Re: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs
Christer Holmberg <christer.holmberg@ericsson.com> Thu, 05 January 2017 13:16 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C54051288B8 for <mmusic@ietfa.amsl.com>; Thu, 5 Jan 2017 05:16:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K1j4OW7EU29E for <mmusic@ietfa.amsl.com>; Thu, 5 Jan 2017 05:16:42 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 687EA1293FC for <mmusic@ietf.org>; Thu, 5 Jan 2017 05:16:42 -0800 (PST)
X-AuditID: c1b4fb25-3f77f980000042ea-da-586e47383517
Received: from ESESSHC005.ericsson.se (Unknown_Domain [153.88.183.33]) by (Symantec Mail Security) with SMTP id D4.E0.17130.8374E685; Thu, 5 Jan 2017 14:16:40 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.169]) by ESESSHC005.ericsson.se ([153.88.183.33]) with mapi id 14.03.0319.002; Thu, 5 Jan 2017 14:17:17 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Roman Shpount <roman@telurix.com>
Thread-Topic: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs
Thread-Index: AdJigL/3HmdriiVMRVGMYSdDZzSqOwADa/tQAGF4AYAANAiaQAANbYuAADFHBoAAAFj2AAAJJncAAB0+kFAABSYWgAAxw0ag
Date: Thu, 05 Jan 2017 13:16:36 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B4BF58F77@ESESSMB209.ericsson.se>
References: <7594FB04B1934943A5C02806D1A2204B4BF50A9B@ESESSMB209.ericsson.se> <7594FB04B1934943A5C02806D1A2204B4BF50DF5@ESESSMB209.ericsson.se> <CABkgnnWLw7QPLd6qtgN1C-Pg+UHim6s=QK0EFgkYViQy8Ad2oQ@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B4BF53260@ESESSMB209.ericsson.se> <CABcZeBNGm27Hf4mrGosjpAMOYSc2_O-4q72-HNpC5g0D_mhKzQ@mail.gmail.com> <7A58D0A4-CC5C-4740-B93A-B5D602FBDD9B@iii.ca> <CAD5OKxsmX2asHr0hQjjchbpT=4x6is8ohvtPU+JSCR01ZZkeGg@mail.gmail.com> <CABkgnnW9RRR_T=c7_MTk+jLamh4EdMsN0TfB64AUZ0Eox_hfKA@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B4BF56AF4@ESESSMB209.ericsson.se> <CAD5OKxuDkRB0v0PYOhsN_3u20=JXZeq5u5E5Ky65Abo+uRmHZw@mail.gmail.com>
In-Reply-To: <CAD5OKxuDkRB0v0PYOhsN_3u20=JXZeq5u5E5Ky65Abo+uRmHZw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.154]
Content-Type: multipart/alternative; boundary="_000_7594FB04B1934943A5C02806D1A2204B4BF58F77ESESSMB209erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrIIsWRmVeSWpSXmKPExsUyM2K7oq6Fe16Ewfb/khYf1v9gtNi/+Dyz xbUz/xgtpi5/zGIx48JUZgdWj52z7rJ7LFnyk8nj8vmPjB63phR4tD27wx7AGsVlk5Kak1mW WqRvl8CV8fgbX8GKyYwVLTP/sDUwbuhn7GLk5JAQMJHYNukfkM3FISSwjlHi/LU9TBDOYkaJ L6u+MHcxcnCwCVhIdP/TBmkQEVCV+Pt9MlgNs8BcRolb/66zgiSEBRIlPp7oZYMoSpJ407yF EcLOk/i0twfMZhFQkbgyvY0FxOYV8JXY1bKXGWLZGlaJtX/2gg3iFAiUePnjNlgDo4CYxPdT a5hAbGYBcYlbT+YzQZwtILFkz3lmCFtU4uXjf6wQtpLEotufmUCOZhbIlzj9XQRil6DEyZlP WCYwisxCMmkWQtUsJFUQYU2J9bv0IaoVJaZ0P2SHsDUkWufMZUcWX8DIvopRtDi1OCk33chY L7UoM7m4OD9PLy+1ZBMjMCIPbvmtuoPx8hvHQ4wCHIxKPLwfeHMjhFgTy4orcw8xSnAwK4nw ZrvmRQjxpiRWVqUW5ccXleakFh9ilOZgURLnNVt5P1xIID2xJDU7NbUgtQgmy8TBKdXAGPZa +QfPyg0SxRpdUw4Gnpx50fBj8qatpyXXz0idIlHp3Su/l4V9uWvQ84zlC+5IuW/sy0hyT657 8b2AuW3lkd+R07JYBbZoGH9bUW/0NvnT37xOtaLT7+UmTV0Svur9xTuaqq7pV7RW2grt3bhQ KLfB3TF56wW22Uli4eJu7itW1CWE95zrVWIpzkg01GIuKk4EAHefwnbEAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/WQ4Ua9AD56KwJVglyrQ9YsqSeBU>
Cc: Jonathan Lennox <jonathan@vidyo.com>, "mmusic@ietf.org" <mmusic@ietf.org>, Cullen Jennings <fluffy@iii.ca>
Subject: Re: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 13:16:45 -0000
