Re: Secdir last call review of draft-ietf-quic-manageability-14
"Brian Trammell (IETF)" <ietf@trammell.ch> Wed, 09 February 2022 14:46 UTC
Return-Path: <ietf@trammell.ch>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6D6B3A0A36; Wed, 9 Feb 2022 06:46:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=trammell.ch
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LEUd8b8KdToF; Wed, 9 Feb 2022 06:46:05 -0800 (PST)
Received: from smtp-bc08.mail.infomaniak.ch (smtp-bc08.mail.infomaniak.ch [IPv6:2001:1600:4:17::bc08]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CED203A0A13; Wed, 9 Feb 2022 06:46:04 -0800 (PST)
Received: from smtp-2-0000.mail.infomaniak.ch (unknown [10.5.36.107]) by smtp-3-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4Jv2kH1fcVzMq4sY; Wed, 9 Feb 2022 15:45:59 +0100 (CET)
Received: from smtpclient.apple (unknown [IPv6:2a00:79e0:42:206:f801:e1d5:3249:f154]) by smtp-2-0000.mail.infomaniak.ch (Postfix) with ESMTPA id 4Jv2kH05ydzlhSM9; Wed, 9 Feb 2022 15:45:58 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=trammell.ch; s=20191114; t=1644417959; bh=l/kz0Spi/jAz1WkMSEgJ4OvozzoP0cIzgsE1HhCYL08=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=OWXJJnrVIILFT3z8KVjMhoJeIQLhdcKbrA5grHTT/xCdN0CbYwwUlZDzN5X9J4DCt ngfXeJPkRqGFtvHjQ+sN7tJ8Zt/RB2fVEdRWspb9uXYs5roRU9hx+fVAY8vKAUdvX6 LFyH+MntOGLpib+VV0PUK/WpqCvaFrbENZTLhx/o=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
Subject: Re: Secdir last call review of draft-ietf-quic-manageability-14
From: "Brian Trammell (IETF)" <ietf@trammell.ch>
In-Reply-To: <164373870457.6016.43082043298646216@ietfa.amsl.com>
Date: Wed, 09 Feb 2022 15:45:58 +0100
Cc: secdir@ietf.org, draft-ietf-quic-manageability.all@ietf.org, last-call@ietf.org, quic@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <BB060B3C-63A2-4F3E-A505-A7999E34601A@trammell.ch>
References: <164373870457.6016.43082043298646216@ietfa.amsl.com>
To: Barry Leiba <barryleiba@computer.org>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/nq_RpwaySZa7U7P6JALjr5rXTwA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Feb 2022 14:46:15 -0000
hi Barry, Many thanks for the review! We've incorporated the editorial changes in https://github.com/quicwg/ops-drafts/pull/450 Cheers, Brian > On 1 Feb 2022, at 19:05, Barry Leiba via Datatracker <noreply@ietf.org> wrote: > > Reviewer: Barry Leiba > Review result: Has Nits > > Thanks for a clear, well-written document that was very easy to read. From a > security point of view, there’s quite a bit of explanation about how encryption > is negotiated, the different contexts before and after handshakes, and the > like, and how all that makes any tampering discoverable. I appreciate having > that explanation, and it all looks solid to me. > > As I went through it, I thought about whether QUIC-INVARIANTS, RFC 8999, should > be a normative reference: it’s cited several times, and in places where it > seems that the information might be critical to fully understanding this > document. As I looked back and forth between this document and that one, I > decided that it’s correctly classified as informative (the normative > information is in QUIC-TRANSPORT), but I can see how another reviewer might > fall on the other side of that. Just something to be aware of. > > I only have a few minor editorial suggestions: > > — Section 2.4 — > > The content of Initial packets is encrypted using Initial Secrets, > which are derived from a per-version constant and the client's > destination connection ID; they are therefore observable by any on- > path device that knows the per-version constant and considered > visible in this illustration. The content of QUIC Handshake packets > are encrypted using keys established during the initial handshake > exchange, and are therefore not visible. > > I found this a little hard to read, as I initially attached “considered > visible” to the on-path device and thought the word “is” was missing. I now > realize that it’s meant to connect to “they”, but then *that* makes me realize > that “they” is wrong because it’s supposed to refer to the bit that’s > encrypted, which is “the content of Initial packets”. While “packets” is > plural, “the content” is singular and is used singularly above (“is > encrypted”). Whoo. > > I suggest splitting it into two sentences, rather than using the semicolon, > handling it this way, and making sure to refer to the content as singular: > > NEW > The content of Initial packets is encrypted using Initial Secrets, > which are derived from a per-version constant and the client's > destination connection ID. That content is therefore observable by > any on-path device that knows the per-version constant and is > considered visible in this illustration. The content of QUIC > Handshake packets is encrypted using keys established during the > initial handshake exchange, and is therefore not visible. > END > > — Section 2.6 — > > This > allows rebinding of a connection after one of the endpoints > experienced an address change - usually the client. > > Nit, to take or leave: “usually the client” is, strictly speaking, misplaced: > “This allows rebinding of a connection after one of the endpoints - usually the > client - has experienced an address change.” > > — Section 3.4.1 — > > Further, > the client's Initial packet(s) may contain other frames, so the first > bytes of each frame need to be checked to identify the frame type, > and if needed skipped over it. > > The last phrase isn’t well formed grammatically. Are you talking about > identifying frame types and skipping over frames that you’re not interested in? > If so, maybe this works?: > > NEW > Further, > the client's Initial packet(s) may contain other frames, so the first > bytes of each frame need to be checked to identify the frame type and > determine which frames can be skipped over. > END > >
- Secdir last call review of draft-ietf-quic-manage… Barry Leiba via Datatracker
- Re: Secdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)