IETF Logo Mail Archive

Re: [OPSAWG] CALL FOR ADOPTION: Transport Layer Security Verion 1.3 (TLS 1.3) Transport Model for the Simple Network Management Protocol Version 3 (SNMPv3)

tom petch <ietfc@btconnect.com> Fri, 17 December 2021 17:29 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 283943A03F8 for <opsawg@ietfa.amsl.com>; Fri, 17 Dec 2021 09:29:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PuP8CuHq7mO7 for <opsawg@ietfa.amsl.com>; Fri, 17 Dec 2021 09:28:58 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-ve1eur03lp2059.outbound.protection.outlook.com [104.47.9.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CE4E3A0064 for <opsawg@ietf.org>; Fri, 17 Dec 2021 09:28:57 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mo8+3tP5mUnBXTsrd1v76jsb44jhL8AVWXQ5fHrE3ccGh4KqptJTLslw4ZMcHg1e2ZgjvEBi1E6OIyXsJ6Ig0wwN3fhKDDjO49RQrJ4BmgwHVma6vgqnSThoExtepk6+HQ8iNwVsKZyI2DkxRImGPd6KnQyXUN0uoKXOv3TqVLhnLvH/W9zT6PxGvh/4sWRWDQOl17ONF2wpdJQVkSGh5PvLcKgA7OpM2/yquEMmg3XAkfvnUCNhFbiULBCKx6uacF7i0ZPhw4f22IZJbhtbzQIehTN8BRDknKXBdrqfzK7c7CmAwDApYrFdYfaTcVtvcv5n1fGtcHEim2CFmX3Etw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eH2Sf/0hgHgocjLSUSyo8GsfjyXjV6xJNeDfetsXGlw=; b=h6ddSFr9kU/AOk0P4TnqCsBBAJodhJEi3cbxb4mSQ5fsMdN6WmG8IoQZzm5xGPMZSHw1iwJ7Zeyzt+PW8Hlyi7r6S77aVX182ySq2umbgcFh8/cWZU4uA3RvgnEO0gyQMW54eIbmKwdc6rhWwEyHMs1BrbzSCU1IbJlnPtXL2Q92/9ilf/o4BYgoO3litjiJVlSTkglxJVW7xhmJ0iGXLAbRzDJSu7EtCu+Ci6HOTPIZbp/A0BPofh/fZujB7VbBNJSURVj6XNWVAivsbrHfaAYIhDTA0e5o5PtLYKQWJvQ5d3m6HPLg2hSn+HxfyTlwF5yHlHe1HpcsnLSbW69IOA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eH2Sf/0hgHgocjLSUSyo8GsfjyXjV6xJNeDfetsXGlw=; b=s0HxWu5Q+AeFQqgLXTSySu/MG/59DVjb+pq86PXQUZa6GzloRceJ4afQmkU/9GC32bYD23YfHAREMSXmM/XIFrKUdqfpeMjgqTXioQN1KHTkMCYiVhPvjjKEhUqeoP/9zhukCDtZS0p6QetSY+Ip2H3R0Wl19R4zbLlFdh+nvDU=
Received: from AM7PR07MB6248.eurprd07.prod.outlook.com (2603:10a6:20b:134::11) by DB6PR0701MB2517.eurprd07.prod.outlook.com (2603:10a6:4:63::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4823.8; Fri, 17 Dec 2021 17:28:54 +0000
Received: from AM7PR07MB6248.eurprd07.prod.outlook.com ([fe80::719a:2b70:b9fd:d912]) by AM7PR07MB6248.eurprd07.prod.outlook.com ([fe80::719a:2b70:b9fd:d912%5]) with mapi id 15.20.4823.008; Fri, 17 Dec 2021 17:28:54 +0000
From: tom petch <ietfc@btconnect.com>
To: "Joe Clarke (jclarke)" <jclarke=40cisco.com@dmarc.ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: [OPSAWG] CALL FOR ADOPTION: Transport Layer Security Verion 1.3 (TLS 1.3) Transport Model for the Simple Network Management Protocol Version 3 (SNMPv3)
Thread-Index: AQHX3WJAdwbymTOhak2O6ZI6lGf3saw3FhqE
Date: Fri, 17 Dec 2021 17:28:54 +0000
Message-ID: <AM7PR07MB624852B472EAFAF009EF2DE9A0789@AM7PR07MB6248.eurprd07.prod.outlook.com>
References: <BL1PR11MB53687965E7A0BD7C0F090073B89C9@BL1PR11MB5368.namprd11.prod.outlook.com> <BN9PR11MB537169D7B4D554A3B3C9796CB8769@BN9PR11MB5371.namprd11.prod.outlook.com>
In-Reply-To: <BN9PR11MB537169D7B4D554A3B3C9796CB8769@BN9PR11MB5371.namprd11.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
suggested_attachment_session_id: 2155d48d-6fdd-d399-1c35-a3f0c1e4841c
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=btconnect.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 805d93bf-4703-4d34-a4d1-08d9c182b31a
x-ms-traffictypediagnostic: DB6PR0701MB2517:EE_
