Re: [lisp] Stephen Farrell's Discuss on draft-ietf-lisp-ddt-08: (with DISCUSS and COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 04 November 2016 16:27 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 569E41294EA; Fri, 4 Nov 2016 09:27:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.798
X-Spam-Level:
X-Spam-Status: No, score=-5.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NDPfGdzel3w8; Fri, 4 Nov 2016 09:27:03 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A6511295B1; Fri, 4 Nov 2016 09:27:03 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id B0093BE4C; Fri, 4 Nov 2016 16:27:01 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n6m67D0WooVt; Fri, 4 Nov 2016 16:27:01 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id D6CCCBE47; Fri, 4 Nov 2016 16:27:00 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1478276821; bh=vGsqd1PyvO66PZ7+w+5mA/JDGNUGV2A7qCFZwKzOuJY=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=n8rnwCgWjLY1XlIQnCDRdUxejonUYrhKNUYV3fKyMKu3IcWk87cFqm54zn3jpLr3F HStugz2Rw7j56VJPueqBMryoeP/9oEuFzVzu0BGNcAAxSR2AmCztsU6pg3YLhEIicH +kuUj/EVy5kiQ6ragWO7Smu2gOmd3cyrxWvoc5pc=
To: Anton Smirnov <asmirnov@cisco.com>, The IESG <iesg@ietf.org>
References: <147757226834.24715.16366455756541086706.idtracker@ietfa.amsl.com> <74bb00ca-b694-95ea-48a8-4241e3eb7e38@cisco.com> <14cddbee-ebf4-6eeb-e772-4ef6f550f28b@cs.tcd.ie> <29496480-ebe1-2c3d-4ba5-2f814774f5f1@cisco.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <70451832-0828-3108-9f9c-1c706eb1322d@cs.tcd.ie>
Date: Fri, 04 Nov 2016 16:27:00 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <29496480-ebe1-2c3d-4ba5-2f814774f5f1@cisco.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms060301050709040508030906"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/R4tHODCGtqNbIvNrwNvyHGabVXY>
Cc: lisp-chairs@ietf.org, draft-ietf-lisp-ddt@ietf.org, lisp@ietf.org
Subject: Re: [lisp] Stephen Farrell's Discuss on draft-ietf-lisp-ddt-08: (with DISCUSS and COMMENT)
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2016 16:27:05 -0000
Hiya, On 04/11/16 16:12, Anton Smirnov wrote: > Hi Stephen, > > will it be OK if we mark in the document security algorithm 1 as > reserved without even elaborating that it is/was RSA-SHA1 and the only > security algorithm specified in the RFC will be 2 == RSA-SHA256 ? > > This will ensure that whoever is using algorithm 1 will not run into > compatibility issues but RSA-SHA1 will be clearly non-RFC-compliant. How about defining alg=1 as rsa-sha1 and marking that as deprecated with alg=2 as rsa-sha256 as the MUST implement? (I don't care myself if you have an IANA registry for those yet or not, doing it in text is fine.) S > > Anton > > On Tuesday 01 November 2016 22:09, Stephen Farrell wrote: >> Hiya, >> >> On 01/11/16 18:51, Anton Smirnov wrote: >>> Hello Stephen, >>> >>> thanks for your comment. >>> >>> Existing DDT implementations are already using RSA-SHA1, so we cannot >>> simply replace it with RSA-SHA256. But we should be able to add the >>> latter as another signing algorithm. >> Really? The sha-1 weaknesses for use in signatures were >> found and documented in an RFC in 2005. [1] We published >> an RFC attempting to tidy up remaining loose ends related >> to sha1 for signatures in 2011. [2] Asking for rsa-sha1 now >> is really very far behind the state of the art. >> >> But are you talking implementations or deployments here? >> If mostly the former then I think you ought remove rsa-sha1 >> entirely and replace with rsa-sha256. That is a trivial >> code change and I can see no justification for not making >> that change. >> >> If you are talking about existing deployments please >> provide the argument as to why those are such that we >> should publish an RFC that calls for use of an obsolete >> signature algorithm 11 years after the initial crypto >> weaknesses were documented in the IETF. If there are good >> arguments for that a) I'll be surprised, and b) my plan >> would be to ask for advice from the security area - I >> don't think we've hit this case before where an experimental >> RFC wants to use such a thoroughly obsolete signature >> algorithm, one that would never be ok in a standards >> track RFC and one where it's really easy to do the right >> thing instead. >> >> Cheers, >> S. >> >> [1] https://tools.ietf.org/html/rfc4270 >> [2] https://tools.ietf.org/html/rfc6194 >> >> >>> Authors will take in your comments in the next revision of the >>> draft. >>> >>> Anton >>> >>> On Thursday 27 October 2016 14:44, Stephen Farrell wrote: >>>> Stephen Farrell has entered the following ballot position for >>>> draft-ietf-lisp-ddt-08: Discuss >>>> >>>> When responding, please keep the subject line intact and reply to all >>>> email addresses included in the To and CC lines. (Feel free to cut this >>>> introductory paragraph, however.) >>>> >>>> >>>> Please refer to >>>> https://www.ietf.org/iesg/statement/discuss-criteria.html >>>> for more information about IESG DISCUSS and COMMENT positions. >>>> >>>> >>>> The document, along with other ballot positions, can be found here: >>>> https://datatracker.ietf.org/doc/draft-ietf-lisp-ddt/ >>>> >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> DISCUSS: >>>> ---------------------------------------------------------------------- >>>> >>>> >>>> 6.4.1: RSA-SHA1 is not the right choice today, shouldn't >>>> this be RSA-SHA256? >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> COMMENT: >>>> ---------------------------------------------------------------------- >>>> >>>> >>>> - 6.4.1: Can you clarify what bits are signed? I'm not >>>> quite sure from the description given - you can have >>>> more than one signature but you say the the "entire >>>> record" is covered. >>>> >>>> - Section 8: Where's signature validation in the >>>> pseudo-code? >>>> >>>> >
- [lisp] Stephen Farrell's Discuss on draft-ietf-li… Stephen Farrell
- Re: [lisp] Stephen Farrell's Discuss on draft-iet… Anton Smirnov
- Re: [lisp] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [lisp] Stephen Farrell's Discuss on draft-iet… Anton Smirnov
- Re: [lisp] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [lisp] Stephen Farrell's Discuss on draft-iet… Anton Smirnov
- Re: [lisp] Stephen Farrell's Discuss on draft-iet… Anton Smirnov