IETF Logo Mail Archive

[OPSAWG] SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07

"Joe Clarke (jclarke)" <jclarke@cisco.com> Tue, 27 September 2022 15:36 UTC

Return-Path: <jclarke@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91E3DC152567 for <opsawg@ietfa.amsl.com>; Tue, 27 Sep 2022 08:36:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.603
X-Spam-Level:
X-Spam-Status: No, score=-14.603 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=WJEmLckj; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=dVYYkBai
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06qhXcmfZMry for <opsawg@ietfa.amsl.com>; Tue, 27 Sep 2022 08:36:28 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDEF3C14CE24 for <opsawg@ietf.org>; Tue, 27 Sep 2022 08:36:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6719; q=dns/txt; s=iport; t=1664292988; x=1665502588; h=from:to:cc:subject:date:message-id:mime-version; bh=F5GAQYhE+1B58O+/6+eZbSH/BI+VVBA7dz9GP3tm33M=; b=WJEmLckj+UiwpnR2uO/1CsCzVIsN5QXAaI3BZ3QB0videlUeqnjdFlrP nmAtemSj25c4qCV8YjtpsY63eRjlcJfUIihDK4XUbposJQVBwVXzIP8Gf 8tgOn/Ln+QhqMWES/kDEctum++kXXSi+Ge1H/Q/S942wQ6r02ww8HQJ3x Y=;
IronPort-PHdr: A9a23:3p0qmhaxUOqIXpN4XrWuapH/LTAphN3EVzX9orIriLNLJ6Kk+ZmqfEnS/u5kg1KBW4LHo+lFhOzbv+GFOyQA7J+NvWpEfMlKUBkI2skTlhYrVciCD0CzJfX2bis8ScJFUlIt/3yyPUVPXsjkYFiHqXyp5jlUERL6ZmJI
IronPort-Data: A9a23:sViHMq/Q1be69OR0SIZFDrUDq3yTJUtcMsCJ2f8bNWPcYEJGY0x3xjdMDG+GaanZMWemKdx+bI7l9R4H6pSEm4NnSQE6pH1EQiMRo6IpJzg2wmQcns+qw0aqoHtPt63yUfGdapFtJpPgjk31aOK58CAijfjgqofUUYYoBAggHWeIdw954f5Ts7ZRbr9A2bBVMSvU0T/Bi5W31Gue5tJBGjl8B5RvB/9YlK+aVDsw5jTSbB3Q1bPUvyF94Jk3fcldI5ZkK7S4ENJWR86bpF241nnS8xFoAdS/n/OqNEYLWbXVewOJjxK6WYD73UME/XN0g/19baZBAatUo23hc9RZyt5JvIazRC8iP7bHn6IWVBww/yRWZPUbouKbfyfl6qR/yGWDKRMA2c5GD18/IIIY/M5rG2xQ9PgfLnYGaRXrr+Wu27ukRcFti9gtas7xM+siVttIpd3CJewtTZaGSKLQ6JoJmjwxnctJW/3ZYqIkhfNUREyoS3Vy1p0/UvrSRNuVu0Q=
IronPort-HdrOrdr: A9a23:jKVoQa2fhTWFfhHY4qL/sgqjBTByeYIsimQD101hICG9Lfb3qyn+ppsmPEHP5Ar5AEtQ4+xpOMG7MBfhHO1OkPQs1NaZLULbUQ6TTb2KgrGSuwEIdxeOlNK1tp0QOZSWaueAdmSS5PySiGLTfrZQo+Vvm5rY4ts2uk0dND2CHJsQiTuRZDzrd3FedU1jP94UBZCc7s1Iq36LYnIMdPm2AXEDQqzqu8DLvIiOW29KOzcXrC21yR+44r/zFBaVmj0EVSlU/Lsk+W/Z1yTk+6SYte2hwBO07R6e030Woqqv9jJwPr3MtiEnEESttu9uXvUjZ1S2hkF6nAho0idprDCDmWZkAy050QKsQoj8m2qT5+Cn6kdr15cnomXox0cKZqfCNXUH4oN69PxkWwqc5Ew6sN5m1qVXm2qfqppMFBvF2D/w/t7SSnhR5zyJSFcZ4JouZkZkIPwjQa4UqZZa8FJeEZ8GEi6/4Ic7EPN2BMWZ4PpNa1uVY33Qo2EqmbWXLzwONwbDRlJHtt2e0jBQknw8x0wExNYHlnNF8J4mUZFL6+nNL6wtnrBTSc0da757GY46MIKKI32IRQiJPHOZIFzhGq1CM3XRq4Tv6LFw/+2ucIxg9upGpH0AaiIriYcfQTOcNSTV5uw7zvnkehTMYQjQ