x-microsoft-antispam-prvs: <DB6PR0701MB25170613F90B43981D22D781A0789@DB6PR0701MB2517.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: PsFm5Ztcy91x2+cAzMkFw880VJDnBk5Z4fJUPaMBpUb/dLKFNF2pGcuXw3TJQ2XuOk9Drxpp1sl8gQOSZcIyoRmh9Mtt/c6Y6OqF39YXhAp3CJ2+KgnRYDTg9uw5IRTS+Ma1Q7+gPwehSfHlorhYfm1R+HMDDPyH/dInQxV6eG+iJNL5RmNc5lp7milgTvn9utKcHKZag5G0zLwr7Ua6mbtYsNKAWjR5kn99JrtqRTXFolDyhhPietuJ1N/DqfTIfJLZ+hNiFzAEhnI0EWj6PNCOjxZ/oRcMlyZo/Jzcap35UEVo3Oq1xmu5qGmd4EQFMU/I5U0o7fLpHSkgqDE4YfX8TkRrxDQSabLPEu5ymvBHjrp3/Iq3aARmFpXN2lIuz8wdSq1hnPutk+OwiiL1GL1vVfv8IWluvVFd/t6oyPgGqicvpPOjEMxrF10HmVzeXw/6p+cBT4TobjaqwgqxKZXPnR4q2qFWhb11R0yTsBUkBmLMN+QJ2K59m77beBYiFkbdIpLhmpPCtz1w5WCQQBAQWsveQwO4MEZ8zHeS6VSyyWhcLdrp/CCwJzOjMu6ndtlaqJHrO1y7txDRuOaXrqwYPEVEWkiax+uvHcfp+WctDSfwn8tq6fxgzwnAf8tvnk8RiIR0SALEoizXX/FXzyV3P+pt2ukYC71pgxF4HnW7Eu8UljAHJC2e1/De/QARAHn2PaQMb589MN43wPvtq8+86pum+RC2ihGubsHXLQJxEsigenamPsCTQ2ZJJL6ZMDj1fbcoCSVsRLVnt4wKBmzHVtzApFu0vf1vbEkWdySQ6vzuDSHHfagrgt/OsC4l/oOlB+1croIEw6O1NGaGkg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR07MB6248.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(82960400001)(966005)(52536014)(66476007)(38070700005)(64756008)(8676002)(9686003)(8936002)(71200400001)(66556008)(508600001)(38100700002)(15650500001)(122000001)(55016003)(83380400001)(2906002)(110136005)(86362001)(186003)(316002)(91956017)(26005)(5660300002)(76116006)(66946007)(53546011)(7696005)(6506007)(33656002)(66446008)(20210929001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: QlNtpIyZC/FrwgSwpmy6hLdoW7IK4MWILcv/NlenNyfmrYqH2UBJcFNoiZ4DI6w3c/4yTUgGhn98XYGFsXVe6RVS8ud9dCI5AKkAD177xUtuPCg3OT4002NlY+kXMPCZLnA6ALDOY7NC9+/yths8MC9rq/PaCxg8p3GEj28ou50uT7ZyvojLGghHK8Mxt3gfku2tebNqvTLIJqTHVjp03/E56JSqlCSl6IHdMkiiCAnK+XfituvlB/jaCEyjVpAgo7vmmkoY5HqbtxAdKzBhwCUXz1hxVRUr98dckNlFTaFL8KGAB5BvJrVsMoyfgaC76T7rtdeddB5XLGuwc6BrS+ZfANM/PeDOX4VnZYn5G5woQhsE4N2MenQ0Sn6f8yy1r6SB3eoDmkhkJZaHlAlc6ktChOVc1T9vGZIlm8LtdadSutgto/8Y/RWA2E+VVFcNSwqjvHuUIHFIL+9wTegpB2mMGGailsD+8DcfQnRBAjoPBCh2d6CQhZik+E8eur6U8SxJGGpTvg2CXWxhOF4Hqsptns4DLjEzCIV2NKiEzTOzEbn62qmyTl0+0/fmK3lxtgxUi+mUd+/gHvZgA0IYsg0gAbJSUfQLLpWnL5LKI/T8lUDEzPO5CVdLiEVXdLQOMadqdqjGUmlhuM6mnDNGKLjFRwe/lfRM5yw5KtAwp+QEc4w/rhU3YZkjt9jP+gP1b5c16pEQgOvrbTFbEmDrHOIZPEZalo+06TQlv3fk6uw4QeLPc746sg0OB5fGY8+LHOeIDgn4qV1KgphogOP/Vl8eVHOs+QspCYcFYn3GFeRuS6AJRYACEqFsYyummQTgiZnXqXlsx7eYGJje8AWw1gG7R6Dryjde9xzWOhEUJ4GkzB1YaNSNwhlFw/N6kOjBOaKXF77Kb6h8hqo8vur9u9pXvBJLFSa8xv+iQNZzl5c/uojLdt2syFqDmeSiiDi7ujLBFr1u7qzR4v4BwrYXfuLrxBCes/s+BXPLA0Wu8tVsjgtgKQ3ggFfblpVF1XAfO9uePCdEyCMJuD5+TZDNxyOr7JlFu4ne9KJRLQVPgXGS5qQ9XmLA4Sasm9p0956LjdWnuol2qdjq1CmVUdNsD1YqhFLL1EzE6YZ5DrcU7AEH68XYw2uWzyQ7XqS774XAc12hHBOkk9cfq7BfRD9wwHRxr296XyKNA6zuFet06j7/tf26TumD/mI8VZIIUOy/sMZRYUowTjKiqIxe2Tls+nkgGsc+D/H6EtMNnCGnOMBYweNJ1+gP0tbRVnsaAg1+WehlSUpRdnWdV7Q2pPEycEnXRgGE62cVU1tHt9z10HG5A4bK2tevHp0MzEw5qyFP1Gfv2HTPpRwcR0uwWdnqOaO38TxuWS61WQaF/uZSSF5YlKvLxFy99SUKs4dxp2n2KYDGCP5aVwWiz7wZdP4vA9FtGfCb4OUUeaBbrNxacbODwm+VO+rRfU/JcIgdNNUnAU2D0vArkAP3vK+AmUHotHXmcCc0ZXvkGuqtA3s2W9bmiSNI/xmb4EsasSCugK3fYhu9CXObFNYhiTwqtn8gWJKzzih5/jO22bHzVWWZ9cLiREfSwhTjnb0w+5BWPb8j/05quJwjhUKc51bn/2RBXA==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR07MB6248.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 805d93bf-4703-4d34-a4d1-08d9c182b31a
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Dec 2021 17:28:54.3788 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GbYszWM6YSRwgxx+NehShRUI2P55eInvgIDmBFFKSp6DNCKv7z/oWWaaYdnUuZdLaGU56UDxdpfZyNPqaGdHBA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2517
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/qukafIBgOdXU49FvSp5muXJSOOI>
Subject: Re: [OPSAWG] CALL FOR ADOPTION: Transport Layer Security Verion 1.3 (TLS 1.3) Transport Model for the Simple Network Management Protocol Version 3 (SNMPv3)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Dec 2021 17:29:10 -0000

