Re: [EXTERNAL] Re: [Technical Errata Reported] RFC9001 (7785)
Lucas Pardue <lucas@lucaspardue.com> Fri, 26 January 2024 19:47 UTC
Return-Path: <lucas@lucaspardue.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DA92C14F6ED for <quic@ietfa.amsl.com>; Fri, 26 Jan 2024 11:47:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lucaspardue.com header.b="aob4yYGT"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="pRwEeUoN"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aDvu5iwmpRQP for <quic@ietfa.amsl.com>; Fri, 26 Jan 2024 11:47:32 -0800 (PST)
Received: from new2-smtp.messagingengine.com (new2-smtp.messagingengine.com [66.111.4.224]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA0E3C14F614 for <quic@ietf.org>; Fri, 26 Jan 2024 11:47:32 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailnew.nyi.internal (Postfix) with ESMTP id 63733581229; Fri, 26 Jan 2024 14:47:29 -0500 (EST)
Received: from imap53 ([10.202.2.103]) by compute3.internal (MEProxy); Fri, 26 Jan 2024 14:47:29 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lucaspardue.com; h=cc:cc:content-type:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to; s=fm1; t=1706298449; x= 1706302049; bh=pG+6hVJLEQeLe7XywPPGoaZZy59yDmOuJFxdl3q6REc=; b=a ob4yYGTYN7V//3MpO4SKEN8CxB0Hyn5KqA/i9YgiPZSt11uNHOR650hjguRODQiL C8VYamStox4JJRh7yn+ejmznjMbGBEb8IMHBxAOFASD5n+Yebj+yXNXiNJ6Mx5ad VfyJHWrJy7XCMPKDbaH7vgb3hh1d/BZ80m27Qi1rOZhv7wzvoFF7tLZO6hJStfAB MB9VhIvIcyn640kcP0gV1YXmqq2kOQQYaYXyva/EKQc1OfO6TFuVdEkElOiE/nS0 CBoh29D0/eB60KiWV4eO6M0fg4rCJyH/8ytYFO2sMo7X9g2M83NQBRz/M/1QQoJ4 CQCs78oSLPihN++3EUu1g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1706298449; x=1706302049; bh=pG+6hVJLEQeLe7XywPPGoaZZy59y DmOuJFxdl3q6REc=; b=pRwEeUoNXIotDFPKGRU5QKH6GNR4DSM8juHhWoS/2lc1 N0JP7zte7c/i+P/3aRBrzHqe/+E7/RJ83FQZm5ZEDVkiWm+7SLjFbc+qYK1yp00t VC7WrQy9KztdilWJKbHRjq551ZKB/E+EzWDswj4SlKnybXKYLDIYMVRGqzWHX01J 3nldFxehIym2vwiWOKFJbCMG+noACwUt4s82Bjgr2itGkyzf88PPgVt/Q58r8Z7S tp+YkaJo/6oQfqvC2G2YZ5+vNKcbqtMaJAB8+RlPH+tYwYibr/t1B+aTI1XfKKrh nW8pzynWH0lsu7UrpTJJkxALQ9cJT4g3qD1MAiK3vQ==
X-ME-Sender: <xms:UAy0ZWk1OjJUrucO69cQOYSs6vFS94U9BKfEYQw_QFIkQRFEGCdUGw> <xme:UAy0Zd0vh0ESZDbtE8MDTDxUq64XwtM_O_RHtCtsO_VdCBUEbTLZZR09xdMZDYA3v buN9GGmEAl2BfzXxfc>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdeljedguddviecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvvefutgesrgdtreerreerjeenucfhrhhomhepfdfn uhgtrghsucfrrghrughuvgdfuceolhhutggrsheslhhutggrshhprghrughuvgdrtghomh eqnecuggftrfgrthhtvghrnhepfeeuhfekgfeijeevteeuteeiudduveeftefggeffteef veffudfhgeeuhfdujedtnecuffhomhgrihhnpehrfhgtqdgvughithhorhdrohhrghdpth gvnhgrsghlvgdrtghomhenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgr ihhlfhhrohhmpehluhgtrghssehluhgtrghsphgrrhguuhgvrdgtohhm
X-ME-Proxy: <xmx:UAy0ZUpHrBhG7i--PFCp8-vy7ejAI7iMzlID-ciQT-WzAdLnHcRuVQ> <xmx:UAy0ZalCgnKuLlG0X81KnwuePQ9M_qfT7_AQd4EghzPHGLvL9QLqDg> <xmx:UAy0ZU38aQdYvQ55UbA4WBIOxz4MyGAOUidIZkmS2t0lQdcr7Zhm7g> <xmx:UQy0ZY-Dp0ehVVgc6Htny_9ZvOkKRvaYV6tOmGJp8MbOH9Yzl1U1Rw>
Feedback-ID: i23b94938:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 84103364006B; Fri, 26 Jan 2024 14:47:28 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-119-ga8b98d1bd8-fm-20240108.001-ga8b98d1b
MIME-Version: 1.0
Message-Id: <a5c5b836-3015-4b60-94cb-ed26267dab4d@app.fastmail.com>
In-Reply-To: <CAKzjrDrUZBFXg0hCnEFFFFrf+UZw9GE0Ud_4TS0HRHEP_OE8UA@mail.gmail.com>
References: <20240126184827.CEAB83E8A8@rfcpa.amsl.com> <CAM4esxQ38JVxsnxm-25c8adPTuToOOHaTJsdVmM572yCDoVbeQ@mail.gmail.com> <CAKzjrDrUZBFXg0hCnEFFFFrf+UZw9GE0Ud_4TS0HRHEP_OE8UA@mail.gmail.com>
Date: Fri, 26 Jan 2024 19:47:05 +0000
From: Lucas Pardue <lucas@lucaspardue.com>
To: Thomas Pearson <tpearson@tenable.com>, Martin Duke <martin.h.duke@gmail.com>
