IETF Logo Mail Archive

Re: [Pearg] [Secdispatch] Numeric IDs: Update to RFC3552

Fernando Gont <fgont@si6networks.com> Sat, 20 April 2019 17:56 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 598F6120186 for <pearg@ietfa.amsl.com>; Sat, 20 Apr 2019 10:56:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9d80qWt1QD4T for <pearg@ietfa.amsl.com>; Sat, 20 Apr 2019 10:56:55 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD573120162 for <pearg@irtf.org>; Sat, 20 Apr 2019 10:56:54 -0700 (PDT)
Received: from [192.168.0.148] (unknown [88.247.88.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 4D40C84BC0; Sat, 20 Apr 2019 19:56:39 +0200 (CEST)
To: Eric Rescorla <ekr@rtfm.com>, Benjamin Kaduk <kaduk@mit.edu>
Cc: IETF SecDispatch <secdispatch@ietf.org>, pearg@irtf.org, "Iván Arce (Quarkslab)" <iarce@quarkslab.com>, secdispatch-chairs@ietf.org
References: <4ac730a6-73ca-74cd-e848-4a6645bd0403@si6networks.com> <CABcZeBOy6MB0OG2cs=EE6hWB4pXBuNzW=LcQ+1dKmJzHBOUR-g@mail.gmail.com> <bc733114-6f97-532b-02d5-2730e834340a@si6networks.com> <CABcZeBPr2rfVkib684Gz4uCPWtFc4trwusJxNRJ6EPPpA=d0QA@mail.gmail.com> <f3607e4f-c805-3cb5-110b-f09cb8748577@si6networks.com> <CABcZeBPwVDiMKSR-w-oq16FN__j8c8dEqutL3Z92SXKF5RT_Uw@mail.gmail.com> <20190419012507.GB95327@kduck.mit.edu> <CABcZeBNVUvvF9Y8nMk=dRpfH0RNeWtVsfnT2jXWd3w=NGC0_mA@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Openpgp: preference=signencrypt
Autocrypt: addr=fgont@si6networks.com; prefer-encrypt=mutual; keydata= mQINBE5so2gBEACzBQBLUy8nzgAzSZn6ViXT6TmZBFNYNqTpPRvTVtUqF6+tkI+IEd9N2E8p pXUXCd0W4dkxz6o7pagnK63m4QSueggvp881RVVHOF8oTSHOdnGxLfLeLNJFKE1FOutU3vod GK/wG/Fwzkv9MebdXpMlLV8nnJuAt66XGl/lU1JrNfrKO4SoYQi4TsB/waUQcygh7OR/PEO0 EttiU8kZUbZNv58WH+PAj/rdZCrgUSiGXiWUQQKShqKnJxLuAcTcg5YRwL8se/V6ciW0QR9i /sr52gSmLLbW5N3hAoO+nv1V/9SjJAUvzXu43k8sua/XlCXkqU7uLj41CRR72JeUZ4DQsYfP LfNPC98ZGTVxbWbFtLXxpzzDDT8i3uo7w1LJ2Ij/d5ezcARqw01HGljWWxnidUrjbTpxkJ9X EllcsH94mer728j/HKzC9OcTuz6WUBP3Crgl6Q47gY5ZIiF0lsmd9/wxbaq5NiJ+lGuBRZrD v0dQx9KmyI0/pH2AF8cW897/6ypvcyD/1/11CJcN+uAGIrklwJlVpRSbKbFtGC6In592lhu7 wnK8cgyP5cTU+vva9+g6P1wehi4bylXdlKc6mMphbtSA+T3WBNP557+mh3L62l4pGaEGidcZ DLYT2Ud18eAJmxU3HnM8P3iZZgeoK7oqgb53/eg96vkONXNIOwARAQABtCVGZXJuYW5kbyBH b250IDxmZ29udEBzaTZuZXR3b3Jrcy5jb20+iQJBBBMBAgArAhsjBQkSzAMABgsJCAcDAgYV CAIJCgsEFgIDAQIeAQIXgAUCTmylpQIZAQAKCRCuJQ1VHU50kv7wD/9fuNtTfxSLk3B3Hs3p ixTy8YXVjdkVwWlnJjFd7BOWmg7sI+LDhpjGfT6+ddOiwkumnvUZpObodj4ysH0i8c7P4C5t F9yu7WjklSlrB5Rth2CGChg5bKt541z2WHkFFxys9qBLmCSYDeKQkzLqhCjIUJizY2kOJ2GI MnSFDzJjhSFEh//oW830Y8fel1xnf/NVF+lBVtRMtMOfoWUqDjvP3sJ1G4zgkDCnF0CfncLx +hq2Mv26Uq9OTzvLH9aSQQ/f067BOkKAJKsfHdborX4E96ISTz57/4xECRSMr5dVsKVm4Y// uVIsb+L5z+a32FaiBZIAKDgnJO7Z8j6CV5e5yfuBTtX52Yi9HjYYqnYJGSDxYd6igD4bWu+7 xmJPHjkdqZgGV6dQIgiUfqkU+s5Cv350vK48CMaT/ZLo2BdsMhWsmaHmb+waePUMyq6E4E9x 9Js+EJb9ZiCfxS9exgieZQpet1L36IvhiwByvkQM009ywfa30JeMOltUtfLi5V06WQWsTzPL 5C+4cpkguSuAJVDTctjCA0moIeVDOpJ8WH9voQ4IeWapQnX35OIoj1jGJqqYdx65gc1ygbyx b8vw+pJ9E5GLse5TQnYifOWpXzX9053dtbwp/2OVhU4KLlzfCPCEsoTyfu9nIZxdI2PMwiL5 M85BfjX4NmwBLmPGoLkCDQRObKNoARAAqqXCkr250BchRDmi+05F5UQFgylUh10XTAJxBeaQ UNtdxZiZRm6jgomSrqeYtricM9t9K0qb4X2ZXmAMW8o8AYW3RrQHTjcBwMnAKzUIEXXWaLfG cid/ygmvWzIHgMDQKP+MUq1AGQrnvt/MRLvZLyczAV1RTXS58qNaxtaSpc3K/yrDozh/a4pu WcUsVvIkzyx43sqcwamDSBb6U8JFoZizuLXiARLLASgyHrrCedNIZdWSx0z0iHEpZIelA2ih AGLiSMtmtikVEyrJICgO81DkKNCbBbPg+7fi23V6M24+3syHk3IdQibTtBMxinIPyLFF0byJ aGm0fmjefhnmVJyCIl/FDkCHprVhTme57G2/WdoGnUvnT7mcwDRb8XY5nNRkOJsqqLPemKjz kx8mXdQbunXtX9bKyVgd1gIl+LLsxbdzRCch773UBVoortPdK3kMyLtZ4uMeDX3comjx+6VL bztUdJ1Zc9/njwVG8fgmQ+0Kj5+bzQfUY+MmX0HTXIx3B4R1I1a8QoOwi1N+iZNdewV5Zfq+ 29NlQLnVPjCRCKbaz9k6RJ2oIti55YUI6zSsL3lmlOXsRbXN5bRswFczkNSCJxJMlDiyAUIC WOay7ymzvgzPa+BY/mYn94vRaurDQ4/ljOfj6oqgfjts+dJev4Jj89vp8MQI3KJpZPEAEQEA AYkCJQQYAQIADwUCTmyjaAIbDAUJEswDAAAKCRCuJQ1VHU50km4xEACho45PZrUjY4Zl2opR DFNo5a6roTOPpgwO9PcBb3I5F8yX2Dnew+9OhgWXbBhAFq4DCx+9Gjs43Bn60qbZTDbLGJ/m 8N4PwEiq0e5MKceYcbetEdEUWhm5L6psU9ZZ82GR3UGxPXYe+oifEoJjOXQ39avf9S8p3yKP Diil0E79rn7LbJjMcgMLyjFg9SDoJ6pHLtniJoDhEAaSSgeV7Y745+gyMIdtQmrFHfqrFdjq D6G0HE+Z68ywc5KN67YxhvhBmSycs1ZSKAXv1zLDlXdmjHDHkU3xMcB+RkuiTba8yRFYwb/n j62CC4NhFTuIKOc4ta3dJsyXTGh/hO9UjWUnmAGfd0fnzTBZF8Qlnw/8ftx5lt4/O+eqY1EN RITScnPzXE/wMOlTtdkddQ+QN6xt6jyR2XtAIi7aAFHypIqA3lLI9hF9x+lj4UQ2yA9LqpoX 6URpPOd13JhAyDe47cwsP1u9Y+OBvQTVLSvw7Liu2b4KjqL4lx++VdBi7dXsjJ6kjIRjI6Lb WVpxe8LumMCuVDepTafBZ49gr7Fgc4F9ZSCo6ChgQNLn6WDzIkqFX+42KuHz90AHWhuW+KZR 1aJylERWeTcMCGUSBptd48KniWmD6kPKpzwoMkJtEXTuO2lVuborxzwuqOTNuYg9lWDl7zKt wPI9brGzquUHy4qRrA==
