Re: [saag] AD review of draft-iab-crypto-alg-agility-06

"Black, David" <david.black@emc.com> Sat, 18 July 2015 08:19 UTC

Return-Path: <david.black@emc.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E2241AD0A7 for <saag@ietfa.amsl.com>; Sat, 18 Jul 2015 01:19:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MANGLED_LIST=2.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e5-gV_CzHl_D for <saag@ietfa.amsl.com>; Sat, 18 Jul 2015 01:19:05 -0700 (PDT)
Received: from mailuogwdur.emc.com (mailuogwdur.emc.com [128.221.224.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C52171AD0A6 for <saag@ietf.org>; Sat, 18 Jul 2015 01:19:04 -0700 (PDT)
Received: from maildlpprd51.lss.emc.com (maildlpprd51.lss.emc.com [10.106.48.155]) by mailuogwprd53.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id t6I8J2xE019361 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 18 Jul 2015 04:19:03 -0400
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com t6I8J2xE019361
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1437207543; bh=6jIP6HlF4yfeGLK8FhtQDlAUqQ4=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=NYWrSNxRPD6sZJpNYF6J1NWr6Gp4PavPkwfd9j+zzDPCYCfph8oNshe+YuAw+h6Io 1oBtBN9CFFeER47qa2nE7M77lukBu3hKzyr0Km3BYGJKdYSWofzKLbEdlFZ4zRKNzX tEHuqotha3c68f8h8swwmfJrSF6SaADDNjX/HMx8=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com t6I8J2xE019361
Received: from mailusrhubprd02.lss.emc.com (mailusrhubprd02.lss.emc.com [10.253.24.20]) by maildlpprd51.lss.emc.com (RSA Interceptor); Sat, 18 Jul 2015 04:18:41 -0400
Received: from mxhub37.corp.emc.com (mxhub37.corp.emc.com [128.222.70.104]) by mailusrhubprd02.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id t6I8IkSH002232 (version=TLSv1 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 18 Jul 2015 04:18:46 -0400
Received: from MXHUB201.corp.emc.com (10.253.68.27) by mxhub37.corp.emc.com (128.222.70.104) with Microsoft SMTP Server (TLS) id 8.3.327.1; Sat, 18 Jul 2015 04:18:46 -0400
Received: from MX104CL02.corp.emc.com ([169.254.8.107]) by MXHUB201.corp.emc.com ([10.253.68.27]) with mapi id 14.03.0224.002; Sat, 18 Jul 2015 04:18:45 -0400
From: "Black, David" <david.black@emc.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Thread-Topic: [saag] AD review of draft-iab-crypto-alg-agility-06
Thread-Index: AQHQwLTAh/8rvqPHcUeOOKpbRz+XV53gZjqAgAB7qlA=
Date: Sat, 18 Jul 2015 08:18:45 +0000
Message-ID: <CE03DB3D7B45C245BCA0D243277949361400A551@MX104CL02.corp.emc.com>
References: <55A938F1.9090404@cs.tcd.ie> <2F4FD8A9-2222-47E1-A895-003258D88E7C@vpnc.org>
In-Reply-To: <2F4FD8A9-2222-47E1-A895-003258D88E7C@vpnc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.76.188.245]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd02.lss.emc.com
X-RSA-Classifications: public
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/9bhjr_-DqAstqIGLADZhYiq0GaQ>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jul 2015 08:19:06 -0000

> > intro, 3rd para: are we saying that agility is achieved when a
> > protocol (specification) can easliy migrate from one suite to a
> > better one, or when a deployment can easily migrate? The current
> > text implies the former, but I'm not sure if we'd be better off
> > aiming more for the latter.
> 
> +1

IoT slippery slope warning, e.g., I have no idea how to update my
refrigerator's firmware, and "Patch Tuesday" is not a great answer due
to risks of spoiled food ;-). (https://en.wikipedia.org/wiki/Patch_Tuesday)

I'd concur that deployment upgradeability is a worthy goal, but would
suggest leaving exploration of details of how to pull that off to other
drafts/forums.

Thanks,
--David

> -----Original Message-----
> From: saag [mailto:saag-bounces@ietf.org] On Behalf Of Paul Hoffman
> Sent: Friday, July 17, 2015 4:51 PM
> To: Stephen Farrell
> Cc: saag@ietf.org
> Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
> 
> On 17 Jul 2015, at 10:18, Stephen Farrell wrote:
> 
> > intro, 3rd para: are we saying that agility is achieved when a
> > protocol (specification) can easliy migrate from one suite to a
> > better one, or when a deployment can easily migrate? The current
> > text implies the former, but I'm not sure if we'd be better off
> > aiming more for the latter.
> 
> +1
> 
> > 2.1: "Algorithm identifiers, on the other hand, impose a burden on
> > implementations by forcing a determination at run-time regarding
> > which algorithm combinations are acceptable." Here you mean IPsec
> > style or chinese menu style alg ids. Do we need to make sure that
> > alg id and suite id are used consistently throughout as one or the
> > other but not both, and do we need a new term that means either? (I
> > find this clear enough, but I'm not sure if it might confuse some
> > readers.)
> 
> This is not necessarily about "pick one from each column". For example,
> an S/MIME implementation has to decide whether to accept a particular
> algorithm for authentication if it has a policy "always strong crypto".
> 
> >
> > 2.3: "a mechanism is needed to determine whether the new algorithm
> > has been deployed" I think that's overstated, maybe
> > s/needed/desirable/ would be better?  (maybe with a bit more
> > wordsmithing)
> 
> +1. "mechanism" is overstated (although "policy" is usually a mess...).
> 
> >
> > 2.4: The SHOULD for integrity only applies when the negotiation is
> > done over the network, but some "selection" methods might not need
> > protocol integrity mechanisms. Maybe drop "selection" there?
> >
> > 2.4: Maybe join paras 2 and 3, para 2 alone reads a little oddly
> >
> > 2.9: I'm not really a fan of blessing weaker algs for OS, but I lost
> > that argument before. I wonder if we would get consensus if this
> > said that weak algs are better than no encryption but still MUST be
> > deprecated as soon as feasible?
> >
> > 3.1, 1st para: I think this could do with some more editing.
> >
> > 3.2: "some people say" is a bit too weasel-wordy
> 
> Disagree. We don't have solid statements from enough believable parties
> here.
> 
> >
> > 3.2: the second para here is repetition, I think you could delete
> > all or almost all of that
> >
> > 4: "eliminate the cruft" - yes, I like that:-)
> >
> > general: there are some typos throughout, another pass to fix those
> > would be good but I didn't have time to note them all sorry
> 
> --Paul Hoffman
> 
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag