IETF Logo Mail Archive

Re: [Rum] Roman Danyliw's Discuss on draft-ietf-rum-rue-09: (with DISCUSS and COMMENT)

Brian Rosen <br@brianrosen.net> Thu, 20 January 2022 14:53 UTC

Return-Path: <br@brianrosen.net>
X-Original-To: rum@ietfa.amsl.com
Delivered-To: rum@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C87D93A14C5 for <rum@ietfa.amsl.com>; Thu, 20 Jan 2022 06:53:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Level:
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=brianrosen-net.20210112.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11QqloW8wkms for <rum@ietfa.amsl.com>; Thu, 20 Jan 2022 06:53:51 -0800 (PST)
Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 723DC3A14BD for <rum@ietf.org>; Thu, 20 Jan 2022 06:53:51 -0800 (PST)
Received: by mail-il1-x131.google.com with SMTP id r16so5167828ile.8 for <rum@ietf.org>; Thu, 20 Jan 2022 06:53:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brianrosen-net.20210112.gappssmtp.com; s=20210112; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=4nzVgKmSkaPc+0ecj5AP1mpimnupSquiQP6EuRB56Hg=; b=xvVpy0AVxRWE3B9gznI6Rp3pdXSYNMEKRn2AZ9Zx2OZwlIiTjQN/ZVabEs9OghPcIx 5Xtjgc8U4qjisHuSPQ+UfjUvQKI2DyjKGAb0EIIgKQfWwTiesnP4AvUjn1fnZ7K1I9sx F9zWZMG88cDNgmiTcaQenjNl56LI/9o58OQE3e98g3uAFWmDu7Jl6t5Yuk6ua+OG5+wl d3O/ObN+quIuqEuBKDWvwPQWONy9vdaJ+uFwgoCM2eCDD2bcmO1Q2OIXrFs1hOo1NFQh Qv69I58U+jLPX6IK+1gXczFkeU5lfasMr74wHwSDzhLPn7JzdPnPrHnSZeEZ02bWFz6Q 3pAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=4nzVgKmSkaPc+0ecj5AP1mpimnupSquiQP6EuRB56Hg=; b=U39QppnNvj9NMRkBVreJM+UHv/p8TFfNuEalwA7AOfF6QdlxyydhDt7bzawFdIur5F yoTS87TvivvzvCVEKYuWKm608SeT5QP+pMtK4EwuX39c/lbn/VA+5UVQctZoHQjsvAfS yVJhFQIP/NjFOvGuRqRTKhXf6jiNKMeDQSRB7dJPjzjIL0SfoawR8Gp87fA7kz8FV+Nl DuFXN31QUqLHDFFACalyoqldxLkWB2gEEv/fKy9RnH6e5i8LSnQGKjLENMuNsMdXT5b8 6qwzbN/IU4s0AfOI49qhM9Qe+Ztw0KUeRJ+tNto8AuiM2BMkzp+UgLm7nmsuXnzuBARL KA3w==
X-Gm-Message-State: AOAM533B0CfyKqzR3RnUMkAy24XCvoNCP2BbPud8Y8Keo9FCl3TxBDCg u5HPeWjwZRCra/ounnU/A1QPMg==
X-Google-Smtp-Source: ABdhPJzOGHnYRiLSfqRNncf7eyxFJfcM8iF5qfANKDHBjuVj4xloqxBZXRiyESqUatY2KiIMaVQDlA==
X-Received: by 2002:a05:6e02:1bc1:: with SMTP id x1mr8764244ilv.68.1642690429680; Thu, 20 Jan 2022 06:53:49 -0800 (PST)
Received: from smtpclient.apple (dynamic-acs-24-154-121-237.zoominternet.net. [24.154.121.237]) by smtp.gmail.com with ESMTPSA id x6sm1485338ill.78.2022.01.20.06.53.48 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Jan 2022 06:53:49 -0800 (PST)
From: Brian Rosen <br@brianrosen.net>
Message-Id: <ECF95B5B-AF48-4C9F-A0E9-F52D602BE604@brianrosen.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4069DAD9-E536-46D0-BAFB-9ED0A62A2585"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.20.0.1.32\))
Date: Thu, 20 Jan 2022 09:53:48 -0500
In-Reply-To: <64AD6B8B-9D35-4269-AD74-FD8755F21F2D@brianrosen.net>
Cc: The IESG <iesg@ietf.org>, draft-ietf-rum-rue@ietf.org, rum-chairs@ietf.org, rum@ietf.org, Paul Kyzivat <pkyzivat@alum.mit.edu>
To: Roman Danyliw <rdd@cert.org>
References: <163960605716.22037.6925953082119136922@ietfa.amsl.com> <64AD6B8B-9D35-4269-AD74-FD8755F21F2D@brianrosen.net>
X-Mailer: Apple Mail (2.3693.20.0.1.32)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rum/UL50la3GD-Zxz8wVDPGSSbz1I0Q>
Subject: Re: [Rum] Roman Danyliw's Discuss on draft-ietf-rum-rue-09: (with DISCUSS and COMMENT)
X-BeenThere: rum@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Relay User Machine <rum.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rum>, <mailto:rum-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rum/>
List-Post: <mailto:rum@ietf.org>
List-Help: <mailto:rum-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rum>, <mailto:rum-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jan 2022 14:53:56 -0000

Roman

Does the -10 version I submitted address your issues?

