IETF Logo Mail Archive

Re: [MMUSIC] Stephen Farrell's Discuss on draft-ietf-mmusic-4572-update-12: (with DISCUSS)

Christer Holmberg <christer.holmberg@ericsson.com> Wed, 01 February 2017 20:13 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CECE21299DB; Wed, 1 Feb 2017 12:13:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6tLI9B4jg_p8; Wed, 1 Feb 2017 12:13:17 -0800 (PST)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51E2712956E; Wed, 1 Feb 2017 12:13:16 -0800 (PST)
X-AuditID: c1b4fb2d-e76b398000007e3d-56-5892415a762d
Received: from ESESSHC017.ericsson.se (Unknown_Domain [153.88.183.69]) by (Symantec Mail Security) with SMTP id A7.A6.32317.A5142985; Wed, 1 Feb 2017 21:13:14 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.76]) by ESESSHC017.ericsson.se ([153.88.183.69]) with mapi id 14.03.0319.002; Wed, 1 Feb 2017 21:12:53 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Jonathan Lennox <jonathan@vidyo.com>
Thread-Topic: Stephen Farrell's Discuss on draft-ietf-mmusic-4572-update-12: (with DISCUSS)
Thread-Index: AQHSe9xPXcuaz7bZMUKOtO0DGNu5LqFSxOkAgAFij4CAAG+J8A==
Date: Wed, 01 Feb 2017 20:12:52 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B4BFD8E2F@ESESSMB209.ericsson.se>
References: <148587892598.2448.6982128247176255180.idtracker@ietfa.amsl.com> <3DCBB043-EF35-425A-A005-93488A726369@vidyo.com> <36000381-1043-e5a8-b03d-000eef833cef@cs.tcd.ie>
In-Reply-To: <36000381-1043-e5a8-b03d-000eef833cef@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.148]
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_000B_01D27CD8.52546B10"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrPIsWRmVeSWpSXmKPExsUyM2K7q26U46QIg9a96hYHLy5jtXh/Qddi xp+JzBb7F59ntji/cz2TxdTlj1kspu+9xu7A7jHl90ZWj7XdV9k8liz5yeTR9uwOewBLFJdN SmpOZllqkb5dAlfGsjOr2AteZlSsv3eJsYHxTHwXIyeHhICJxJGty9i7GLk4hATWMUpsmAnj LGKUePf/JVsXIwcHm4CFRPc/bZAGEYFwic175zKD1DALvGeUmN+6lhUkISwQI7HvzHQWkHoR gViJ1beg6p0kNrx5BjaGRUBF4vV6IZAwr4CvxK++K2CdQgKbGCVe31IGsTkFbCWOHVrOCGIz CohJfD+1hgnEZhYQl7j1ZD4TxM0iEg8vnmaDsEUlXj7+xwphK0k0LnnCCnFaL6PEifv/mSGW CUqcnPmEZQKjyCwks2Yhq5uFpA6iSFvi6c2ncPayha+ZIWxriRm/DrJB2IoSU7ofskPYphKv j35kXMDIsYpRtDi1uDg33chYL7UoM7m4OD9PLy+1ZBMjMGoPbvmtu4Nx9WvHQ4wCHIxKPLwG BpMihFgTy4orcw8xqgDNebRh9QVGKZa8/LxUJRFeBkugNG9KYmVValF+fFFpTmrxIUZpDhYl cV6zlffDhQTSE0tSs1NTC1KLYLJMHJxSDYy+L+XEfcrM189fJXP4Vly8vK8xo4z8dcv/l5fb rt583Phg11tG7Y3/al0DH+49Oi/u+OyYxHcztTbun1de81KttkHm/8ECc3n/m9v3ajQJBje4 XEn2f20Yp1kZU7xA/FMQW9W6ydKc79Ue3hVke5ZU6hYXyNG2lHF7W9zStG1zG9z/myV3eiix FGckGmoxFxUnAgBYsTFv4gIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/ZV3aVjNOPCLLpJ_x3VsgKIW6dsQ>
Cc: Flemming Andreasen <fandreas@cisco.com>, "mmusic-chairs@ietf.org" <mmusic-chairs@ietf.org>, "draft-ietf-mmusic-4572-update@ietf.org" <draft-ietf-mmusic-4572-update@ietf.org>, The The IESG <iesg@ietf.org>, mmusic <mmusic@ietf.org>
Subject: Re: [MMUSIC] Stephen Farrell's Discuss on draft-ietf-mmusic-4572-update-12: (with DISCUSS)
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Feb 2017 20:13:19 -0000

Hi,

>Bottom line I guess is I'm still not sure that the right
>set of hashes are included but we've discussed it so I'll
>clear. I'm happy to continue to discuss it if you want, or
>you can continue to discuss amongst yourselves if that's
>better, or you can just forge on and be glad I'm out of
>your hair if that's right:-)

It won't last for long, though, because I have two other security related drafts coming up for review soon :)

Thanks!

