Re: [manet] Ready for WGLC: Advancing draft-ietf-manet-ibs

"Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com> Tue, 29 July 2014 15:18 UTC

Return-Path: <chris.dearlove@baesystems.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D7391B2970 for <manet@ietfa.amsl.com>; Tue, 29 Jul 2014 08:18:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.102
X-Spam-Level:
X-Spam-Status: No, score=-4.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RDNS_NONE=0.793] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rAKjQkYCIiI6 for <manet@ietfa.amsl.com>; Tue, 29 Jul 2014 08:18:03 -0700 (PDT)
Received: from ukmta1.baesystems.com (unknown [20.133.0.55]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36C8E1B290E for <manet@ietf.org>; Tue, 29 Jul 2014 08:16:44 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.01,757,1400022000"; d="scan'208,217";a="461947536"
Received: from unknown (HELO baemasmds017.greenlnk.net) ([10.15.207.104]) by baemasmds003ir.sharelnk.net with ESMTP; 29 Jul 2014 16:16:41 +0100
X-IronPort-AV: E=Sophos; i="5.01,757,1400022000"; d="scan'208,217"; a="59418150"
Received: from glkxh0003v.greenlnk.net ([10.109.2.34]) by baemasmds017.greenlnk.net with ESMTP; 29 Jul 2014 16:16:51 +0100
Received: from GLKXM0002V.GREENLNK.net ([169.254.5.13]) by GLKXH0003V.GREENLNK.net ([10.109.2.34]) with mapi id 14.03.0174.001; Tue, 29 Jul 2014 16:16:51 +0100
From: "Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com>
To: Thomas Clausen <thomas@thomasclausen.org>, manet <manet@ietf.org>, "<manet-chairs@tools.ietf.org>" <manet-chairs@tools.ietf.org>, manet-ads <manet-ads@tools.ietf.org>
Thread-Topic: Ready for WGLC: Advancing draft-ietf-manet-ibs
Thread-Index: AQHPqmaMr2jXtWmnY0aFPOP7noXFq5u3IjPg
Date: Tue, 29 Jul 2014 15:16:50 +0000
Message-ID: <B31EEDDDB8ED7E4A93FDF12A4EECD30D40D1B881@GLKXM0002V.GREENLNK.net>
References: <BC5A3929-229B-4678-AFC1-8379D95D3618@thomasclausen.org>
In-Reply-To: <BC5A3929-229B-4678-AFC1-8379D95D3618@thomasclausen.org>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.109.62.6]
Content-Type: multipart/alternative; boundary="_000_B31EEDDDB8ED7E4A93FDF12A4EECD30D40D1B881GLKXM0002VGREEN_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/manet/ZQFOR4kXLuDGuziZ88C9en1e8_g
Cc: Christopher Dearlove <dearlove@manet-routing.net>
Subject: Re: [manet] Ready for WGLC: Advancing draft-ietf-manet-ibs
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2014 15:18:19 -0000

Some additional comments inline. I plan to put out a new version shortly, but technically all will be unchanged.

--
Christopher Dearlove
Senior Principal Engineer, Information Assurance Group
Communications, Networks and Image Analysis Capability
BAE Systems Advanced Technology Centre
West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
Tel: +44 1245 242194 |  Fax: +44 1245 242124
chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com> | http://www.baesystems.com

BAE Systems (Operations) Limited
Registered Office: Warwick House, PO Box 87, Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
Registered in England & Wales No: 1996687

From: Thomas Clausen [mailto:thomas@thomasclausen.org]
Sent: 28 July 2014 14:19
To: manet; <manet-chairs@tools.ietf.org>; manet-ads
Cc: Christopher Dearlove
Subject: Ready for WGLC: Advancing draft-ietf-manet-ibs


*** WARNING ***
This message originates from outside our organisation, either from an external partner or the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
For information regarding Red Flags that you can look out for in emails you receive, click here<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Red%20Flags.pdf>.
If you feel the email is suspicious, please follow this process<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Dealing%20With%20Suspicious%20Emails.pdf>.
Dear WG Chairs,
Dear Chris, all,

As the author indicated by email recently, he believes that draft-ietf-manet-olsrv2-management-snapshot is ready for WGLC.