Brian


> On Dec 23, 2021, at 4:56 PM, Brian Rosen <br@brianrosen.net> wrote:
> 
> Thank you for your comments.  Responses inline
> 
>> On Dec 15, 2021, at 5:07 PM, Roman Danyliw via Datatracker <noreply@ietf.org> wrote:
>> 
>> Roman Danyliw has entered the following ballot position for
>> draft-ietf-rum-rue-09: Discuss
>> 
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>> 
>> 
>> Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/
>> for more information about how to handle DISCUSS and COMMENT positions.
>> 
>> 
>> The document, along with other ballot positions, can be found here:
>> https://datatracker.ietf.org/doc/draft-ietf-rum-rue/
>> 
>> 
>> 
>> ----------------------------------------------------------------------
>> DISCUSS:
>> ----------------------------------------------------------------------
>> 
>> ** Is there a reason that credential re-use is being suggested as a fall back. 
>> It seems risky to reuse the credentials across services.
> This is really how sip services commonly work and I’m reluctant to disallow what is widely implemented
> 
>> This fall-back also
>> appears to contradict the guidance in Section 5.1. which says “This
>> username/password combination SHOULD NOT be the same as that used for other
>> purposes, such as retrieving the RUE configuration”.
> I will change this to add "except as expressly described below”
> The configuration service is new, and thus we can say don’t reuse credentials for that.
> 
> 
>> See:
>> 
>> -- Section 7.1.  Per access to the CardDAV server, “[i]f no matching
>> credentials are configured, the RUE MUST use the SIP credentials from the
>> configuration.”
>> 
>> -- Section 9.2.2.  sip-password says “If it was never supplied, the password
>> used to authenticate to the configuration service is used for SIP, STUN and
>> TURN.”
>> 
>> -- Section 9.2.2.  carddav field says that “If username or password are not
>> supplied, the main account credentials are used. “
>> 
>> ** Is there a reason that a minimum transport requirements of using HTTPS is
>> not defined for accessing the SIP-supporting elements of this architecture.
> I’m confused by this.  HTTPS and SIP are mutually exclusive.  Did you mean TLS instead of HTTPS?
> But you said “minimum transport” and not “security” so I’m even more confused.  Sorry.
> 
> We specify RFC7525 and 8446 in General Requirements for TLS.
> 
>> 
>> -- Section 7.1.  Access to the CardDAV service?  Does the guidance in Section
>> 7.2 (The RUE stores/retrieves the contact list (address book) by issuing an
>> HTTPS POST or GET request.) imply that?
> There are two services: a contact list import and a CardDAV service, which is a contact sync.  Both are subject to the TLS requirements
>> 
>> -- Section 9.  Using the overall API? Does the guidance in Section 9.2 (A RUE
>> device may retrieve a provider configuration the using a simple HTTPs web
>> service) imply that?
> Again it’s an HTTPS service, so subject to the General Requirements TLS specs
>> 
>> -- Section 9.2.1.  For the URI configuration options noted in this section
>> (e.g., the uri in signup)?
> Same
>> 
>> ** Section 11.  There are more than 10 20 normative SIP protocol references in
>> this document.  Which of their security considerations apply?
> All of them.  That’s pretty normal sip stuff.
>> 
>> 
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>> 
>> Thank you to Russ Mundy for the SECDIR review.
>> 
>> ** Section 2.  Thanks for defining all of this terminology up front.  As many
>> of these are components in the architecture, I would have benefit from a
>> diagram early in the document showing how these components integrate. **
> I am diagram challenged, but I will see what I can do.
> 
>> Section 5.1.  The paragraph starting with “The registrar MAY authenticate using
>> SIP digest authentication …”, should likely say that the technique for
>> provisioning the credentials is out of scope for this profile.
> Actually, they come in the configuration service.
> 
>> 
>> ** Section 8.  Typo. s/mechansism/mechanism/
> Fixed
> 
>> ** Section 9.1
>> IANA has established a registry that contains
>>  a two letter country code and an entry point string.
>> 
>> Recommend adding a forward reference to Section 10.1.
> Added
> 
>> 
>> ** Section 9.1.
>>  For example,
>>  if the entryPoint is "example.com <http://example.com/>", the provider list would be
>>  obtained from https://example.com/rum/V1/Providers <https://example.com/rum/V1/Providers>.
>> 
>> This example doesn’t match the syntax of Section 9.3.  “V1” here and “v1” in
>> Section 9.3.
> Fixed
>> 
>> ** Section 9.2.  It would be helpful in this narrative text for the input
>> values names to match the actual field names used in the API in Section 9.3. 
>> Specifically, “API Key” is “apiKey”, and “instance identifier” is “instanceId”
> Fixed. 
> 
>> 
>> ** Section 9.2.1.  Per the language value in the signup configuration option,
>> please provide a reference to the IAN language subtag registry
>> (https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry <https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry>).
> I put it inline as a link.  Should it be an actual reference?
> 
>> 
>> ** Section 9.2.2.  sendLocationWithRegistation is listed as a stand-alone field
>> here, but in Section 9.3, it is shown to be part of the carddav object.  Which
>> is correct?
> Ho, that’s an actual error.  It should be a separate field.  Fixed
>> 
>> ** Section 9.2.3.  Figure 4.  This example is not conformance to the previously
>> described syntax.  All of the values of the “uri” fields should be a URI, but
>> all of them are missing a scheme.
> Fixed
> 
>> 
>> ** Section 9.3.  [OpenAPI] needs to be a normative reference as its syntax is
>> needed to understand this section.
> Reluctantly fixed.  We have too many normative references :)

v2.23.0 | Report a Bug | By Email