Cc: RFC Editor <rfc-editor@rfc-editor.org>, Martin Thomson <mt@lowentropy.net>, sean@sn3rd.com, zahed.sarker.ietf@gmail.com, matt.joras@gmail.com, quic@ietf.org
Subject: Re: [EXTERNAL] Re: [Technical Errata Reported] RFC9001 (7785)
Content-Type: multipart/alternative; boundary="fd2b2e41bfe34090994f7b529094cf30"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/-O7W-YQDndUJbSa1sYJx_kf-1mg>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2024 19:47:37 -0000
Zahed, please reject this one On Fri, Jan 26, 2024, at 19:33, Thomas Pearson wrote: > Yep, Martin's right. Would have been clearer if the example at the bottom of RFC9000 A3 had shown a full 8 byte variable encoded packet number instead of a 4 byte value. > > On Fri, Jan 26, 2024 at 11:16 AM Martin Duke <martin.h.duke@gmail.com> wrote: >> * >> *** CAUTION: This email was sent from an EXTERNAL source. Think before clicking links or opening attachments. *** >> * >> >> >> This erratum is incorrect and should be rejected. The full packet number is 62 bits, although it is never expressed as such in the packet number field of the header. >> >> On Fri, Jan 26, 2024 at 10:48 AM RFC Errata System <rfc-editor@rfc-editor.org> wrote: >>> The following errata report has been submitted for RFC9001, >>> "Using TLS to Secure QUIC". >>> >>> -------------------------------------- >>> You may review the report below and at: >>> https://www.rfc-editor.org/errata/eid7785 >>> >>> -------------------------------------- >>> Type: Technical >>> Reported by: Tom Pearson <tpearson@tenable.com> >>> >>> Section: 5.3 >>> >>> Original Text >>> ------------- >>> The key and IV for the packet are computed as described in >>> Section 5.1. The nonce, N, is formed by combining the packet >>> protection IV with the packet number. The 62 bits of the >>> reconstructed QUIC packet number in network byte order are left- >>> padded with zeros to the size of the IV. The exclusive OR of the >>> padded packet number and the IV forms the AEAD nonce. >>> >>> Corrected Text >>> -------------- >>> The key and IV for the packet are computed as described in >>> Section 5.1. The nonce, N, is formed by combining the packet >>> protection IV with the packet number. The 32 bits of the >>> reconstructed QUIC packet number in network byte order are left- >>> padded with zeros to the size of the IV. The exclusive OR of the >>> padded packet number and the IV forms the AEAD nonce. >>> >>> Notes >>> ----- >>> Given the description of packet number reconstruction in RFC9000 section 17.1 and the example in RFC9000 Appendix A3, the length of reconstructed packet number should be 32 bits, not 62 bits. >>> >>> Instructions: >>> ------------- >>> This erratum is currently posted as "Reported". (If it is spam, it >>> will be removed shortly by the RFC Production Center.) Please >>> use "Reply All" to discuss whether it should be verified or >>> rejected. When a decision is reached, the verifying party >>> will log in to change the status and edit the report, if necessary. >>> >>> -------------------------------------- >>> RFC9001 (draft-ietf-quic-tls-34) >>> -------------------------------------- >>> Title : Using TLS to Secure QUIC >>> Publication Date : May 2021 >>> Author(s) : M. Thomson, Ed., S. Turner, Ed. >>> Category : PROPOSED STANDARD >>> Source : QUIC >>> Area : Transport >>> Stream : IETF >>> Verifying Party : IESG > > > -- > *Tom Pearson | *Staff Research Engineer > *Tenable Network Security *7021 Columbia Gateway Drive, Suite 500*, *Columbia, MD 21046 > > tpearson@tenable.com > *W: *410-872-0555 x611 > tenable.com >
- [Technical Errata Reported] RFC9001 (7785) RFC Errata System
- Re: [Technical Errata Reported] RFC9001 (7785) Martin Duke
- Re: [EXTERNAL] Re: [Technical Errata Reported] RF… Lucas Pardue