IETF Logo Mail Archive

Re: Secdir last call review of draft-ietf-quic-manageability-14

"Brian Trammell (IETF)" <ietf@trammell.ch> Wed, 09 February 2022 14:46 UTC

Return-Path: <ietf@trammell.ch>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6D6B3A0A36; Wed, 9 Feb 2022 06:46:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=trammell.ch
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LEUd8b8KdToF; Wed, 9 Feb 2022 06:46:05 -0800 (PST)
Received: from smtp-bc08.mail.infomaniak.ch (smtp-bc08.mail.infomaniak.ch [IPv6:2001:1600:4:17::bc08]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CED203A0A13; Wed, 9 Feb 2022 06:46:04 -0800 (PST)
Received: from smtp-2-0000.mail.infomaniak.ch (unknown [10.5.36.107]) by smtp-3-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4Jv2kH1fcVzMq4sY; Wed, 9 Feb 2022 15:45:59 +0100 (CET)
Received: from smtpclient.apple (unknown [IPv6:2a00:79e0:42:206:f801:e1d5:3249:f154]) by smtp-2-0000.mail.infomaniak.ch (Postfix) with ESMTPA id 4Jv2kH05ydzlhSM9; Wed, 9 Feb 2022 15:45:58 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=trammell.ch; s=20191114; t=1644417959; bh=l/kz0Spi/jAz1WkMSEgJ4OvozzoP0cIzgsE1HhCYL08=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=OWXJJnrVIILFT3z8KVjMhoJeIQLhdcKbrA5grHTT/xCdN0CbYwwUlZDzN5X9J4DCt ngfXeJPkRqGFtvHjQ+sN7tJ8Zt/RB2fVEdRWspb9uXYs5roRU9hx+fVAY8vKAUdvX6 LFyH+MntOGLpib+VV0PUK/WpqCvaFrbENZTLhx/o=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
Subject: Re: Secdir last call review of draft-ietf-quic-manageability-14
From: "Brian Trammell (IETF)" <ietf@trammell.ch>
In-Reply-To: <164373870457.6016.43082043298646216@ietfa.amsl.com>
Date: Wed, 09 Feb 2022 15:45:58 +0100
Cc: secdir@ietf.org, draft-ietf-quic-manageability.all@ietf.org, last-call@ietf.org, quic@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <BB060B3C-63A2-4F3E-A505-A7999E34601A@trammell.ch>
References: <164373870457.6016.43082043298646216@ietfa.amsl.com>
To: Barry Leiba <barryleiba@computer.org>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/nq_RpwaySZa7U7P6JALjr5rXTwA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Feb 2022 14:46:15 -0000

hi Barry,

Many thanks for the review! We've incorporated the editorial changes in https://github.com/quicwg/ops-drafts/pull/450

Cheers,

Brian

> On 1 Feb 2022, at 19:05, Barry Leiba via Datatracker <noreply@ietf.org> wrote:
> 
> Reviewer: Barry Leiba
> Review result: Has Nits
> 
> Thanks for a clear, well-written document that was very easy to read.  From a
> security point of view, there’s quite a bit of explanation about how encryption
> is negotiated, the different contexts before and after handshakes, and the
> like, and how all that makes any tampering discoverable.  I appreciate having
> that explanation, and it all looks solid to me.
> 
> As I went through it, I thought about whether QUIC-INVARIANTS, RFC 8999, should
> be a normative reference: it’s cited several times, and in places where it
> seems that the information might be critical to fully understanding this
> document.  As I looked back and forth between this document and that one, I
> decided that it’s correctly classified as informative (the normative
> information is in QUIC-TRANSPORT), but I can see how another reviewer might
> fall on the other side of that.  Just something to be aware of.
> 
> I only have a few minor editorial suggestions:
> 
> — Section 2.4 —
> 
>   The content of Initial packets is encrypted using Initial Secrets,
>   which are derived from a per-version constant and the client's
>   destination connection ID; they are therefore observable by any on-
>   path device that knows the per-version constant and considered
>   visible in this illustration.  The content of QUIC Handshake packets
>   are encrypted using keys established during the initial handshake
>   exchange, and are therefore not visible.
> 
> I found this a little hard to read, as I initially attached “considered
> visible” to the on-path device and thought the word “is” was missing.  I now
> realize that it’s meant to connect to “they”, but then *that* makes me realize
> that “they” is wrong because it’s supposed to refer to the bit that’s
> encrypted, which is “the content of Initial packets”.  While “packets” is
> plural, “the content” is singular and is used singularly above (“is
> encrypted”).  Whoo.
> 
> I suggest splitting it into two sentences, rather than using the semicolon,
> handling it this way, and making sure to refer to the content as singular:
> 
> NEW
>   The content of Initial packets is encrypted using Initial Secrets,
>   which are derived from a per-version constant and the client's
>   destination connection ID. That content is therefore observable by
>   any on-path device that knows the per-version constant and is
>   considered visible in this illustration.  The content of QUIC
>   Handshake packets is encrypted using keys established during the
>   initial handshake exchange, and is therefore not visible.
> END
> 
> — Section 2.6 —
> 
>   This
>   allows rebinding of a connection after one of the endpoints
>   experienced an address change - usually the client.
> 
> Nit, to take or leave: “usually the client” is, strictly speaking, misplaced:
> “This allows rebinding of a connection after one of the endpoints - usually the
> client - has experienced an address change.”
> 
> — Section 3.4.1 —
> 
>   Further,
>   the client's Initial packet(s) may contain other frames, so the first
>   bytes of each frame need to be checked to identify the frame type,
>   and if needed skipped over it.
> 
> The last phrase isn’t well formed grammatically.  Are you talking about
> identifying frame types and skipping over frames that you’re not interested in?
> If so, maybe this works?:
> 
> NEW
>   Further,
>   the client's Initial packet(s) may contain other frames, so the first
>   bytes of each frame need to be checked to identify the frame type and
>   determine which frames can be skipped over.
> END
> 
>

v2.23.0 | Report a Bug | By Email