Re: [Last-Call] [EXTERNAL] Secdir last call review of draft-ietf-lamps-ocsp-nonce-update-04
Joseph Salowey <joe@salowey.net> Tue, 09 April 2024 14:13 UTC
Return-Path: <joe@salowey.net>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47DE6C1522B9 for <last-call@ietfa.amsl.com>; Tue, 9 Apr 2024 07:13:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ncfa48fGh4bb for <last-call@ietfa.amsl.com>; Tue, 9 Apr 2024 07:13:29 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BCE4C14F68D for <last-call@ietf.org>; Tue, 9 Apr 2024 07:13:29 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id 38308e7fff4ca-2d6c9678cbdso73690221fa.2 for <last-call@ietf.org>; Tue, 09 Apr 2024 07:13:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20230601.gappssmtp.com; s=20230601; t=1712672007; x=1713276807; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=G4q8hgmknChg6i81gE34xnWA4u6u/XILmGLWduQ41FY=; b=qERkO+aeNoV9PrSlS0ImyZnlJCQULNJrSR56DBfj3O1LjbDZNuwuwO6b/zN4X1Omnt ivJN8syB6gBJmsiEmxYci4tRsWB1bSfFwnYu8YRw6sK3HAyWX3exrdTbYPPleZ5CMTmF GbgGTAxxW8BInX1aeVeJM6D/OD4gpor69UMXO9J6/O1zGJ8/0o7U+HlsRddkKlAtUhuC yPi6EfSCKJlbV3LIEIyee1I9vU61upfFsZcu8nlapNZQVbxidZYUoyDMJ9LnmqtwMMHl 0pTk/pw1OF/CGLk0HX+9rWq08TSVRSCiSkhgWRJLLWgoPEmbiAvQuJ3K/lxP9e3k5HdA Y9uw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712672007; x=1713276807; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=G4q8hgmknChg6i81gE34xnWA4u6u/XILmGLWduQ41FY=; b=BAXrdSt6YkmGHJfXIniKpitjbC/Vq1xKfBEUreVI8Yz7h3uUCmGVa72AQklnVLxwfH pAM6EDdtFCIQKdIhXOJJ5HNsqBxe8ITYLWNDJseS2LWGfIzzAoTE0rtsEldqxSbWh22I EmBbQDFC13bDnN8sNQOS3gd7s6q0cM+9RbIFb+7ZNs2jpyF98ln401VBHJ91webi+7/v LjhMOXfvq5mpy//shLQZM6RQOT2R8YkYZ/xTnHFX4rLxL+TMeisRjLkqzJ9WrWG1RWwQ JAo8S08JRBiVCTLey8mXe2PJo/Di6sMuctjqFpxGLxvz9ScklQ31eFOMixY5++D8ElMe aTmQ==
X-Forwarded-Encrypted: i=1; AJvYcCVOHRICdBYyB3ue9CjaIVpC6Uq1JZH7yXeln8DDFo1V+im0lsncNURF0girwCu0tFViAkbcV+eFvZQB1NY0okT5yag=
X-Gm-Message-State: AOJu0YzudYJryyRKsfBoRxITGVc0eNa4yXnWKYvPRnKTRtEfV14rv1Da DsPZaq5S0acKkTDtmZNm9JcL8WIU3gaaG9nEIccLx6uRy3a0qPIVEm6jd+yrRkYd6h1aRwsR1KR r8LYDSVdBiyxE/DhcXdfc8b/oiEUSV0ViGCamQimB799dwoAY
X-Google-Smtp-Source: AGHT+IFGlNX9yZFnwvZ2EbLW/KN+lbEu58VdkhqW3HuOPpdY8p6GH6g9BUIcX6WmbaJEif2xxDM+QHQf3vUWJGok4xc=
X-Received: by 2002:a2e:a417:0:b0:2d6:f16a:857f with SMTP id p23-20020a2ea417000000b002d6f16a857fmr6683787ljn.0.1712672007239; Tue, 09 Apr 2024 07:13:27 -0700 (PDT)
MIME-Version: 1.0
References: <171191291059.15585.6093566049458714751@ietfa.amsl.com> <CAL9pJ7m=FWWwmXt0qBE_EAYtj19HRBDpnUdgq1rvOBpw37xJeg@mail.gmail.com> <CAL9pJ7kQJ9_7tgV_qArWLBMGSfd_2dgs6dGEQ4Ex4UHKZV8+uQ@mail.gmail.com>
In-Reply-To: <CAL9pJ7kQJ9_7tgV_qArWLBMGSfd_2dgs6dGEQ4Ex4UHKZV8+uQ@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
Date: Tue, 09 Apr 2024 07:13:15 -0700
Message-ID: <CAOgPGoCgykqi8gFmcoyB1fOFW5ZNSuKbVmCO77Z5SZus8=t-8Q@mail.gmail.com>
To: Himanshu Sharma <himanshu@netskope.com>
Cc: secdir@ietf.org, draft-ietf-lamps-ocsp-nonce-update.all@ietf.org, last-call@ietf.org, spasm@ietf.org
Content-Type: multipart/alternative; boundary="0000000000009bd7800615aa86ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/tiCttVJTTNd3ijp8pqdtQqu0P3c>
Subject: Re: [Last-Call] [EXTERNAL] Secdir last call review of draft-ietf-lamps-ocsp-nonce-update-04
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2024 14:13:33 -0000
Hi Himanshu, Thank you for the excellent summary below and for addressing my questions and concerns. The updated draft resolves my outstanding issues and I think it is ready to go. Cheers, Joe On Mon, Apr 8, 2024 at 10:24 PM Himanshu Sharma <himanshu@netskope.com> wrote: > Hi Joseph > In case the updated I-D was missed, I am trying to put the email on > top. > Here I am summarizing our off-line discussion so that everyone in the > group will be on the same page. > > [Joe] So 32 bytes will hopefully help interoperability. > [HS] Yes, I mentioned and explained the decision and discussion related to > RFC8954 and keeping the same Nonce length recommendation (32 bytes) for > interoperability purposes. I believe that the concern related to length of > 32 bytes has been addressed. > > [Joe] I think it is better to have a MUST. It should result in better > interoperability. (referring the section 2.1 para 2) > [HS] I have updated I-D to version 05 to include the "MUST" inplace of > "SHOULD" As per your feedback and discussion. > Now I-D 05 mentions > "An OCSP client that implements this document MUST use a minimum > length of 32 octets