Message-ID: <32c21255-5840-529e-4f6d-4d65966d88d4@si6networks.com>
Date: Sat, 20 Apr 2019 19:48:50 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <CABcZeBNVUvvF9Y8nMk=dRpfH0RNeWtVsfnT2jXWd3w=NGC0_mA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/8TZPrQBU87JuOTsji5sI9M2il7k>
Subject: Re: [Pearg] [Secdispatch] Numeric IDs: Update to RFC3552
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Apr 2019 17:56:59 -0000

On 19/4/19 16:47, Eric Rescorla wrote:
> 
> 
> On Thu, Apr 18, 2019 at 6:25 PM Benjamin Kaduk <kaduk@mit.edu
> <mailto:kaduk@mit.edu>> wrote:
> 
>     On Thu, Apr 18, 2019 at 05:01:17PM -0700, Eric Rescorla wrote:
>     > On Thu, Apr 18, 2019 at 4:40 PM Fernando Gont
>     <fgont@si6networks.com <mailto:fgont@si6networks.com>> wrote:
>     >
>     > > On 19/4/19 01:09, Eric Rescorla wrote:
>     > > >
>     > > >
>     > > > On Thu, Apr 18, 2019 at 3:03 PM Fernando Gont
>     <fgont@si6networks.com <mailto:fgont@si6networks.com>
>     > > > <mailto:fgont@si6networks.com <mailto:fgont@si6networks.com>>>
>     wrote:
>     > > >
>     > > >     On 18/4/19 15:45, Eric Rescorla wrote:
>     > > >     >
>     > > >     >
>     > > >     > On Tue, Apr 16, 2019 at 2:07 AM Fernando Gont
>     > > >     <fgont@si6networks.com <mailto:fgont@si6networks.com>
>     <mailto:fgont@si6networks.com <mailto:fgont@si6networks.com>>
>     > > >     > <mailto:fgont@si6networks.com
>     <mailto:fgont@si6networks.com> <mailto:fgont@si6networks.com
>     <mailto:fgont@si6networks.com>>>>
>     > > wrote:
>     > > >     >
>     > > >     >     Folks,
>     > > >     >
>     > > >     >     At the last secdispatch meeting I presented our I-D
>     > > >     >     draft-gont-predictable-numeric-ids.
>     > > >     >
>     > > >     >     >From the meeting discussion, it would seem to me
>     that there
>     > > >     is support
>     > > >     >     for this work.