As a reminder, this document aims for publication as a Proposed Standard.

I have, therefore, reviewed the document carefully. In my opinion, the author is right - in my opinion this document is ready for WGLC.

Moreover, I believe that it is a highly important document for the WG to produce, as it fills a real need, and does so by relying on already-published crypto RFCs, rather than by coming up with something esoteric.

I have two issues, and handful nits, that I expect the author will consider along with any other WGLC comments they may receive. Of course, if a new version is spun before WGLC is requested, then I'll gladly review that, also. Point being: let's get a call started on this document, none of my nits and issues are of the sort that should be blocking.

One of the issues is "need a non-jetlagged ADs advice to be sure we do the right thing", the other is - I think - a minor mix-up with a trivial editorial resolution and zero technical impact on this specification.

Either way, for information, I include all issues and nits that I've found in the below.

Issues:

            o          In my opinion, "Updates 7182" is inappropriate. What this document does is:
                                    (i)         only things permissible by RFC7182, and
                                    (ii)        makes registration from IANA registries set up by RFC7182
                                                (noting, of course, that RFC7181 doesn't "Updates 5444"
                                                 when making registrations for TC messages from the repositories
                                                 set up by RFC5444 as a case of precedent)
                        Consequently, I believe that the abstract, introduction, and document
                        header, needs updates to reflect that this is not an update.

                        Caveat Lector: I have bounced this around with the author, and I
                                                think that the conclusion is that we need just a friendly
                                                ADs opinion - my understanding is that the author
                                                "wants this out, but wants it done right, also", something
                                                to which I can but adhere.

                                                I believe that we should WGLC the document. If the AD
                                                finds the time to address this issue during WGLC, great -
                                                otherwise, we can reflect this in the "Document Writeup"
                                                that the AD will consider with the publication request - as
                                                this (imo) is procedural/editorial, and certainly not technical.

CMD: On the grounds that the biggest wasted effort is taking out, and then maybe putting back in, I'm going to leave as-is until our AD comments. But I'd have done the same if it were the other way round, I'm happy whichever way this is settled.

            o          Introduction, 4th paragraph:

                        Isn't it RFC7183 which does shared-secret-key ICVs? I just did a quick
                        grep through of "shared" in 7182, and found just a few mentions, notably
                        setting a side a value for key-id-length in that case. And "secret" is not
                        mentioned anywhere in 7182

CMD: I made an earlier post on this. I think that some improvements in wording in the Introduction are indicated.


Nits:
            o          Introduction, 1st paragraph:
                        OLD:
                                    This specification extends the TLV definitions
                                    therein by defining two new cryptographic function code points that
                                    allow the use of an identity-based signature (IBS) as an ICV.

                        NEW:
                                    This specification defines two new cryptographic function
                                    code points from within the registries set up by [RFC7182],
                                    that allow the use of an identity-based signature (IBS) as an ICV.

CMD: I want to keep some of what's lost by that edit, so will propose a third wording.

            o          Introduction, 2nd paragraph, 1st line:
                        I took a double-take when I saw the parenthesis
                        "(protocol participant)" - that seems a little odd, and I am on a crusade
                        against redundant and hard-to-parse terminology ;)

                        I think that what is meant is "router, which is running a routing
                        protocol which is based on RFC5444", so could the document not say
                        that?

                        In any event, I do not see "protocol participant" defined or anywhere else,
                        and so it seems unfortunate to *not* be explicit here.

CMD: Simply removing the parenthesis removes the intended point, which was to say that the
description assumes that the entities involved are routers - which isn't actually the only possibility
using 5444. I'll propose something that borrows from the above to improve it.

            o          Introduction, 3rd paragraph:

                        OLD:
                                    Two options for the choice of identity are supported (the two code
                                    points allocated).

                        NEW:
                                    Two options for the choice of identity are supported (as reflected
                                    by the two code points allocated).

