Re: [saag] AD review of draft-iab-crypto-alg-agility-06

"Paul Hoffman" <paul.hoffman@vpnc.org> Fri, 17 July 2015 20:51 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBA911A1C02 for <saag@ietfa.amsl.com>; Fri, 17 Jul 2015 13:51:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.953
X-Spam-Level:
X-Spam-Status: No, score=0.953 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553, MANGLED_LIST=2.3] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lQY_C9hg39Yx for <saag@ietfa.amsl.com>; Fri, 17 Jul 2015 13:51:13 -0700 (PDT)
Received: from hoffman.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF94B1A1BFA for <saag@ietf.org>; Fri, 17 Jul 2015 13:51:12 -0700 (PDT)
Received: from [10.32.60.127] ([104.129.192.84]) (authenticated bits=0) by hoffman.proper.com (8.15.1/8.14.9) with ESMTPSA id t6HKp3vC048373 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 17 Jul 2015 13:51:04 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host [104.129.192.84] claimed to be [10.32.60.127]
From: "Paul Hoffman" <paul.hoffman@vpnc.org>
To: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
Date: Fri, 17 Jul 2015 13:51:03 -0700
Message-ID: <2F4FD8A9-2222-47E1-A895-003258D88E7C@vpnc.org>
In-Reply-To: <55A938F1.9090404@cs.tcd.ie>
References: <55A938F1.9090404@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed
X-Mailer: MailMate (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/RkB0wJXCt460fHNlCsHZh8GB5kw>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jul 2015 20:51:13 -0000

On 17 Jul 2015, at 10:18, Stephen Farrell wrote:

> intro, 3rd para: are we saying that agility is achieved when a
> protocol (specification) can easliy migrate from one suite to a
> better one, or when a deployment can easily migrate? The current
> text implies the former, but I'm not sure if we'd be better off
> aiming more for the latter.

+1

> 2.1: "Algorithm identifiers, on the other hand, impose a burden on
> implementations by forcing a determination at run-time regarding
> which algorithm combinations are acceptable." Here you mean IPsec
> style or chinese menu style alg ids. Do we need to make sure that
> alg id and suite id are used consistently throughout as one or the
> other but not both, and do we need a new term that means either? (I
> find this clear enough, but I'm not sure if it might confuse some
> readers.)

This is not necessarily about "pick one from each column". For example, 
an S/MIME implementation has to decide whether to accept a particular 
algorithm for authentication if it has a policy "always strong crypto".

>
> 2.3: "a mechanism is needed to determine whether the new algorithm
> has been deployed" I think that's overstated, maybe
> s/needed/desirable/ would be better?  (maybe with a bit more
> wordsmithing)

+1. "mechanism" is overstated (although "policy" is usually a mess...).

>
> 2.4: The SHOULD for integrity only applies when the negotiation is
> done over the network, but some "selection" methods might not need
> protocol integrity mechanisms. Maybe drop "selection" there?
>
> 2.4: Maybe join paras 2 and 3, para 2 alone reads a little oddly
>
> 2.9: I'm not really a fan of blessing weaker algs for OS, but I lost
> that argument before. I wonder if we would get consensus if this
> said that weak algs are better than no encryption but still MUST be
> deprecated as soon as feasible?
>
> 3.1, 1st para: I think this could do with some more editing.
>
> 3.2: "some people say" is a bit too weasel-wordy

Disagree. We don't have solid statements from enough believable parties 
here.

>
> 3.2: the second para here is repetition, I think you could delete
> all or almost all of that
>
> 4: "eliminate the cruft" - yes, I like that:-)
>
> general: there are some typos throughout, another pass to fix those
> would be good but I didn't have time to note them all sorry

--Paul Hoffman