IETF Logo Mail Archive

Re: [mile] Working group last call for ROLIE

"Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov> Mon, 01 May 2017 21:07 UTC

Return-Path: <stephen.banghart@nist.gov>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7750129549 for <mile@ietfa.amsl.com>; Mon, 1 May 2017 14:07:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bmg_sx4WuPSD for <mile@ietfa.amsl.com>; Mon, 1 May 2017 14:07:09 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0111.outbound.protection.outlook.com [23.103.201.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C977129B34 for <mile@ietf.org>; Mon, 1 May 2017 14:04:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ScAX99fZ+7Zf5YFm9HaxU4HyYSAPyiyXM3r0oMau+cA=; b=UF9Z8mt8DRhSdmlDwWz2UmNqp5MOCPuIiGDsINbjVcHTSjnoqpg/uJusE9Ug2vWbligmWou5U1AkZNqBQvocS/SWA9aenyI9MmddJ5eETwLZZ3EdJ+pbxm9qXYHTjoA5kYIscqh0oFK4wF8uhLIJFsmnMZShyf1OOdgBL0nHb7A=
Received: from DM5PR09MB1307.namprd09.prod.outlook.com (10.172.34.141) by DM5PR09MB1305.namprd09.prod.outlook.com (10.172.34.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1061.12; Mon, 1 May 2017 21:04:06 +0000
Received: from DM5PR09MB1307.namprd09.prod.outlook.com ([10.172.34.141]) by DM5PR09MB1307.namprd09.prod.outlook.com ([10.172.34.141]) with mapi id 15.01.1061.021; Mon, 1 May 2017 21:04:06 +0000
From: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "mile@ietf.org" <mile@ietf.org>
Thread-Topic: [mile] Working group last call for ROLIE
Thread-Index: AQHSwEYtr6wDNOac8kGdCvFSYYucR6Hf0WAA
Date: Mon, 01 May 2017 21:04:06 +0000
Message-ID: <DM5PR09MB130723A351CE9141A4D93545F0140@DM5PR09MB1307.namprd09.prod.outlook.com>
References: <EDAFDAEB-4950-4F04-A0F1-CE7F12582960@cisco.com>
In-Reply-To: <EDAFDAEB-4950-4F04-A0F1-CE7F12582960@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=nist.gov;
x-originating-ip: [129.6.227.79]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR09MB1305; 7:BB265fodjFpE018ZAj2NZvS8O7XoFBAUZl/IdRbgeTJxoZ5hW82M7rRR09IfkvgvvhcH0/9aOfew7YV2K9lCXUgCoGGAnSYGkh7A5EwemH8fcjNShgPQ9NLjj5AY5PtzfqaJePljLU4GLJ97EKytm6buSKEUdZwbZ0rufnpmw3Coy0Fme6nuO95RKwuyRo0IDvuW47FSLPiX0EDTjh+EEGYxpmwZx/kVlrw5VRXXfHDqUfRldyzDoMIcDdgxz+qQmr6qi2P/DbA9UNuCwu/G5/6aOcHe94yW9ZOKFs357cJ0kVdIaleDZUCWmMmUZoMGvOdb2BytTJ7OA+WsfcIPIw==
x-ms-office365-filtering-correlation-id: 16d54143-f3c0-459d-5621-08d490d59acb
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081)(201702281549075); SRVR:DM5PR09MB1305;
x-microsoft-antispam-prvs: <DM5PR09MB130538E9DD052F0F70937046F0140@DM5PR09MB1305.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(192374486261705)(131327999870524)(95692535739014)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123558100)(20161123555025)(20161123562025)(6072148); SRVR:DM5PR09MB1305; BCL:0; PCL:0; RULEID:; SRVR:DM5PR09MB1305;
x-forefront-prvs: 02945962BD
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39840400002)(39450400003)(39860400002)(39850400002)(39400400002)(39410400002)(377454003)(74316002)(229853002)(86362001)(8676002)(81166006)(33656002)(25786009)(6506006)(6306002)(5660300001)(9686003)(38730400002)(8936002)(3280700002)(478600001)(122556002)(189998001)(3660700001)(966004)(102836003)(3846002)(6116002)(2906002)(2900100001)(53936002)(6246003)(7736002)(305945005)(53946003)(50986999)(2950100002)(77096006)(76176999)(54356999)(7696004)(55016002)(2501003)(66066001)(99286003)(6436002)(579004); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR09MB1305; H:DM5PR09MB1307.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR09MB130723A351CE9141A4D93545F0140DM5PR09MB1307namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 May 2017 21:04:06.3591 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR09MB1305
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/SKCenxRgTO16OWppXIw00ejce28>
Subject: Re: [mile] Working group last call for ROLIE
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 May 2017 21:07:13 -0000

Hi Nancy,

Thanks for the review! I’ve put my comments inline. We’re also looking for WG feedback in general on our TLS requirement language.

-Stephen

From: mile [mailto:mile-bounces@ietf.org] On Behalf Of Nancy Cam-Winget (ncamwing)
Sent: Friday, April 28, 2017 1:38 PM
To: mile@ietf.org
Subject: Re: [mile] Working group last call for ROLIE

Hi Steven,
I was able to get thru most of the draft though, I didn’t get to do a thorough review of Section 6 as I wanted to make sure I could get a first pass by today.  Here are some comments and questions based on my review of the ROLIE draft:
Section 1:
“Feeds” has had some errata updated in RFC 5988; it would be useful to reference that as well.

