; b=NEhvTzJQ8y1ilxVyFd5sc+lIHwhKSiAqQ+5qN6oqB0FbKHsfcboFIW3piIj7LLZOsuYt/DL2mD3ir7J87598N7ujjM7lS39ft+PaZfOauPKx+E9ql/QT5scUwL8FERLZHlwQoLMr5cWt5bg24IwEHAaZ8N3fEbpZCtmyR1DFpXGEgN9Ea9nFGjEYwDdOxK8YuhJQCa5QXdyQkHSbOXobvViqo33qg2GWUmV3O9E/4JokQFe3LnvgnV5VQaL8BhGOfGqYv7P3p3s0nejcTpVM8mdhr4khFFSthIKY2jHYwcMc23jH7/MwF7IPlCuC5WcwEgwO3LJVLgbm8133QWUniw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LDAy9W4LvqJ3DXGxPVaN6J7ZnKe2saR4gPrXffHGXJU=; b=p89KV94fL4RxiftIOX2+snfAzjsc0aL9rN9B+ArTONOX/xd5eNe7biLYye6vuCehKdEMurDazc3fI/k00lgqsckYzrnDbuzoXlRUoUouE0icQb6h0/Wa0bp+le0+hB8+ifnnlaokLTs/jtniNNSrmtIMSNPSsj0NFFTd8TUPY8c=
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by AS8PR07MB8251.eurprd07.prod.outlook.com (2603:10a6:20b:37a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.33; Mon, 12 Jun 2023 09:11:34 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::47af:87d7:c8ce:1957]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::47af:87d7:c8ce:1957%7]) with mapi id 15.20.6477.028; Mon, 12 Jun 2023 09:11:34 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] đź”” WG last call for draft-ietf-lake-traces-04
Thread-Index: AQHZedUP6ZhpNCYTXUevcofi9A4ow69AxV4AgAAEXYCAAAZMAIAAjYiAgEXHBKs=
Date: Mon, 12 Jun 2023 09:11:33 +0000
Message-ID: <GVXPR07MB9678C6C2D2571BC4599DB4548954A@GVXPR07MB9678.eurprd07.prod.outlook.com>
References: <7D008A58-7B82-4089-A70C-74AEA05654A3@inria.fr> <f706e3ff-f316-164e-161a-66fe55576b8b@cs.tcd.ie> <PAXPR07MB8844F85FEDC6C31166EF67F5F46B9@PAXPR07MB8844.eurprd07.prod.outlook.com> <2ada442a-74cb-0013-2b2b-005c64591c64@cs.tcd.ie> <PAXPR07MB88445D79C404B9A6E919DFCDF46B9@PAXPR07MB8844.eurprd07.prod.outlook.com> <5a0d8275-c250-8bce-eef0-1de5205b65eb@cs.tcd.ie>
In-Reply-To: <5a0d8275-c250-8bce-eef0-1de5205b65eb@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|AS8PR07MB8251:EE_
x-ms-office365-filtering-correlation-id: a7587ce5-5d72-489c-b0a6-08db6b2504be
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yDD92fSe8seR3qgzJIQyQkfv7e/i2tibcl0fj+A1ORnleSurcKjL8eMOEWFigieO/dkRw5OzmVplpIpCFOo9wv93faC2yYd8/nbgNu0l7/j6Kn3NpbFmUKBFz0NZ4bKQfOFc4I6EzjRb0nxRWMVTDeGcpBRRH7pMCVNEXgCjoEM+EJjnACGXdF3/DSsBIWOr7UrJPmvuzgqNTXtpDVvtd+bzXBLtlr87Dwdyp160cJ6zYX78JwVx7HFUtw4fqGn3QdQjneJRH8H21vC4HUcm44H/XhePwmZVD6WRs32j7QOcCLAOq3pZByawmjnW1BeUdPDqKE+usG4oVAgE47+YRz4G1RhCSgdTvN0Ht4GzXm1841xnViypgFSfsPT7WGqsW6MwkTkuzjnEhrtCOboRYCMA+8eVj2SDhNtlJpIXpJS4jT+xH9sw5+jLPKDDA5jcN7cDu3O9JH0MlgbalE4wybBfjPTWD5g2peHPwrjjVcZnMzKyhD9IsH38gkI6nK1WTebbMNHuE6uwedICFGc38LCa+SWpR9iqWnLUD6A1nloo82Z7erug6Y/yksbj1a7LKCDcDnEu9tigkhjcKDMOF1VlAsW/0G3BRHnrvyAATtMP5bS2d+FwzyLf5U8Ls7EyYYZzO97gkk2mo/mSSYcq6A8GdDeHNu58Vr6X0DYS4OFFMVuIKlvFgnMo2yWCpvpV