Ok, I’ll submit a new version (-10) based on the changes below. Regards, Christer From: Roman Shpount [mailto:roman@telurix.com] Sent: 04 January 2017 16:31 To: Christer Holmberg <christer.holmberg@ericsson.com> Cc: Martin Thomson <martin.thomson@gmail.com>; Cullen Jennings <fluffy@iii.ca>; Jonathan Lennox <jonathan@vidyo.com>; mmusic@ietf.org Subject: Re: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs This looks good to me _____________ Roman Shpount On Wed, Jan 4, 2017 at 6:22 AM, Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote: Ok, to make sure we are all on the same page, below are the places in the previous version (-08) of the draft where MD2 and MD5 are mentioned, and my suggestion on what/if to do: Section 5: ------------- "hash-func = "sha-1" / "sha-224" / "sha-256" / "sha-384" / "sha-512" / "md5" / "md2" / token ; Additional hash functions can only come ; from updates to RFC 3279" Christer's suggestion: Keep the text as it is. ------------- "Following RFC 3279 [7] as updated by RFC 4055 [9], therefore, the defined hash functions are 'SHA-1' [1] [18], 'SHA-224' [1], 'SHA-256' [1], 'SHA-384'[1], 'SHA-512' [1], 'MD5' [4], and 'MD2' [3], with 'SHA-256' preferred. A new IANA registry of Hash Function Textual Names, specified in Section 8, allows for addition of future tokens, but they may only be added if they are included in RFCs that update or obsolete RFC 3279 [7]." Christer's suggestion: Keep the text, but update the MD2 and MD5 references ([3] and [4]), and add the following new paragraph text: "For backward compatibility with implementations compliant with RFC 4572, the MD2 and MD5 cipher suite are still listed in the syntax. However, implementations compliant to this specification MUST NOT use them." Section 8: ------------- "Table 1 contains the initial values of this registry. +--------------------+------------------------+-----------+ | Hash Function Name | OID | Reference | +--------------------+------------------------+-----------+ | "md2" | 1.2.840.113549.2.2 | RFC 3279 | | "md5" | 1.2.840.113549.2.5 | RFC 3279 | | "sha-1" | 1.3.14.3.2.26 | RFC 3279 | | "sha-224" | 2.16.840.1.101.3.4.2.4 | RFC 4055 | | "sha-256" | 2.16.840.1.101.3.4.2.1 | RFC 4055 | | "sha-384" | 2.16.840.1.101.3.4.2.2 | RFC 4055 | | "sha-512" | 2.16.840.1.101.3.4.2.3 | RFC 4055 | +--------------------+------------------------+-----------+" Christer's suggestion: Keep the above text, without changes. This is the initial IANA registration, and we don't change that. Regards, Christer -----Original Message----- From: Martin Thomson [mailto:martin.thomson@gmail.com<mailto:martin.thomson@gmail.com>] Sent: 04 January 2017 00:07 To: Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> Cc: Cullen Jennings <fluffy@iii.ca<mailto:fluffy@iii.ca>>; Jonathan Lennox <jonathan@vidyo.com<mailto:jonathan@vidyo.com>>; mmusic@ietf.org<mailto:mmusic@ietf.org>; Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> Subject: Re: [MMUSIC] draft-4572-update: Spec contains references to a number of obsoleted RFCs On 4 January 2017 at 04:44, Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote: > I agree, I think MD2 and MD5 should be defined in the grammar but > specification should state that they MUST NOT be used. This way there > are no potential backwards interop problems. To address Christer's original concern, I would say that you don't need a reference to the algorithms to achieve that. An informative reference is as far as you might go.
- [MMUSIC] draft-4572-update: Spec contains referen… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Martin Thomson
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Eric Rescorla
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Martin Thomson
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Cullen Jennings
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Cullen Jennings
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Roman Shpount
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Martin Thomson
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Roman Shpount
- Re: [MMUSIC] draft-4572-update: Spec contains ref… Christer Holmberg