Regards,

Christer


Collating various responses into one...

On 31/01/17 17:23, Jonathan Lennox wrote:
> 
>> On Jan 31, 2017, at 11:08 AM, Stephen Farrell
>> <stephen.farrell@cs.tcd.ie> wrote:
>> 
>> ----------------------------------------------------------------------
>>
>> 
DISCUSS:
>> ----------------------------------------------------------------------
>>
>>
>>
>> 
I've two (or 4 depending how you count:-) things
>> I'd like to check here. Should be pretty easy to handle.
>> 
>> (1) section 5: I'm wondering if we have the right set of hash
>> functions here. Deprecating md2 and md5 is great, but I have a
>> bunch of questions about the others:
>> 
>> (1.1) why not also say that sha-1 MUST NOT be used for new things
>> (or similar)?
> 
> We say (section 5.1) that SHA-256 MUST be used for one of the
> fingerprints; implementations MAY send additional fingerprints as
> well.
> 
> There’s concern that there may be existing implementations needing
> SHA-1 (since 4572 made that the MTI algorithm).  The need for interop
> makes defining “new things” rather complicated.
> 
> Is that sufficient?

I guess. But is there really that much use of fingerprints
today that you need to preserve sha-1? (Honest question, I'm
just ignorant:-)

> 
> 
>> (1.2) do you really need sha-224 and 384? I think nobody uses those
>> at all.

On 01/02/17 07:18, Eric Rescorla wrote:
>
> It's certainly not correct that nobody uses SHA-384.
>
> In fact, for TLS 1.3, you can't sign anything with P-384 without using
> SHA-384.

Well, tls1.3 isn't used yet but even so, I'd say the set of
folks using p384 will be tiny. Enough that this spec could
say "these are just here in case they're needed, but we
don't think you ought use 'em and you might not get great
interop if you do"

>> 
>> (1.3) I'm a bit surprised you didn't add sha3 (and maybe remove
>> sha-512 if that's not needed) Even if you don't encourage use of
>> sha3, it might be good to include it in the abnf now in case it
>> gets popular.
> 
> The policy is that the set of hash functions supported corresponds to
> the hash functions defined for X.509 certificates. Unless I’m missing
> something, there’s no definition of SHA-3 for X.509 yet, is there?
> (If I’ve overlooked something, please let me know.)

I'm not sure what'd be needed to use it? There are, I'm sure,
OIDs, and once you have that you're all set. That is, I don't
think one'd need an RFC to use sha-3 with x.509.

> 
> The list is an IANA registry, so once SHA-3 is defined for X.509, it
> can also be added to the registry without needing an update to this
> document.
> 
> For the same reason, this is why we included SHA-224 and SHA-384.  If
> no one’s using them, I’d think an update to RFC 4055 would be in
> order?

Maybe in theory. I'm not sure who'd be motivated to do
that though.

> 
> 
>> (2) Wouldn't it be a good plan to say that TLS as-used MUST conform
>> to BCP195? If not, why not?
> 
> My inclination would be to say yes, but I’ll let people with more of
> the existing implementations comment further in case there’s some
> issue.

On 31/01/17 22:59, Martin Thomson wrote:
> If we said MUST, I suspect that we'd end up making a whole lot of
> implementations non-compliant.  There's a lot of DTLS 1.0 out there.
> That said, the same applies to SHA-1.
>
> I guess it depends on your stance regarding what is as opposed to what
> should be.
>
> FWIW, we didn't ask this sort of question because the intent was to
> clarify hash usage only, avoiding touching the rest of the document.
>

I'd be fine if you said "SHOULD" for BCP195 compliance. Would
that work?



> 
> 
>

v2.23.0 | Report a Bug | By Email