CMD: Good.

            o          Introduction, 7th paragraph:
                        Caveating that using this introduces the danger that "if you catch the
                        trusted authority, then you're screwed" is awesome. I see that
                        this is repeated and reworded in the Security Considerations section,
                        and I approve.

                        Now, my question is then, if this should not be stated in the Applicability
                        statement, also? Something to the effect of that this applies to networks
                        where all routers can (at some point) be in contact with the TA (to be
                        keyed), but that this can be off-line - and probably should be off-line
                        since the TA really, really should be protected.

                        It might be argued that the forward-reference to Section 6 captures
                        this - I still think, that a few choice words in the applicability statement
                        would help greatly.

CMD: I prefer to stick with the forward reference, as I think by the time you've said enough, you've duplicated half of Section 6. But adding some words to say particularly regarding the role of the TA/KMS makes sense.

            o          Introduction, 9th paragraph:
                        Any [academic? otherwise] work that you can cite to quantify the
                        computational load? I asked a crypto-wonk-colleague, who said
                        something to the effect of "the document is perfectly right, on this
                        point, but I do not have a paper just off the top of my head with
                        interesting data to offer". For that reason alone, it'd be interesting
                        if you did ;)

CMD: See previous comments. Trying Google Scholar with ECCSI elliptic curve gets a very small number of hits, none useful here.

            o          Throw-away comment, I appreciate particularly the last
                        paragraph of the introduction.

            o          Section 4.1, first bullet

                        OLD:
                           o  The ICV is not calculated as cryptographic-function(hash-
                               function(content)) as defined in [RFC7182], but (like the HMAC
                               ICVs defined there) uses the hash function within the
                               cryptographic function.  The option "none" is not permitted for
                               hash-function, and the hash function must have a known fixed
                               length of N octets, as specified in Section 4.2.

                        NEW:
                           o  The ICV is not calculated as cryptographic-function(hash-
                               function(content)) as defined in [RFC7182], but (like the HMAC
                               ICVs defined in [RFC7182]) uses the hash function within the
                               cryptographic function.  The option "none" is not permitted for
                               hash-function, and the hash function must have a known fixed
                               length of N octets, as specified in Section 4.2.

CMD: I could live with either, but will make the change.

            o          While we are at it, it it crystal-clear to everybody that "Section 4.2" in
                        the bullet above is to *this* document, as not RFC7182?

CMD: I'm going to assume it is. I would always write Section X.Y of [Z] (or similar) if making an external reference.

            o          Section 4.3, 2nd bullet
                        There's a LOT of information embedded in this bullet, and reading it
                        suggests that it, readability-wise, might benefit from embedding a:
                                    <list style="hanging">
                                                <t hangText="Packet TLVs">...</t>
                                                <t hangText="Message TLVs">...</t>
                                                <t hangText="Address Block TLVs">...</t>
                                    </list>

CMD: I'm including to be slightly less radical (and I'm not a fan on hanging text). But I will create another level.

            o          IANA Considerations:

                        Given recent experiences in this WG and with requesting IANA
                        registrations, may I suggest that this be modified to say, more
                        explicitly:

                                    1)         IANA is requested to reserve ECCSI with description ___
                                                and reference "This Specification"

                                    2)         IANA is requested to reserve ECCSI-ADDR.... (similar)

                                    3)         The "Cryptographic Functions Registry", defined in
                                                [RFC7182], with these registrations made, will look
                                                like Table 1, which replaces Table 11 of [RFC7182]

                                    4)         Obviously, include in Table 1 the registrations from
                                                RFC7182.

                                    5)         That this document does not modify the expert
                                                review guidelines as set forth in RFC7182 for
                                                future allocations.

CMD: I think this comes under the heading of hand-holding IANA more than I would feel ought to be necessary. Except sometimes it has been. But this is a straightforward case, so while I agree that making it more explicit that this is a request for two new code points, I'm not going to repeat the full table from 7182 unless IANA really show they need hand-holding. Our previous cases where we had to repeat a whole table were a bit messier. But giving the exact name for the table as on IANA's website is advisable.

That's all. Thanks for writing this document, Chris.


Respectfully,

Thomas
********************************************************************
This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.
********************************************************************