Re: [Pearg] Tsvart early review of draft-irtf-pearg-numeric-ids-generation-02

Eric Rescorla <ekr@rtfm.com> Thu, 27 August 2020 13:08 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 998E23A0819 for <pearg@ietfa.amsl.com>; Thu, 27 Aug 2020 06:08:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rec-d3fC-Euo for <pearg@ietfa.amsl.com>; Thu, 27 Aug 2020 06:08:40 -0700 (PDT)
Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32A483A084A for <pearg@irtf.org>; Thu, 27 Aug 2020 06:08:25 -0700 (PDT)
Received: by mail-lj1-x22b.google.com with SMTP id m22so6335434ljj.5 for <pearg@irtf.org>; Thu, 27 Aug 2020 06:08:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0EjoH/4tqqYVFvuboezU+TQSQsYxRNUu4Auh4PD7uCQ=; b=phueja2Qzba8ZipiP5saXPluFYaonlwafcXQieHEy8tl7QC8w+c0y1OgWTYXH0GvEa 5DW22VG58jVyedx4nlu9t0/Pkx8F0CnnF+2/ViStycpfhmQ56F0h+3TG7rsInbbWu13y 0juZxE5DKP+BBZ02/chYwfcI1QGWZ/+/BJ0Kdj2cpxxpB3MYkBAES1Uh6ff1JXpX0/Vw IWrqMOSVvojv3XWbtAXTp9yDSw/JiDOHxa/LLNSYVFabYSV1ggzgsEAIJi8rtp1ylb8A W98wetOe+fvFi/MyrIpSHlcDy1uAVPTprYm1Ptl4sMCfUPxD17nUwGI5YlO6bDQLa5av eVNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0EjoH/4tqqYVFvuboezU+TQSQsYxRNUu4Auh4PD7uCQ=; b=H9nHb0qSjzMFl7yGoOJ7elsnk5DXKY8VDhRvqHcmVoOSEeIKJHe0Mes5tFXkg8aPVb woaTp97uaf/T63F0c7Y8XsRI1aRdAvPp3L+rXsBk1H6Vt/tVWV0LY/z6SXrdy57v3TjI GmG9eP3QobGpP4ydYgYDgMm7GjL3cedVnHv7VTAzlJx5dGn8cWNgS3r7nNJHNzh39Hte BDOZ5EIXN6qB5Zj4kmDdOYKh6yr/pyOlt8TAJQG/gvg+2QQ6SKuB5HXbGdIX+KF3dhT8 Nz/hBgowG36BSizcIiHCavErqaRv6weGZitWoJbChcRM9p2V6PePxo2VcIxSNwKEvN+t 40uA==
X-Gm-Message-State: AOAM532iswCHTfcWD13FNPZTHh00yOlHacO+fWJAqsi/LNyyXVqyhPqH n7zyjtxSFgsDCDiYxNXJN3IeDKry5hwooY5pV7VvDg==
X-Google-Smtp-Source: ABdhPJyKlA0i5qGdpSuylWxFk6xOstg1qb2UR8NlPUdO86G+DflDc/SQkVhcxwQYO3Xdp8nLqkjA3IgLF1JNl3FxkrA=
X-Received: by 2002:a2e:908a:: with SMTP id l10mr9177759ljg.409.1598533703185; Thu, 27 Aug 2020 06:08:23 -0700 (PDT)
MIME-Version: 1.0
References: <159680292803.8931.4890868238678597521@ietfa.amsl.com> <44fcae41-96d8-d0e4-5b8e-cd4419a516a4@si6networks.com>
In-Reply-To: <44fcae41-96d8-d0e4-5b8e-cd4419a516a4@si6networks.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 27 Aug 2020 06:07:45 -0700
Message-ID: <CABcZeBNNiNZFavh82N4M5Kd1arLAYyvNRnw6M5_mMX7=S9BH8Q@mail.gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Cc: =?UTF-8?Q?Michael_T=C3=BCxen?= <tuexen@fh-muenster.de>, tsv-art@ietf.org, draft-irtf-pearg-numeric-ids-generation.all@ietf.org, pearg@irtf.org
Content-Type: multipart/alternative; boundary="0000000000008a7e5205addba1f0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/WGEupmzqbeK_EOf3MtLvOP75TXQ>
Subject: Re: [Pearg] Tsvart early review of draft-irtf-pearg-numeric-ids-generation-02
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2020 13:08:43 -0000

On Thu, Aug 27, 2020 at 5:10 AM Fernando Gont <fgont@si6networks.com> wrote:

> Hi, Michael,
>
> Thanks a lot for your feedback! In-line...
>
> On 7/8/20 09:22, Michael Tüxen via Datatracker wrote:
> > Reviewer: Michael Tüxen
> > Review result: Ready with Issues
> >
> > The document is well written, provides algorithms which could be used to
> > address identified problems. One  could add some text covering TCP
> timestamps.
>
> You mean e.g. to spell out which of the proposed algorithms one might
> use for TCP timestamps?
>
>
> > Section 1 states:
> > "Recent history indicates that when new protocols are standardized or
> > new protocol implementations are produced, the security and privacy
> > properties of the associated identifiers tend to be overlooked,..."
> > How does this related to recent/current activities like SCTP/DTLS or
> QUIC?
>
> SCTP (RFC4960) is similar to TCP, in this respect. OTOH, I have only
> skimmed through the DTLS (RFC6347), and it seems that it initially sets
> sequence numbers to 0. -- while these are meant to be protected, I'm
> curious if they could have done with monotonically increasing sequence
> numbers ala 6528, or with a random origin.
>

We perhaps could have, but to our knowledge the security functionality of
the protocol does not depend on unpredictability of the Record Sequence
Number. The same is true of QUIC. Note that both QUIC and DTLS 1.3 protect
this portion of the header (QUIC calls it the Packet Number).

-Ekr