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BUBgAHbIJi/5FdJa1agQmBT4EhMVIHdQJYOUOIGgOFMYUJmSqFE4EsgSUDVAsBAQENAQFCBAEBhQIChT4CJTQJDgECBAEBARIBAQUBAQECAQcEgQkThWgBDIZFFi4BASkOAREBgQAnBA4NGoJcggxXAzEBn3UBgT4Cih94gTOBAYIIAQEGBASFDRiCOAmBPIMUhCeCah6ERByBSUSBFUODJYRGhAuCLpVhBzoDVIEFEoEhcQEIBgYHCgUyBgIMGBQEAhMSUx4CEwwKHA5UGQwPAxIDEQEHAgsSCBUsCAMCAwgDAgMjCwIDGAkHCgMdCAocEhAUAgQTHwsIAxofLQkCBA4DQwgLCgMRBAMTCg4LFggQBAYDCS8NKAsDBQ8PAQYDBgIFBQEDIAMUAwUnBwMhBwsmDQ0EIx0DAwUmAwICGwcCAgMCBhcGAgJxCigNCAQIBBweJRMFAgcxBQQvAh4EBQYRCQIWAgYEBQIEBBYCAhIIAggnGwcPBzYZAQUlOAYLCSMcHAEPEQUGFgMmUgUEmB1kAQNDgiOSdY1Sn1OBMAqDTKAmFYN1pGEBgUuVGyCCKp9ChHICBAIEBQIOAQEGgWE8gVlwFYMjURkPjisXg1CKXnU7AgYLAQEDCZEaAQE
X-IronPort-AV: E=Sophos;i="5.91,230,1647302400"; d="scan'208,217";a="1052546723"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Sep 2022 15:36:26 +0000
Received: from mail.cisco.com (xfe-rcd-003.cisco.com [173.37.227.251]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 28RFaQ7V004701 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Tue, 27 Sep 2022 15:36:26 GMT
Received: from xfe-aln-003.cisco.com (173.37.135.123) by xfe-rcd-003.cisco.com (173.37.227.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9; Tue, 27 Sep 2022 10:36:26 -0500
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (173.37.151.57) by xfe-aln-003.cisco.com (173.37.135.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9 via Frontend Transport; Tue, 27 Sep 2022 10:36:26 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EQJM8fhcFXpQ/j+h0GAHKV4XK8WAVvWi6hXk+UlkHSci6R4fNXa4GcLc6awoL+ZlJr58GSScTv6CbnauRF7/6CVttMCQyHIWK64wrGVc1cw8lM/gHeMNJZlGGUZaohJYRnWGg59T/4DfSR8B5OLkF4E8OiMF4MmWFgSTvHlkzs6JShnsE5zo/gPS5B+BzXkODmZz0fYXWkRcmHJ4+pflwBwb+wA3XLH17W/Bjr+BfjYtvUH7itO+oAPiHdC07YGlUqHBaXP47ioDfKZ9AiS3t01Gm2mxkQbcu1eyl28CnslO1ZcusrvWNBoi18/GiiH7D/N16Pe07iQGIPS7wd2vMQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6VTF1alb+PloBFiyrZk3Hz3M3f/IjhqAlGsoVNsqxTw=; b=ElslQqGIfL8NrRM/QVD5jSrMvf9ZEdBdRjypd0mwg8h9PQVZiB+vkB2z2I3PmRgrab+is3j9rPQ2UhcPad1ZnIpelPxg4O4ZPGpHefuR9X5lQMCdcX28R4uZGfK8f+r+ELWZY4wMR8nG1Ca2PfZUITDgZYPNi5pCWqJGFWH7hLB9gdvKc9LyQerhsWzLhh3vZIc7qLfy8aldJ6dloMQdxPEs6A0egsCoIf89UmE9dj5gLUjYpnnmkC1dE6oFY2CE8UqmWSrIGl1QfwEzViaLU+/eSfvFjnyPNK6IvB5z27AuympNa5ImSZ5DIoWA2sJ92bmq3UotqhrVOw0yyFy14w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6VTF1alb+PloBFiyrZk3Hz3M3f/IjhqAlGsoVNsqxTw=; b=dVYYkBai//Bo+XVzs4bVi13QA99d4t0YoOpXW/plOb+rW4dreZJRo0sbfKyOXfxWucw6Q8vUrdGxEhexDS/+IOekR9fN+IumszMx8KuNxS+M0g+i6OYFKeZar9oyMeHcHH7jpCYlBFV67IGKS6SmZ4TdQPdh50BqsHwtSDF7kzY=
Received: from BN9PR11MB5371.namprd11.prod.outlook.com (2603:10b6:408:11c::11) by BN9PR11MB5259.namprd11.prod.outlook.com (2603:10b6:408:134::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.26; Tue, 27 Sep 2022 15:36:20 +0000