Some initial thoughts for a -01

The anchors need to go from the Abstract

RFC6353 is a Standard - there is then a process issue as to whether or not this is still a standard!

Conventions lacks RFC8174

s.4 The TLP is out of date.  The current one has Revised not Simplified

Has there been any feedback from the author of RFC6353?  Should be be a co-author?

Does this update or replace RFC6353?

RFC6353 has already been updated by RFC8996.  I think that this I-D needs to be clear which updates have already happened.

This I-D sets out to be all singing all current TLS supporting.  Should it just be TLS1.3?

Do the updates fall within those permitted by SMI or should this be a newMIB branch?

Tom Petch
________________________________________
From: OPSAWG <opsawg-bounces@ietf.org> on behalf of Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org>
Sent: 15 December 2021 18:42

The CFA has concluded, and judging by the discussion, there is enough
interest to adopt this work.

Ken, please rename the draft as draft-ietf-opsawg-tlstm-update-00 and
submit it to IETF DataTracker.  One of the fields on the submission page
is the document this replaces.  Indicate that this replaces
draft-vaughn-tlstm-update.  DO NOT make any other changes to the
document other than its name and revision for this initial submission.

Some of the comments raised in the CFA were around making sure we have
requisite TLS expertise to review.  We extended the CFA to the tls WG,
and we will continue to engage there to ensure proper review.  Of
course, we will also work with SEC DIR as the document progresses.

Another major question was whether or not we can continue to use
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
for the TLSHashAlgorithm identifier.  Doing so would greatly simplify
things.  We will check with the registry experts to see if this can
continue to be used (though this might have to wait until Jan).

Joe

On 11/19/21 11:27, Joe Clarke (jclarke) wrote:
> Hello, WG.  Kenneth presented
> https://datatracker.ietf.org/doc/draft-vaughn-tlstm-update/ at IETF112
> to us, and this was previously presented at SecDispatch at IETF111.  The
> feeling there was that this work had merit, but Sec didn't have enough
> SNMP experience to be the owner.  At the AD level, the feeling was that
> perhaps opsawg did have the expertise and could pick this up.
>
> Therefore, this serves as a three week call for adoption of this draft.
> The three weeks is being given due to the US holiday next week.  There
> has already been some comments regarding scope that have been raised
> on-list, and Kenneth has called out potential courses of action in his
> 112 presentation.
>
> Please respond by December 10, 2021 regarding your thoughts on adopting
> this work as well as comments on the work so far.
>
> Thanks.
>
> Joe
>
> _______________________________________________
> OPSAWG mailing list
> OPSAWG@ietf.org
> https://www.ietf.org/mailman/listinfo/opsawg
>


_______________________________________________
OPSAWG mailing list
OPSAWG@ietf.org
https://www.ietf.org/mailman/listinfo/opsawg

v2.23.0 | Report a Bug | By Email