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVXPR07MB9678.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(136003)(396003)(376002)(346002)(366004)(39860400002)(451199021)(76116006)(66446008)(66476007)(8936002)(66946007)(64756008)(66556008)(296002)(55016003)(110136005)(316002)(2906002)(41300700001)(478600001)(5660300002)(52536014)(44832011)(71200400001)(7696005)(966005)(9686003)(6506007)(53546011)(26005)(33656002)(186003)(66574015)(83380400001)(86362001)(166002)(82960400001)(122000001)(38070700005)(38100700002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: aP+/N+igezt62FHxobv/cGYZkME3/3tD5fEUbPIKEzcjzc0tGMkTAxS2zsXbKDQrWLu/k+nBaOCTYUlI6sjLyr459BDOzCzUCFH7PLumpGroCxQEhWIF07T9i3KB2BkLHeXsr29N18IO8Tpika76K6d6/t/RimJGR9L1+49xekqDUZxF1eYjC5YmQc5Tu7O42kH+PVL69PTH5lpBONE4bYcB/pqn1beIg+FwVN3afzD6bm3CubYvFX1AcM7bVfOuSYj/dFRk+xYkssGjTTiUJUPYU3MQUa7xOnf3O+mifUdoePigD99syoIdYYU4gyZBD0mTJbdVDmYj8ma7UKrG9JAw3UtszgWbO2MMYZCVTAOT+2ztP0FqOJ5Q998+P7/yJkXjBM6vxkJSB9DJQgcwI3Sci/PV9XKnbg4PEx/mPwPtDpG1fU8UH43z/+EG4zci/GGsmwF1KgZmAWOpkeFoma4hQ54Kd8am7KB+yuiIzt2bnaQ4I9+4UaLWaYW9Bkiby7oSdy6BVLiXIsM0sR8GA7aQJi4ZdebpL5/MpGhPt5fB6uCxKGJoGW+mpAmiNtERhm8fDmeUurhT5+yy3LKemTnwGgPBJe4Wq0EiQ1ev+NdMWX1p8lZRzFt1oNnjX73pIVrYmL98t9QMyrBQlIboRDDA2XnFl80GLiSrsVk0rCapiteaaR7yqHkcPSaJVOkrcv4T0Jo0HVNHGz4bPmEIQmpnEEbLiexz50UK9E3fmMcfeVDQK0iuI9XSVONWFChfszSqhyBVhku6tTMx0u6HWeIa4J8s7bq6wP6FB55NhThlbol83tKBZ+MEto1o4pC32L+hg8AGa0f1PS37YRJMBIb+dIoNSUDD35AJXXRRY9hz7WMEivvZ0NiOeMfjsW6ElDuBUvPd4FIJIj19n3xknf7zMfeVdYNxqACeB1z4CSocVK3HGFrsjoCaLjvvrv5MUa492QL8EIMVrgJaYspmj4tLkaf+Ngr8WrLO0OQAmdSqitAM/sF/tJUTqLevgi+QQj/KpSxHrQ/RPm1efqiBBQu44QM0cATNggF3Auhb4/hu8PSQUiWtazt2nXDgg5rIKdKQm6nu85pAVdGWIXQA8gXhwENUCQ+JB/EdSfCqwjKLxJUVcq8Z8KNloKrIXLg5z4kShQ5IiL8bVw+ABJBDMkTcGjtUiC7lYIM9oAMv12JT21Kn1FOXohhvkBRqjFjK7Zb5HYQqQa3hZuMoN9N0jlUzAgCYciaSAPYvmNHLD30jm6GR1RVEYXPiiov295ZvJ3R4t6CyiksRw+EL0cD7SX6NZWGKEN9auhuvaRz004cbq/s2McpJDyMlhuY5Fjjf+X72eeh+Rqmu6I13SQZ/7Z1WWICvPzOIZ8KpPtw6JvG4LnJqlEgsIrizjd2E4eUkpSih1KWz1P7NUaKLU/dPhauGtpXYXhSuCdMGRo5MjOHVFP8lk1DfNuBa6ntdn33ACwG3Hjsi6/wIke2+Ky2tZbj0JLOlXczhNKD4vxGB7f00DsyIGlBt8qJJ6Dxr1Beic68q7lpoWWPrs1EYJMKrk8eK6WJaFPEteWyUSTcM76UIjmuXb7NTQYIGrklayd875fSNHHDSU69r+6rx0+3a/Q==
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB9678C6C2D2571BC4599DB4548954AGVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a7587ce5-5d72-489c-b0a6-08db6b2504be
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jun 2023 09:11:34.0214 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: rJJod0d1ssPF3sjbQYE4kCinUC3xvntfzgtWjO5Y4taeGbF4k0nBcWL+gYWELU9R0w7zfR6RQHa4lVgQ6YYRPdxyBTTvuFGi9colFaNNlFk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR07MB8251
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/zEY0yIuFfYR0rSwg4o-jmbRUZtk>
Subject: Re: [Lake] đź”” WG last call for draft-ietf-lake-traces-04
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jun 2023 09:11:47 -0000