Received: from BN9PR11MB5371.namprd11.prod.outlook.com ([fe80::9cf:eb05:988c:5901]) by BN9PR11MB5371.namprd11.prod.outlook.com ([fe80::9cf:eb05:988c:5901%9]) with mapi id 15.20.5676.015; Tue, 27 Sep 2022 15:36:20 +0000
From: "Joe Clarke (jclarke)" <jclarke@cisco.com>
To: "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
Thread-Index: AQHY0oTl9I5/w/kSKUGGUMbKUOaEqA==
Date: Tue, 27 Sep 2022 15:36:19 +0000
Message-ID: <BN9PR11MB537103C29F1F2300DD1C10E1B8559@BN9PR11MB5371.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN9PR11MB5371:EE_|BN9PR11MB5259:EE_
x-ms-office365-filtering-correlation-id: 0529a6e8-8a48-49ae-a4ab-08daa09e0673
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: t3CviTGSoHlzFEvua0FpvdlZ5UfFTl7/rUSvu+m3vIKLYh1+4hhElhxAMkEumcqaIQXlxDOJmao++N6nB1OVzO7/ItamBtKioY21Llmq6lehdxaR3AEjUxDTdUVXI9iEiAXS0N2FE7TaMGeiErguaWycjJ7RUHgVl47PVD5kRGj525eNzHBDQOFejsvSYSSAsKUYOcbd6s8KqEx1Ufc1Kck99uth0c09cCVDGQzggcot1lRe7sIgM0SKvTHjEte/SVcbpZT3WjD7TQYnbIbzaB6DGLtmh4eux62qbpoXKp73kgYcV9mIRJhbRDU5XYgwk2TKMOsggEVn3OpzGeJtHU4QQ3AFZxMxCdWRsqzcIfk8SuIe6I/cXrXqCDak+9iQow+rvEyU3+dnT6RRSXz18fjKgJ+hd4Xqooqvepnj/wcvCB3cIKIoDBZnHoU8smpXnzk7X/l0QyCPWbEI7UprlYRn9SlAmxnWhLv6sqkv1CqQgMQRLcdbNML1sqbtIpjPfeHnuBKZpYbz1kl6bgjiiPgV7sPyCxuydjNIpK2NFx5gJHWyezmIOcsWtLSWsru6hZY5cO+Mxk2STyAsHUJHyVnF/egwVEDJqfrVxGqLMP0oeXUSHmuI72dXw1J45yYk4+dRmS+eVfx/CTQlZJYKoimJjPjsUsLICd0tI8giUPGLnd0hl5d7TzTmcQ8wspvJwzKuXgkxeL3am+O2cFG4BlqefFT4ZLaTbNZ+kbXfSned006wnPfPVBuA5zC9tqdeEyYhGps6iHTVPT5bYaSURQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN9PR11MB5371.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(39860400002)(136003)(346002)(376002)(366004)(451199015)(8676002)(83380400001)(122000001)(186003)(38070700005)(66899015)(38100700002)(9686003)(6506007)(478600001)(71200400001)(7696005)(41300700001)(52536014)(8936002)(66556008)(66446008)(66476007)(91956017)(66946007)(4326008)(64756008)(33656002)(5660300002)(4744005)(316002)(6916009)(2906002)(86362001)(55016003)(76116006); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: cMNg+y2WY1e43tvyebV6uj8UVjcEl9QYaRpPHMpQaOirGFmALeK0/ZCaCVSA59mWOSiy/IY6mike9/KQt680BfXmHjUoIdt8EYmJe6u3kwwe4cNKvk1z6pwNEVd1s35xfiNSYk5n5O3OdqOobztehS362boRbUwsbXtnXDLwB6qoKQAGkDi382/R0dw5qxV1i4ovaxTCSKl+KShQQdRzzKVkjat3EKRiIOhagED+5QqFlSN8QZTwNGgsjIA8YzEhYmCfhSahfIxUrpPXdUUVEVOxiQpaKqudj8ewjn3HqeLfJmEroaLsNv7Pdh9x6rJLkrLsborARc8zAZaYuY63ir/Uy1jkLnde1x2mv8ZPEomAO9/9iCBthqQ+eczafzyfOhkLJ/bjzrcyr7eZrUNsuPEUNq7D6qnXJ16vfWdoEEMAEkwGEhe2G2OJAA9UzCySa3smM/QBvGMqp594NTGVy1Nx8nWt6UsLbuPru29QyEeFDMhQNv8U6QcOGZ+RrQ1eN5QSya9Ox6+mZA29WOmlpR3wjADKzc+Q03QoHWEFPyCtXrxzUAcmbDy3xliesDbNoesug8AlciuNwiSd5i887I6b3MQ3rAM6P9g6BoEh/m3Ucs9YQFO+K7pUbNP2LCrr5+xX9mdxl8YzGSrHD+JXGEovBmssu7cIwYyC9vmF5pEnr71qeJU1tYvCICN4AfvGKC5mtYHgnkAZ0pLmec7k8QefQq18gmaJRCmBQMLZhCuKR9/xQtbCgaFMfAZ/TAngLsT