IETF Logo Mail Archive

Re: [OPSAWG] Fwd: New Version Notification fordraft-hmac-sha-2-usm-snmp-00.txt

t.petch <ietfc@btconnect.com> Fri, 28 March 2014 15:55 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFC131A00DC for <opsawg@ietfa.amsl.com>; Fri, 28 Mar 2014 08:55:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_15=0.6, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id udoO8sRSqlaV for <opsawg@ietfa.amsl.com>; Fri, 28 Mar 2014 08:55:44 -0700 (PDT)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1lp0015.outbound.protection.outlook.com [213.199.154.15]) by ietfa.amsl.com (Postfix) with ESMTP id C69291A0450 for <opsawg@ietf.org>; Fri, 28 Mar 2014 08:55:43 -0700 (PDT)
Received: from DBXPRD0510HT003.eurprd05.prod.outlook.com (157.56.252.165) by DB3PR07MB060.eurprd07.prod.outlook.com (10.242.137.151) with Microsoft SMTP Server (TLS) id 15.0.898.11; Fri, 28 Mar 2014 15:55:40 +0000
Message-ID: <008001cf4a9d$5c9938a0$4001a8c0@gateway.2wire.net>
From: "t.petch" <ietfc@btconnect.com>
To: Johannes Merkle <johannes.merkle@secunet.com>, opsawg@ietf.org
References: <20140324120302.7098.2512.idtracker@ietfa.amsl.com> <5330268C.4060002@secunet.com> <042901cf49e6$cdfab8a0$4001a8c0@gateway.2wire.net> <53357755.5030205@secunet.com>
Date: Fri, 28 Mar 2014 15:49:08 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [157.56.252.165]
X-ClientProxiedBy: AM3PR07CA005.eurprd07.prod.outlook.com (10.242.16.45) To DB3PR07MB060.eurprd07.prod.outlook.com (10.242.137.151)
X-Forefront-PRVS: 01644DCF4A
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009001)(6009001)(428001)(2473001)(51704005)(377454003)(13464003)(199002)(189002)(19580395003)(79102001)(47736001)(95666003)(49866001)(94316002)(31966008)(76796001)(19580405001)(76786001)(50226001)(83322001)(74662001)(47446002)(92566001)(74502001)(50986001)(23756003)(47776003)(62236002)(97336001)(15202345003)(4396001)(33646001)(77156001)(88136002)(97186001)(20776003)(76482001)(69226001)(47976001)(89996001)(93516002)(87976001)(94946001)(95416001)(54316002)(80976001)(56776001)(87286001)(87266001)(90146001)(53806001)(85306002)(93136001)(81342001)(66066001)(59766001)(74366001)(92726001)(81542001)(77982001)(65816001)(85852003)(61296002)(15975445006)(42186004)(51856001)(83072002)(46102001)(98676001)(77096001)(84392001)(56816005)(14496001)(62966002)(44716002)(93916002)(86362001)(80022001)(74706001)(74876001)(50466002)(74416001)(7726001); DIR:OUT; SFP:1101; SCL:1; SRVR:DB3PR07MB060; H:DBXPRD0510HT003.eurprd05.prod.outlook.com; FPR:A4DFF5F5.AFE29BF2.BFF1518F.80E4DE79.2042B; MLV:sfv; PTR:InfoNoRecords; A:0; MX:1; LANG:en;
Received-SPF: None (: btconnect.com does not designate permitted sender hosts)
X-OriginatorOrg: btconnect.com
Archived-At: http://mailarchive.ietf.org/arch/msg/opsawg/hjDF-vKnt8htvezZk85bjmg-wWI
Cc: Manfred Lochter <Manfred.Lochter@bsi.bund.de>, uri@ll.mit.edu
Subject: Re: [OPSAWG] Fwd: New Version Notification fordraft-hmac-sha-2-usm-snmp-00.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2014 15:55:47 -0000

----- Original Message -----
From: "Johannes Merkle" <johannes.merkle@secunet.com>
To: "t.petch" <ietfc@btconnect.com>; <opsawg@ietf.org>
Cc: "Manfred Lochter" <Manfred.Lochter@bsi.bund.de>; <uri@ll.mit.edu>
Sent: Friday, March 28, 2014 1:21 PM
> > t.petch wrote on 27.03.2014 19:02:
> > Some more red tape.
> >
> > The copyright in the MIB module is 2004.
>
> oops! Got me, I copied and modified that from RFC 3826.
>
> > You used the word 'SHALL' in s.3 which says to me that you need a
> > reference to RFC2119 and the boilerplate associated with it.
>
> Right, I'll will include reference to RFC 2119.
>
> >
> > Normally, anything with a MIB Module in it contains standard MIB
> > boilerplate about the standard management framework; but this MIB
Module
> > contains no objects, just identities, so does it need the
boilerplate?
> > I would say not, but RFC4181 says it does (which in turn drags in
four
> > more references)!  need guidance there.  You should at least include
> > RFC2578 in the references since that appears in this MIB module.
> >
> > I must re-read RFC4181 - I suspect that there is more in there to be
> > added to this I-D.
>
> I am not familiar with MIBs, thus I appreciate your and Uri's
assistance. Isn't RFC 3826 a proper example how to do it?

RFC3826 has not got a MIB module in it and so is not an exemplar for
that.  I have looked for a recent one that adds OBJECT-IDENTITY - as
opposed to OBJECT-TYPE - but cannot find one.  A good example of a
recent MIB module (with OBJECT-TYPE) that does conform is
http://www.ietf.org/id/draft-ietf-6lo-lowpan-mib-00.txt

Sections 2 and 3 could be lifted for use here.

Section 7 applies when there are OBJECT-TYPE and so does not here but
Section 8 gives a partial template for IANA Considerations, for the
module registration but not for the entries in SnmpAuthProtocols.

http://datatracker.ietf.org/doc/rfc6353/
 defines an OBJECT-IDENTITY under snmpDomains while
  draft-ietf-isms-dtls-tm-09.txt
is what it was like beforehand (although I would have liked that I-D to
have spelt things out more clearly -  it is an exemplar but a not
terribly good one IMO).

Sorry if I confused you with my reference to Suite B.  It was a hot
topic around the time that I first saw SHA-2 discussed on the IETF lists
and so was cited as a motivation for moving to it (and stuck in my
mind).  That is probably history but government requirements for SHA-2
were another motivation - which is a post that Uri made many years ago,
in 2008 - and that I imagine is still current. At the same time, my
sense is that for the use to which MAC are used here, then MD5, although
weakened, is still good enough, ditto SHA, but that is very much a lay
opinion; I am sure that you know the field better than I.

Tom Petch


> Johannes

v2.23.0 | Report a Bug | By Email