IETF Logo Mail Archive

Re: [saag] draft-farrell-decade-ni-09

Hannes Tschofenig <hannes.tschofenig@gmx.net> Sun, 15 July 2012 15:10 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CCD521F858F for <saag@ietfa.amsl.com>; Sun, 15 Jul 2012 08:10:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.629
X-Spam-Level:
X-Spam-Status: No, score=-102.629 tagged_above=-999 required=5 tests=[AWL=-0.030, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gtk210px8wBo for <saag@ietfa.amsl.com>; Sun, 15 Jul 2012 08:10:15 -0700 (PDT)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.23]) by ietfa.amsl.com (Postfix) with SMTP id 1434321F8535 for <saag@ietf.org>; Sun, 15 Jul 2012 08:10:14 -0700 (PDT)
Received: (qmail invoked by alias); 15 Jul 2012 15:10:55 -0000
Received: from a88-115-216-191.elisa-laajakaista.fi (EHLO [192.168.100.106]) [88.115.216.191] by mail.gmx.net (mp069) with SMTP; 15 Jul 2012 17:10:55 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1+3lvp+qga3+sO1DzjK8tmtf8rs8z3zf5ZcA8gS/Z NXyb8fxXKRD9T/
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <5002BAA6.9030106@cs.tcd.ie>
Date: Sun, 15 Jul 2012 18:10:54 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <54EAB1F1-A9EF-49E7-92B7-406556C1EC35@gmx.net>
References: <36712B13-7409-484B-8A86-85AE8A5CB23A@gmx.net> <5002BAA6.9030106@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.1084)
X-Y-GMX-Trusted: 0
Cc: saag@ietf.org
Subject: Re: [saag] draft-farrell-decade-ni-09
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Jul 2012 15:10:16 -0000

Hi Stephen, 

I would expect to find the NI and the NIH scheme in there and nothing more. The rest of feature creep (commonly found in EU funded projects - hint!).  

Nothing about binary encoding, base64 encoding of the URI, anything about certificate formats behind hashed with normative language, no authority field in the URI, no query parameter in the URI, no .well-known URI. 

The consequence: half the size and twice as useful. 

Ciao
Hannes

On Jul 15, 2012, at 3:42 PM, Stephen Farrell wrote:

> 
> Hi Hannes,
> 
> That seems like a bunch of non-actionable comments so
> I don't know what response you were after.
> 
> My guess is you were expecting to read some other
> document, and were surprised when you saw the actual
> content here. But I'm not sure that's a problem that's
> fixable, nor ought be fixed via changes to this draft.
> 
> On 07/15/2012 11:03 AM, Hannes Tschofenig wrote:
>> Hi all, 
>> 
>> I don't really know what the right place is to discuss this document. 
> 
> It was discussed on apps-discuss before IETF LC, starting from
> around the Paris IETF. During IETF LC it was discussed a lot
> (well, I think a lot:-) on ietf@ietf.org and IETF LC ended
> last week. The document's on next week's telechat so if you
> have specific concerns you might want to communicate them to
> an AD as well.
> 
>> Hence, I trying the saag mailing list.
> 
> If you look at the apps-disucss or ietf@ietf.org archives
> you'll maybe get some useful background that covers some of
> this.
> 
>> I read through the document and my impression is that it tries to accomplish a little bit too too much. 
>> 
>> As a high level comment you cannot make an assumption about what information is hashed. Another specification is needed to explain the semantic and these other documents exist. For example, I had asked on the TLS mailing list whether we should use this document to convey fingerprints of raw public keys (which come in form of a SubjectPublicKeyInfo in our case). 
> 
> I have no idea what you mean. This draft can tell you how to
> format hash outputs but can't specify inputs if its to be
> useful. Part of the reason for the draft was that other
> protocols that can specify the inputs and the use of the
> outputs, were all doing it trivially differently, which
> seems like a bad plan. (The document says that.)
> 
>> This has an impact on the security consideration section, the hash algorithm registry, and various statements made in the document. 
>> 
>> For example, the statement that "... the hash SHOULD be calculated over the public key in an X.509 SubjectPublicKeyInfo structure..." isn't really useful when the document aims to provide hashes of all sorts of objects and some might not even be X.509 certificates at all. 
> 
> I disagree. For the case of public keys, we do know that that
> format is useful in more than one case. MUST would be too
> much since generally other specs define hash inputs. Hence
> SHOULD. I think its correct as-is.
> 
>> The encoding of the URI also seems a bit strange. It seems that you have started with the Web use case and then though "Cool. This could be useful in other protocols as well.". But the problem is that other protocols have their own encoding. For example, in the TLS out-of-band validation mechanism there is no internationalization issue nor a need to do a base64 encoding. The binary encoding falls into that category as well.  
> 
> So use it or don't use it, but saying its "a bit strange" is... "a bit
> strange."  If you want the binary format, then use that rather than
> the ni format. That's all fine.
> 
>> The .well-known seems to me pretty unrelated to this specification and may have sneaked into the document as part of the Web use case. 
> 
> I don't know how to handle a "sneaked in" comment. I think its
> a fine thing. (PHB's idea as it happens.)
> 
>> The security consideration is a collection of random thoughts. 
> 
> Again, that's not a comment I know how to process.
> 
>> I have difficulty understanding what is being said there. There are in general two problems to come up with a meaningful text. The first problem is related to the generic nature of your document: it makes a difference what you hash. To pick the TLS oob validation document again there we have a hash of the public key. In other cases you are talking about hashing some file or other objects. Then, the second problem is that you do not know what is done with the hash as part of the overall protocol interaction of the application that is using your URI scheme. So, in the TLS oob validation draft the hash of the public key is associated with the public key cached from an earlier exchange and is also linked to the private key that is then used in the TLS handshake. In other applications the hash just be used to point to some state information that is retrieved. 
> 
> The consequences of using these formats are IMO properly the
> concern of other documents.
> 
>> In a nutshell, there is room to simplify the document. 
> 
> In a nutshell, I guess you were expecting something else.
> Am I right? If so, then perhaps your comments are more about
> that surprise rather than the content of the draft perhaps?
> 
> S.
> 
>> 
>> Ciao
>> Hannes
>> 
>> PS: I am not sure what you are trying to accomplish with the Content Type Query String. 
> 
> See the discussion on ietf@ietf.org where a whole bunch
> of folks wanted that.
> 
> 
>> _______________________________________________
>> saag mailing list
>> saag@ietf.org
>> https://www.ietf.org/mailman/listinfo/saag
>> 
>

v2.23.0 | Report a Bug | By Email