Re: [MMUSIC] Alissa Cooper's No Objection on draft-ietf-mmusic-4572-update-12: (with COMMENT)
Paul Kyzivat <paul.kyzivat@comcast.net> Thu, 02 February 2017 17:15 UTC
Return-Path: <paul.kyzivat@comcast.net>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC021129494 for <mmusic@ietfa.amsl.com>; Thu, 2 Feb 2017 09:15:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.899
X-Spam-Level:
X-Spam-Status: No, score=-5.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cniU8QCWBTei for <mmusic@ietfa.amsl.com>; Thu, 2 Feb 2017 09:15:47 -0800 (PST)
Received: from resqmta-po-09v.sys.comcast.net (resqmta-po-09v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:168]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F48F1294C2 for <mmusic@ietf.org>; Thu, 2 Feb 2017 09:15:45 -0800 (PST)
Received: from resomta-po-02v.sys.comcast.net ([96.114.154.226]) by resqmta-po-09v.sys.comcast.net with SMTP id ZKybc19oq3kZMZKz2ceQUb; Thu, 02 Feb 2017 17:15:44 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20161114; t=1486055744; bh=CXf9xbWaWbRJrQbxIHP8NxOHwKZgA63fc9jZpZVHMK4=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=kw9oqL5iPz+AXYCUC0FT4PchHOlZaC3X6Sr/SmaShpdOZEE1P1HrEUrAQGA9FkBFw hMTSW+8FA38qCW3bzfKk8Uq8xhOr7Y4qpKbiq9+g9gp9tlly5IrM8+gj7SehnMsVPC 42QzASjh/z5sSUp5jvhCZctO9fuKijFxmGJVfe2MfH9/CyMPvraBArjL9HKHVarB3S OWa5uWQgkpOmK9Mlhf6rwfMtA+GpO3X2kGxJPoGHALCA8zVF3RrD6Dvo3clI+bvjZI voL+ewKlMUHkhotk46ceQ3q+ttMJLc2ZNEGnTFGMnX3DVWGUc2k/7aPTyiWmn1ECMO XhW55cL7+fc+g==
Received: from [192.168.1.110] ([73.186.127.100]) by resomta-po-02v.sys.comcast.net with SMTP id ZKz0cZqtzk3bxZKz1cRj1c; Thu, 02 Feb 2017 17:15:43 +0000
To: Christer Holmberg <christer.holmberg@ericsson.com>, "mmusic@ietf.org" <mmusic@ietf.org>
References: <148597343438.19146.978420245557276514.idtracker@ietfa.amsl.com> <7594FB04B1934943A5C02806D1A2204B4BFD8E04@ESESSMB209.ericsson.se> <ADDF7E75-1CE6-431E-BC93-4B92760440CD@nostrum.com> <22b63f2b-5f73-bca2-09b1-6c983126d21f@comcast.net> <D4B8B9E9.17427%christer.holmberg@ericsson.com>
From: Paul Kyzivat <paul.kyzivat@comcast.net>
Message-ID: <87100955-2655-90fe-70db-aaf0182a2224@comcast.net>
Date: Thu, 02 Feb 2017 12:15:42 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <D4B8B9E9.17427%christer.holmberg@ericsson.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-CMAE-Envelope: MS4wfIIfuJ6OKFYb3q/BflNgC342Fek8tOOgylXjuYANEsGk1ETRorwqLSAk1qeO92mXUboyW4Yf4UA+JNccuj/4dVHyCmV9shbuQpVOoJNuH5eKWtN+mo8O 3iBdC2dD5qaizQl3YWme+yAiEY0cfR8YnEJ6vWWE4NEBiO/PkigKhD0uA546uwvDNROUNmFDD/PsiK9iByiVpWt2JZdQ6dcaWfmLvtvYBKI2CYJiZs61ghe1
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/UytHila9XhxK0PAiHfdRjjD456w>
Subject: Re: [MMUSIC] Alissa Cooper's No Objection on draft-ietf-mmusic-4572-update-12: (with COMMENT)
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2017 17:15:49 -0000
On 2/2/17 3:28 AM, Christer Holmberg wrote: > Hi Paul, > >>>> ---------------------------------------------------------------------- >>>> COMMENT: >>>> ---------------------------------------------------------------------- >>>> >>>>> Section 5.1 says: >>>>> >>>>> "An endpoint MAY, in addition to its more preferred hash function, >>>>> also verify that each certificate used matches fingerprints >>>>> calculated using other hash functions. Unless there is a matching >>>>> fingerprint for each tested hash function, the endpoint MUST NOT >>>>> establish the TLS connection." >>>>> >>>>> This seems a little weird to me. It's up to the endpoint to decide >>>>> whether to check for errors, and then if it >>>>> does find an error it can't setup the connection, whereas if it just >>>>> hadn't checked it would be able to setup >>>>> the connection. I think it would help to explain why an endpoint >>>>> would be motivated to check multiple fingerprints. >>>> >>>> I think the only use-case that came up was a situation where the >>>> receiver is not sure which hash function is the "strongest", and >>>> therefor checks multiple. However, it was also realized that with the >>>> multiple set of hash functions such situation is very unlikely to >>>> occur. >>>> >>>> So, I could add the following note: >>>> >>>> "NOTE: An endpoint might choose to match each used certificate against >>>> fingerprints calculated using multiple >>>> hash functions e.g, if the endpoint is unsure which hash function is >>>> the strongest." >>> >>> In retrospect, I have to question that motivation. Is it that hard to >>> figure out? It seems like if you have two hash functions that are >>> reasonably equal, an implementation could just pick one. >>> >>>> >>>> ...or we could simply delete the text. I personally would go for that, >>>> but in case others want to keep it I have no problem with that. >>> >>> Given that this has caused confusion at every step, I support removing >>> the text. >> >> ISTM that the main point here is: *if* the recipient happens to check >> more than one hash, a failure of any one of them is to be considered an >> overall failure, rather than a success of one and a failure of another >> being considered a success. > > The question was WHY an endpoint would check more than one hash function > to begin with, and the only reason we have came up with is if the endpoint > doesn¹t ³know" which is the strongest hash - which sounds a little weird. I don't see why we need to know why. Maybe they intend to try them all, just for completeness. But if there is ever a question about the validity of an implementation, I don't want to be arguing with somebody who says: "I tried them all, and several failed but one succeeded so I decided it must be ok." Thanks, Paul
- [MMUSIC] Alissa Cooper's No Objection on draft-ie… Alissa Cooper
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Alissa Cooper
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Ben Campbell
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Roman Shpount
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Paul Kyzivat
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Christer Holmberg
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Paul Kyzivat
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Roman Shpount
- Re: [MMUSIC] Alissa Cooper's No Objection on draf… Ben Campbell