for Nonce octets in the Nonce extension. " > > > [Joe] With current deployed behavior servers can choose not to support the > nonce extension and ignore it. For servers that do support the nonce > extension would it be acceptable to say that they have to respond to the > nonce extension if it is between 16 and 128 bytes? Or are there servers > that will just ignore nonces greater that 32 bytes (instead of sending an > error). > [HS] With this Draft we are making sure that the server that supports > Nonce, MUST support the nonce between 16-32 and may choose to ignore the > nonce between 1-to-16 and 33-to-128 bytes. > > > [Joe] What do clients typically do if they do not get a nonce in response, > do they reject the response?" > [HS] Most of the clients just log a warning message and accept > the response. As few public responders do not support nonce for performance > reasons. > > > I believe the I-D 05 version ( > https://datatracker.ietf.org/doc/draft-ietf-lamps-ocsp-nonce-update/05/) > addresses your concerns. Please let me know if there is any outstanding > concern that I can answer. > > -Himanshu > > > On Thu, Apr 4, 2024 at 11:58 AM Himanshu Sharma <himanshu@netskope.com> > wrote: > >> Hi Joseph, >> As discussed offline, explained and agreed upon the reason for choosing >> the 32 bytes primarily for backward compatibility, and explained about the >> behavior of ocsp client in case of response that doesn't contain nonce from >> responder. >> I have updated the ID ( >> https://datatracker.ietf.org/doc/draft-ietf-lamps-ocsp-nonce-update/05/) >> according to your and other reviewr's suggestions. >> Russ helped in verification of ASN.1 modules and it compiles fine. >> >> I believe it satisfies all the outstanding questions. >> Please let me know if there are still any outstanding questions that I >> can answer in order to get the approval. >> >> Thanks >> Himanshu >> >> >> >> >> On Sun, Mar 31, 2024 at 12:21 PM Joseph Salowey via Datatracker < >> noreply@ietf.org> wrote: >> >>> Reviewer: Joseph Salowey >>> Review result: Has Issues >>> >>> I have reviewed this document as part of the security directorate's >>> ongoing effort to review all IETF documents being processed by the >>> IESG. These comments were written primarily for the benefit of the >>> security area directors. Document editors and WG chairs should treat >>> these comments just like any other last call comments. >>> >>> The summary of the review is has issues. I'm probably just missing some >>> history/context, here are the items that stood out. >>> >>> 1. The document states "An OCSP client that implements this document >>> SHOULD use >>> a minimum length of 32 octets for Nonce octets in the Nonce extension." >>> How >>> was the minimum of 32 bytes chosen? This seems like it might be longer >>> than >>> necessary. Is there a security reason for this or a different reason? >>> Later in >>> the document it states receiver MUST accept at least 16 octets. >>> >>> 2. In addition, the SHOULD should say when it is acceptable not to >>> follow it. >>> When is it OK for an implementation to send less than 32 bytes? For >>> example, >>> you could rephrase this as "clients MUST use a minimum length of 32 >>> octets >>> unless they are configured to interoperate with a OCSP responder that >>> requires >>> a shorter nonce length or ... ". Also if a client uses more than 32 >>> bytes >>> their request may be ignored. >>> >>> 3. An 8954 server will respond to greater than 32 octet nonce with a >>> malformedRequest. The client can report this and indicate that perhaps >>> it needs >>> to be configured to talk to an 8954 server. The text goes further to say >>> that >>> the server MAY ignore nonces greater than 32 and less than 16 octets. >>> Does this >>> mean that the response does not contain the nonce? What should the >>> client do in >>> this case? Why even allow responders to ignore a nonce that is greater >>> than 32 >>> octets? >>> >>> 4. I took a look at the ASN.1, it looks OK to me, but I'm a bit rusty. I >>> assume >>> that it was reviewed by the working group, it not then someone with more >>> recent >>> ASN.1 experience should look at it. >>> >>> >>>
- [Last-Call] Secdir last call review of draft-ietf… Joseph Salowey via Datatracker
- Re: [Last-Call] [EXTERNAL] Secdir last call revie… Himanshu Sharma
- Re: [Last-Call] [EXTERNAL] Secdir last call revie… Himanshu Sharma
- Re: [Last-Call] [EXTERNAL] Secdir last call revie… Joseph Salowey