940tVnDbbIq3O5HIpPAH2yevCkkbKC6Tq0IMHSIvX/YTOh9j2nZxemVUMjvKZOf4B1hGkpNriL+LfV5nc0dPoTj8hYFaMEgBXswTEuv/zOMA7BucjkEbX0qwmThxd7KhOspsgHTsATmCa63rR6UZ20q7zjP0dw6IEuSDuwadK5o5U9XUvOWWO669zF9IHaKnX2VTrYLBWWQxKMWGHGJAX+0voDYMhb1lolSrhZbuwv/WNF0p85FjGsO7Ll3ATPuyCfIgYamiIwiuAD1aDx2wkAcXIg7JxtapkRlWuntG2QvMR///Z7sPt4oRP5tVoK0CTLncRZPi8d7BzLu5Ida14F6EhwvhGmZY2KCnQn299Nnwmx2qC+FXafFtdsgh3EbXRT06AI9VpEswvW4ZMwTrUob3IQ5atuWeB7DyCepmrj/ovp3sAOBBJplF9Hzr4GlbjCzL1bFU+w0JWgPjxr0oRtKvrIAzBk57hJvierg2K88rzJywdXoLe6saGJpBfZDpXyTdQDvao/yxuQ4HDQuKdSGDppvxqOE46WIByx9HC6in+YSvJuau7zoqfLL0ZiLLFE+oLepSyfPWYFBDmZ0dO6TCiKYwPA+Bvv23L+T79r3ODDPE5xfzg7okd6uIGm5gLBeDppSeeYTGfVGHBmkNUB6BKIDmJJDwnYr+pCUUqAW0CZXxbg4iLNIHCWKeFi3coqxtZ9lJKYbBmA9czpn998iFd0zb4YV/zweYmxfdn3mcYeFzly4EzURAIqdQAOeH14trKQkGQ7//vqOvU/n9dXw5P4ynMf8NTtLDG/USwQ1fTdmfXouuuzkvOprjfwBlhwWLE2EnCC4URfweO7qH8S9Eq9DvU3UlxXWbgN86E+jR8tLFmA+0Qp1UzK5Q/u7N8qd17Gy+7RKpU7dX5BQ==
Content-Type: multipart/alternative; boundary="_000_BN9PR11MB537103C29F1F2300DD1C10E1B8559BN9PR11MB5371namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5371.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0529a6e8-8a48-49ae-a4ab-08daa09e0673
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2022 15:36:19.9396 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: agddtZe6qlehivBRtI1x73W+ULCJVdxhoon5cOc3Bo7rgxPdKLmruml5GxNJ52pWkr1hTFxiioJPdRxVgXbX2g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR11MB5259
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.227.251, xfe-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/hys1xqUOWffebX7INOK7vfykR2c>
Subject: [OPSAWG] SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2022 15:36:32 -0000

I am reviewing -07 of this draft ahead of the shepherd review.  I have found a few nits, but at a larger level, I think more text might be needed for IANA around how to handle the new TLS hash registry.  Currently, the draft talks about a sync to “IANA TLS HashAlgorithm Registry”, which is good.  But what if new values get added to the cipher suites registry?  For example, what about GOST variants?  I would think if the TLS 1.3 spec (and their experts) allow for these algorithms would this registry not just take them?  What would the expert review consider when adding new algorithms here?

In terms of nits:

Search for “ciphersuites” and change to “cipher suites” as that is more consistent with other documents (and I think you use both in this document).


Section 2.1:

s/Values zero through 2/Values 0 through 2/


Section 2.3:

s/stated that TLSTM/states that TLSTM/


Section 3.1:

s/request, offer or use/request, offer, or use/


Section 7

Add a period to the end of the section.

Joe

v2.23.0 | Report a Bug | By Email