>     > > >     >
>     > > >     >     It would also seem to me that part of this work is to be
>     > > >     pursued in an
>     > > >     >     appropriate IRTF rg, while the update to RFC3552
>     > > >     >     (draft-gont-numeric-ids-sec-considerations) should
>     be pursued
>     > > >     as an
>     > > >     >     AD-sponsored document.
>     > > >     >
>     > > >     >
>     > > >     > I'm somewhat skeptical on an update to 3552; the
>     proposed set of
>     > > >     things
>     > > >     > to be improved seems unclear.
>     > > >
>     > > >     Can you please state what's unclear?
>     > > >
>     > > >
>     > > > I understand the list of things in your document. However,
>     there have
>     > > > been proposals for a larger revision to 3552.
>     > >
>     > > There was an effort to revise RFC3552. It just didn't happen.
>     Looks like
>     > > trying to boil the ocean wasn't the best idea.
>     > >
>     >
>     > Yes.
>     >
>     >
>     >
>     > >
>     > > It's a total of 9 pages. If you remove abstract, boilerplate, and
>     > > references, you end up with ~4 pages. In fact, the update (and
>     > > indispensable text) is that in Section 5, and boils down to:
>     > >
>     > > ---- cut here ----
>     > > 5.  Security and Privacy Requirements for Identifiers
>     > >
>     > >    Protocol specifications that specify transient numeric
>     identifiers
>     > >    MUST:
>     > >
>     > >    1.  Clearly specify the interoperability requirements for the
>     > >        aforementioned identifiers.
>     > >
>     > >    2.  Provide a security and privacy analysis of the aforementioned
>     > >        identifiers.
>     > >
>     > >    3.  Recommend an algorithm for generating the aforementioned
>     > >        identifiers that mitigates security and privacy issues,
>     such as
>     > >        those discussed in [I-D.gont-predictable-numeric-ids].
>     > > ---- cut here ----
>     > >
>     >
>     > Eh, I think something like this would have been OK in 3552; I'm not
>     > sure that it's necessary to add at this point to the list of
>     things that
>     > 3552 considers.
>     >
>     >
>     >
>     > > >     That said, this document is *updating* RFC3552, rather than a
>     > > revision
>     > > >     of RFC3552. Therefore, the content in this document
>     wouldn't become
>     > > part
>     > > >     of RFC3552, necessarily.
>     > > >
>     > > >
>     > > > Well, the semantics of "Updates" would be somewhat confusing here.
>     > > > Certainly I don't think that this document is something we need to
>     > > > transitively incorporate into 3552, but I care a lot less
>     about the
>     > > > contents of this header than I do about whether 3552 should be
>     updated
>     > > > to include this material.
>     > >
>     > > I do think RFC3552 should be updated as indicated (this stuff is
>     general
>     > > enough to be covered there).
>     > >
>     > > That said, the high-order bit here is to do something to prevent
>     the bad
>     > > history we have wrt numeric ids from repeating itself.
>     > >
>     > > If the whole point is that you'd like the "Updates: 3552 (if
>     approved)"
>     > > header to be removed (along with references to "updating RFC3552"),
>     > > please say so.
>     >
>     >
>     > No, that's not my point. As I said, I don't think we should
>     publish a new
>     > version
>     > of 3552 with this material or similar material in it. I don't much
>     care one
>     > way
>     > or the other whether this document is published, and while I don't
>     think
>     > marking
>     > it as updating 3552 is that helpful, I'm not going to die on that hill
>     > either.
> 
>     Do you care to state an opinion on "Updates: 3552" vs. an additional
>     document in BCP 72 (vs. both or none)?

FWIW, our take is that by formally updating rfc3552 protocol specs would
be forced to do the write thing, numeric identifiers would be subject to
the right analysis, and the security considerations would need to
include a security/privacy assessment of any numeric identifiers
employed/specified in the corresponding spec.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email