Re: [netconf] Murray Kucherawy's No Objection on draft-ietf-netconf-crypto-types-29: (with COMMENT)
Kent Watsen <kent+ietf@watsen.net> Fri, 02 February 2024 19:46 UTC
Return-Path: <0100018d6b5bcb6c-62885f11-71d2-43bc-857f-11fed84067aa-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 103B0C14F615; Fri, 2 Feb 2024 11:46:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yqijy5nZoF2o; Fri, 2 Feb 2024 11:46:36 -0800 (PST)
Received: from a8-88.smtp-out.amazonses.com (a8-88.smtp-out.amazonses.com [54.240.8.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDBA2C14F60D; Fri, 2 Feb 2024 11:46:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1706903194; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id:References:To:Feedback-ID; bh=Lq0aC0ga5LA6hNaVOaiyaKKe1RPBwZvg6/xGyt2pJv8=; b=JDqfWg7hHL7TvbjAnpa2HEF8iy2YaxC13kNCyAYHSl6qhWWzF3VHiA4eRUhXw5as ovapC1fhUrtIbtPhzecf5xzgh8UPPCX2sqejYEUAk4vHWMbNlhjQZY/hQHyVmn9MluV ZbJi/jm7lUMGlnQVXPLadOklpdmEarsAx7If7N88=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
From: Kent Watsen <kent+ietf@watsen.net>
In-Reply-To: <170677356931.29683.8595814820878108343@ietfa.amsl.com>
Date: Fri, 02 Feb 2024 19:46:34 +0000
Cc: The IESG <iesg@ietf.org>, draft-ietf-netconf-crypto-types@ietf.org, "netconf-chairs@ietf.org" <netconf-chairs@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>, Mahesh Jethanandani <mjethanandani@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-ID: <0100018d6b5bcb6c-62885f11-71d2-43bc-857f-11fed84067aa-000000@email.amazonses.com>
References: <170677356931.29683.8595814820878108343@ietfa.amsl.com>
To: Murray Kucherawy <superuser@gmail.com>
X-Mailer: Apple Mail (2.3731.600.7)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.02.02-54.240.8.88
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/Wbj2AXwF-Eyd2ooC9Is22c5nIHI>
Subject: Re: [netconf] Murray Kucherawy's No Objection on draft-ietf-netconf-crypto-types-29: (with COMMENT)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2024 19:46:40 -0000
Hi Murray, Thank you for your valuable comments. Please find responses below. Reminder to all IESG members: if my response ever suggests that an update has been made, i.e., using words like “fixed” or “updated”, please know that I always mean that the update has been made in my local copy. It is my intention to publish a bulk-update (to all nine drafts) once the churn dies down on these first three drafts. Kent > On Feb 1, 2024, at 2:46 AM, Murray Kucherawy via Datatracker <noreply@ietf.org> wrote: > > Murray Kucherawy has entered the following ballot position for > draft-ietf-netconf-crypto-types-29: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-netconf-crypto-types/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Similar to what Paul's DISCUSS says: > > Section 3.5: > > That said, expert Security opinion suggests that already it is > infeasible to break a 128-bit symmetric key using a classical > computer, and thus the concern for conveying higher-strength > keys begins to lose its allure. > > Can we make a reference to said opinion? Without that, this looks like > argument from authority (and an anonymous one at that). This seems like a duplicate to your email I just replied to. I guess that you added to your DISCUSS the extra bits below? > === > > Additional comments from incoming ART AD, Orie Steele: > > Section 1.4 > > Prefer to see the exact base64 format cited (not base64url, with or without > padding , etc...) This text now references Section 4, RFC 4648, per comments from Francesca and Carsten. > I assume normative terminology in the model itself, does not contradict the > RFCs from which it is derived? What text is this comment connected to? >> "A private key and, optionally, its associated public key. >> Implementations SHOULD ensure that the two keys, when both >> are specified, are a matching pair."; > > Why not MUST? Changed to a MUST - thanks! >> "A private/public key pair and an associated certificate. >> Implementations SHOULD assert that the certificate contains >> the matching public key."; > > Why not MUST? Changed to a MUST - thanks! >> "A private/public key pair and a list of associated >> certificates. Implementations SHOULD assert that >> certificates contain the matching public key."; > > Why not MUST? Changed to a MUST - thanks! >> 3.3. Unconstrained Public Key Usage > > This seems not great. later... > >> whereby associated certificates may constrain the usage of the public key > according to local policy. > ... >> whereby configured certificates (e.g., identity certificates) may constrain > the use of the public key according to local policy. > > Why is this not a SHOULD / MUST ? You’re right. I changed the “may” to a MUST. >> 3.5. Strength of Keys Conveyed > > it might be better to convert this to a recommendation, with MUST NOT / SHOULD > NOT, etc... Agreed, I made this change: - <t>When accessing key values, it is desireable that implementations + <t>When accessing key values, implementations SHOULD >> Implementations SHOULD only use secure transport protocols meeting local > policy. > > Why not MUST ? I removed this entire Security Recommendation ("Use of Recommended Ciphersuites”) per a previous comment, so nothing to do now? :) >> This module defines storage for cleartext key values that SHOULD be zeroized > when deleted, so as to prevent the remnants of their persisted storage > locations from being analyzed in any meaningful way. > > Nice to see this recommendation. :) Thanks again! Kent
- [netconf] Murray Kucherawy's No Objection on draf… Murray Kucherawy via Datatracker
- Re: [netconf] Murray Kucherawy's No Objection on … Kent Watsen