Re: [mile] Secdir review: draft-ietf-mile-rfc5070-bis-22

kathleen.moriarty.ietf@gmail.com Wed, 01 June 2016 14:07 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: expand-draft-ietf-mile-rfc5070-bis.all@virtual.ietf.org
Delivered-To: mile@ietfa.amsl.com
Received: by ietfa.amsl.com (Postfix, from userid 65534) id 02EB112D550; Wed, 1 Jun 2016 07:07:41 -0700 (PDT)
X-Original-To: xfilter-draft-ietf-mile-rfc5070-bis.all@ietfa.amsl.com
Delivered-To: xfilter-draft-ietf-mile-rfc5070-bis.all@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D421512D50A; Wed, 1 Jun 2016 07:07:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bBZDJVDEKiul; Wed, 1 Jun 2016 07:07:40 -0700 (PDT)
Received: from mail-qk0-x231.google.com (mail-qk0-x231.google.com [IPv6:2607:f8b0:400d:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2F9D12D550; Wed, 1 Jun 2016 07:07:39 -0700 (PDT)
Received: by mail-qk0-x231.google.com with SMTP id y126so15116385qke.1; Wed, 01 Jun 2016 07:07:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=woEwIpTA/NBkAJfe35IwBPRP0DUifUSPbC4fQFjZRLQ=; b=CY+CanVnWN6WnkLuQTJ4v7HbAGPo9atpb5TYcgh3LCvvi0EiGQrUSnxLudMgu4Z/4C FfAhFdNJLHxUH33XJ0PJk0m9TWULYg7TmGKYjoeNwoq9Ko6s85D69WKlBs281BalUsRH 9O2aa2u5eOYcaDuzY0USeeFnmfwVTLqy5QyO4UGPkPO8CDKfcPdUgTm/XXt2b2Ic+GSW u+rTTHupnP4oC2Auiob01qygIrSG9sCEw+d/Bm6t08jVVhW6darjVh13M5adZTGNAFac h/ahqgxzYB/aNSSHKXgbWesBlRE5xW9OwOvJQLWl4ZDjxn1piwCzBMEzkKiW9Qyt7E79 s7pA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=woEwIpTA/NBkAJfe35IwBPRP0DUifUSPbC4fQFjZRLQ=; b=JWYUPTEn/Ol2jLgjmhfySUuiwP1MUN9Cg627TNAlGzb99Vufq6Sjz3fiVRf0ytOAtC RRZt//oIA8jx9v6WfXRT+94mNy5rrFj/GIFsSpTLF4hRFwx3DgVxAzI4aveEaXrdk71U r9BkNNHMxvqWcsQpwK3JvHz3ClMBFGT6aNcXpX3hOw3r4h0u1mQCg2SSfEeQWmdDUmSY 5f2/WgrYrZylEL6CJBUdu7AcPMOq7t7LjRaOkA4LHcEKjRyff5s/v5vprl0dJfPt8Dzn xsD2+lNNxY4fnwJO1U2addpYj5NyYWVWRlsOBwhLL2kHZAkxgnA/LB+rAk7KFkz97snw AjWA==
X-Gm-Message-State: ALyK8tJI8x0c+CtTf9qwG46BwsysMgRrz9BCowPeQ7nMpQ8cUI/bWdj6WxZLi1cZB4T8ow==
X-Received: by 10.237.33.151 with SMTP id l23mr3729346qtc.81.1464790058936; Wed, 01 Jun 2016 07:07:38 -0700 (PDT)
Received: from [192.168.1.6] (209-6-124-204.c3-0.arl-ubr1.sbo-arl.ma.cable.rcn.com. [209.6.124.204]) by smtp.gmail.com with ESMTPSA id s7sm5672051qhe.46.2016.06.01.07.07.38 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 01 Jun 2016 07:07:38 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: kathleen.moriarty.ietf@gmail.com
X-Mailer: iPhone Mail (12H143)
In-Reply-To: <c85e0bbe-d3f1-bee0-0eac-84a455071a51@nostrum.com>
Date: Wed, 1 Jun 2016 10:07:37 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <7EAC1ED4-6504-41FB-8877-28EEF6CE2283@gmail.com>
References: <15b7d5f0-63e9-15b9-b7d5-47a6be10c760@nostrum.com> <c85e0bbe-d3f1-bee0-0eac-84a455071a51@nostrum.com>
To: Robert Sparks <rjsparks@nostrum.com>
Resent-From: <alias-bounces@ietf.org>
Resent-To: rdd@cert.org, ncamwing@cisco.com, takeshi_takahashi@nict.go.jp, david.waltermire@nist.gov, Kathleen.Moriarty.ietf@gmail.com, stephen.farrell@cs.tcd.ie, mile-chairs@tools.ietf.org, mile@ietf.org
Resent-Message-Id: <20160601140742.02EB112D550@ietfa.amsl.com>
Resent-Date: Wed, 1 Jun 2016 07:07:41 -0700 (PDT)
Archived-At: <http://mailarchive.ietf.org/arch/msg/mile/wl_sv3uOocd03YLCG_ud8u1uxoM>
Cc: "draft-ietf-mile-rfc5070-bis.all@ietf.org" <draft-ietf-mile-rfc5070-bis.all@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [mile] Secdir review: draft-ietf-mile-rfc5070-bis-22
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2016 14:07:42 -0000

Thanks, Robert for the review and re sending it.

Sent from my iPhone

> On Jun 1, 2016, at 9:32 AM, Robert Sparks <rjsparks@nostrum.com>; wrote:
> 
> Retransmitting to fix a typo in the Subject to make this easier to find when searching on the draft name.
> 
> Apologies for the extra noise.
> 
> 
>> On 5/30/16 2:43 PM, Robert Sparks wrote:
>> I have reviewed this document as part of the security directorate's
>> ongoing effort to review all IETF documents being processed by the
>> IESG.  These comments were written primarily for the benefit of the
>> security area directors.  Document editors and WG chairs should treat
>> these comments just like any other last call comments.
>> 
>> Document : draft-ietf-mile-rfc5070bis-22
>> 
>> Summary: This document has minor issues that should be addressed before publication as Proposed Standard
>> 
>> This document defines a document format for exchanging information between
>> operational security teams. It points out standardized mechanisms for
>> transporting the documents (RFC6545 and RFC6546), to provide confidentiality,
>> integrity, and authenticity, but does not restrict the use of the format to
>> within those protocols.  Instead, it provides a generic set of "Processing
>> Considerations" in section 4, which are augmented by the Security
>> Considerations in section 9.
>> 
>> There are some minor issues with this approach that should be addressed before
>> publication.
>> 
>> 1) The document requires that implementations validate documents against the
>> schema, and reject any documents that fail validation.  In particular, Section
>> 5.2 Item 4 requires rejecting documents with an unrecognized element in a
>> supported namespace as a syntax error. Section 4.3 requires implementations to
>> ->dynamically generate the schema used for validation from IANA registries<-.
>> Section 5.2 Item 5 calls out that this dynamic generation has security and
>> performance implications, but does not describe them, and has a very vague
>> "SHOULD NOT download schemas at runtime" to guard against them.  I seem to
>> recall significant discussion in other contexts of the issues with generating
>> schema from IANA registries at runtime.  Perhaps the ADs can provide pointers
>> to material generated from those discussions that the group can reference