What do you mean by: “Through use of granular authentication and access controls,
   only authorized consumers may be permitted the ability to read or
   write to a given Feed.”
-       I believe that the “granular authentication and access controls” is “granular” as the consumer must authenticate directly to the particular HTTP-server hosting the Feed(s), is that correct?  Based on the example in Appendix B.1, a Feed maps to the availability of extracting a document (or information) type(s) but only from a particular/known resource (e.g. HTTP server).   But then, the consumer has to know all the potential resources to be able to query or “discover” what is available (e.g. Feeds), is that correct?

We had meant granular in the sense that each user could be authenticated on a workspace basis, collection basis, entry basis, etc; any given resource can be restricted.

Given that, I’m not sure the references to “point-to-point” that follow are quite correct….that is, one entity is talking directly to another (e.g. no multicast)


This should be covered along with the Section 4/1 changes.


Section 2:
Information Type definition includes: “…that is the subject of a security
      process that can be automated”
-       Can you clarify what is meant by or describe  what processes are automated beyond being able to interpret the data models as defined by the next set of drafts that further instantiate a ROLIE “Information Types”?

We updated the terminology section, hopefully it should make the definition here a little clearer.


Section 4: I agree with Charles’ that there are claims that am not sure apply.  The biggest benefit I see is that ROLIE instantiates an open model by which security information can be instantiated and shared.  But the transport (HTTPs) use is constrained and so is there a lack of general discovery of the resources available to disseminate security information.

Section 4.1:  I can see the ability to proactively share, but do not see it readily using the HTTPs protocol as it is inherently a client-server model.  While one can poll or block until a request is fulfilled, I don’t view that as really being a proactive model.
I am likely not interpreting the example correctly as it is somewhat vague. The example seems to indicate a level of indirection or inference that there is some overarching methodology by which a “search” to all available resources or feeds thru representation to include all the appropriate links to the resources?

Section 4.2: Is the intent of this section to highlight availability of different types of information that can be correlated (or aggregated)? As implied in the 1st paragraph or is it about the need to Federate information mentioned in the last paragraph?
[nit] The middle paragraph should use either “management system” or “monitoring system”.

Section 4.3: I perceive the intent of this section is to highlight that the architecture enables a producer to disclose information to consumers and potentially “filter” either based on the access control/authorization of the information elements or the particular consumer (or both).  Similarly, a consumer can choose which Feeds to tap into.
That is independent of how the data is stored (e.g. data repository).  My suggestion is to use the notion of “discovering available information” (or information types) vs. “repositories”.


We’ve condensed and refocused this section of the document, I believe that the edits should satisfy most of these comments.


Section 5.1.1: “repository” is really the “collection of security information” and suggest that the term not be used in this context as “repository” has storage implications and considerations which imho are more to an implementation detail.  I believe ROLIE is defining the data organization for carrying security info.
-       The first bullet, if it is private, why disclose it at all?   If the intent is to enable disclosure of some information to authorized parties or based on access controls, then it is really not private.  So, I am not sure why this is needed?
ۍ      The second bullet makes sense, but then is this a recommendation that drafts providing “Information Types” MUST provide these conventions?


On “repository”, we agree that this word has some baggage with it and implies something about the implementation. We’ve gone through and changed the word throughout the document. Workspace (or other resource) disclosure is a choice left up to the implementation/configuration, workspaces (or other resources) that a user does not have access to can be either hidden or just locked away. We’ve made some edits to the second bullet and condensed it, this should hopefully address your concern here.


Section 5.3: Given that TLS just published version 1.3, I am not sure that a MUST to “most recent” is warranted as new versions will be forthcoming and will break this requirement to implementations that may take time to update to “most recent”.  This is a SHOULD, but can mandate minimum version (e.g. 1.2 or 1.3 for now?)

-       Shouldn’t ROLIE enforce a MUST on mutual authentication?  Suggest rewording to one sentence if intent is to “MUST mutually authenticate using x.509 certificates”
-       If the intent is a MUST to use certs, could that be prohibitive as now certificate management could be a barrier for adoption?
-       What if OCSP is used? Is that not allowed given that RFC5280 is


We would like to ensure that a more recent version is used, but we also worry that “most recent” is too strict. Does anybody have some recommendations (or examples from other specs) on dealing with this version issue? Some wording around specifying the minimum version could be helpful.


Section 5.4: Is there a distinction between a (human) user vs. an application wanting to authenticate to a server?


No, they should be treated in the same way.


Section 9:
There should be considerations for the Service Discovery as well.
There should be considerations for the confidentiality and integrity of the information as the data is in motion (no need for storage considerations).
Given that Section 5.3 has a MUST for certificates, I am not connecting the notion of the federation tie?  This paragraph should be placed in its own section but the Security considerations should discuss the security implications of enabling the federation.

General: given the nature of sharing information, there should be a section that speaks to the Privacy considerations for both the act of sharing information as well as the discovery mechanism.


Agreed, I’ll add some text talking about service discovery, and a privacy considerations sections.


Overall I think the draft reads well and is close to shepherding thru ☺

Regards, Nancy

From: mile <mile-bounces@ietf.org<mailto:mile-bounces@ietf.org>> on behalf of "ncamwing@cisco.com<mailto:ncamwing@cisco.com>" <ncamwing@cisco.com<mailto:ncamwing@cisco.com>>
Date: Tuesday, March 28, 2017 at 4:27 PM
To: "mile@ietf.org<mailto:mile@ietf.org>" <mile@ietf.org<mailto:mile@ietf.org>>
Subject: [mile] Working group last call for ROLIE

Colleagues,

Given the significant changes made to the last draft, we are doing another 30day WGLC for
https://tools.ietf.org/html/draft-ietf-mile-rolie-06

Please provide comments before May 1st and provide your support and/ or raise any issue you feel are yet to be addressed.

Regards, Nancy

v2.23.0 | Report a Bug | By Email