Hi Stephen, I fixed the problem with the missing notBefore https://github.com/lake-wg/edhoc/commit/3aece25c3bf201a6ba844ec3acf7500804fb53b2 Regarding basic constraints, I don’t think this is a big problem for the end-entity certificates, but it is a problem for the “common root certificate”. RFC 5280 states: “If the basic constraints extension is not present in a version 3 certificate, or the extension is present but the cA boolean is not asserted, then the certified public key MUST NOT be used to verify certificate signatures.” This need to be fixed. I will add basic constraints for the “common root certificate”. The traces will not be affected. After that I think traces is ready for IETF last call. Cheers, John From: Lake <lake-bounces@ietf.org> on behalf of Stephen Farrell <stephen.farrell@cs.tcd.ie> Date: Saturday, 29 April 2023 at 01:25 To: Göran Selander <goran.selander@ericsson.com>, Mališa Vučinić <malisa.vucinic@inria.fr>, lake@ietf.org <lake@ietf.org> Subject: Re: [Lake] 🔔 WG last call for draft-ietf-lake-traces-04 Hiya, On 28/04/2023 15:58, Göran Selander wrote: > Version -05 is out. I also removed an editor’s note and information > about where to find test vectors which was not up-to-date. That looks good to me. One nit though, the certificate in 3.8.1 [1] is missing it's notBefore value. I assume fixing that doesn't require new traces though, so just do that at your leisure. I also see that the sample certificates don't contain any extensions. It's normal to include basic constraints so if for some reason you do need to regenerate traces, I wonder if adding those would an idea. (But don't regenerate the traces just for that.) Cheers, S. [1] https://datatracker.ietf.org/doc/html/draft-ietf-lake-traces-05#name-certificates
- [Lake] 🔔 WG last call for draft-ietf-lake-traces-… Mališa Vučinić
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Marco Tiloca
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Mališa Vučinić
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Marco Tiloca
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Stephen Farrell
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Göran Selander
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Stephen Farrell
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Göran Selander
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… Stephen Farrell
- [Lake] IPR check for draft-ietf-lake-traces Stephen Farrell
- Re: [Lake] IPR check for draft-ietf-lake-traces Marco Tiloca
- Re: [Lake] IPR check for draft-ietf-lake-traces John Mattsson
- Re: [Lake] IPR check for draft-ietf-lake-traces Göran Selander
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… John Mattsson
- Re: [Lake] 🔔 WG last call for draft-ietf-lake-tra… John Mattsson