Re: [MMUSIC] Alissa Cooper's No Objection on draft-ietf-mmusic-4572-update-12: (with COMMENT)
"Ben Campbell" <ben@nostrum.com> Wed, 01 February 2017 20:25 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ADA21299A3; Wed, 1 Feb 2017 12:25:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.099
X-Spam-Level:
X-Spam-Status: No, score=-5.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-3.199] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cQnBWCL78cjY; Wed, 1 Feb 2017 12:25:08 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A24701294F5; Wed, 1 Feb 2017 12:25:08 -0800 (PST)
Received: from [10.0.1.39] (cpe-66-25-7-22.tx.res.rr.com [66.25.7.22]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v11KOwj4079417 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 1 Feb 2017 14:24:59 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-66-25-7-22.tx.res.rr.com [66.25.7.22] claimed to be [10.0.1.39]
From: Ben Campbell <ben@nostrum.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Date: Wed, 01 Feb 2017 14:24:58 -0600
Message-ID: <ADDF7E75-1CE6-431E-BC93-4B92760440CD@nostrum.com>
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B4BFD8E04@ESESSMB209.ericsson.se>
References: <148597343438.19146.978420245557276514.idtracker@ietfa.amsl.com> <7594FB04B1934943A5C02806D1A2204B4BFD8E04@ESESSMB209.ericsson.se>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5319)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/6ReeMSWSjIRWqxZ1YXqgNvMBWyw>
Cc: "mmusic-chairs@ietf.org" <mmusic-chairs@ietf.org>, "mmusic@ietf.org" <mmusic@ietf.org>, "fandreas@cisco.com" <fandreas@cisco.com>, The IESG <iesg@ietf.org>, "draft-ietf-mmusic-4572-update@ietf.org" <draft-ietf-mmusic-4572-update@ietf.org>
Subject: Re: [MMUSIC] Alissa Cooper's No Objection on draft-ietf-mmusic-4572-update-12: (with COMMENT)
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2017 20:25:09 -0000
On 1 Feb 2017, at 14:04, Christer Holmberg wrote: > Hi Alissa, > > Thank you for your review! See below. > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > >> Section 5.1 says: >> >> "An endpoint MAY, in addition to its more preferred hash function, >> also verify that each certificate used matches fingerprints >> calculated using other hash functions. Unless there is a matching >> fingerprint for each tested hash function, the endpoint MUST NOT >> establish the TLS connection." >> >> This seems a little weird to me. It's up to the endpoint to decide >> whether to check for errors, and then if it >> does find an error it can't setup the connection, whereas if it just >> hadn't checked it would be able to setup >> the connection. I think it would help to explain why an endpoint >> would be motivated to check multiple fingerprints. > > I think the only use-case that came up was a situation where the > receiver is not sure which hash function is the "strongest", and > therefor checks multiple. However, it was also realized that with the > multiple set of hash functions such situation is very unlikely to > occur. > > So, I could add the following note: > > "NOTE: An endpoint might choose to match each used certificate against > fingerprints calculated using multiple > hash functions e.g, if the endpoint is unsure which hash function is > the strongest." In retrospect, I have to question that motivation. Is it that hard to figure out? It seems like if you have two hash functions that are reasonably equal, an implementation could just pick one. > > ...or we could simply delete the text. I personally would go for that, > but in case others want to keep it I have no problem with that. Given that this has caused confusion at every step, I support removing the text. Thanks! Ben.
- [MMUSIC] Alissa Cooper's No Objection on draft-ie… Alissa Cooper
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Alissa Cooper
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Ben Campbell
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Roman Shpount
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Paul Kyzivat
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Paul Kyzivat
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Roman Shpount
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Ben Campbell