[secdir] secdir review of Re: I-D Action: draft-ietf-ntp-extension-field-05.txt

Sean Turner <sean@sn3rd.com> Mon, 02 November 2015 08:52 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1210B1B34FD for <secdir@ietfa.amsl.com>; Mon, 2 Nov 2015 00:52:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SPmaKc3gyQxw for <secdir@ietfa.amsl.com>; Mon, 2 Nov 2015 00:52:34 -0800 (PST)
Received: from mail-pa0-x22f.google.com (mail-pa0-x22f.google.com [IPv6:2607:f8b0:400e:c03::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D621B1B34B8 for <secdir@ietf.org>; Mon, 2 Nov 2015 00:52:33 -0800 (PST)
Received: by pacfv9 with SMTP id fv9so148763330pac.3 for <secdir@ietf.org>; Mon, 02 Nov 2015 00:52:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=JR/4bDrwTjv29p+O6/Quqkqxq93NQnH1mvvy9OodOTY=; b=UhQY6e/hAcM891smR0k/5eVwSeVSoRBo+QcS55F+nJ8gdk+p6DPVZQmCYkIwRSY82b l6EammdI8q7xh/XwpqQ7teg5HKvM99YwBWCxLF9ZLlohQyfiz85alxXOQ05ZNyoh1Sdv IbalwZtkOfzbLx96tvOtAu8Jbqe1S8If6hwQk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:content-transfer-encoding:message-id:references:to; bh=JR/4bDrwTjv29p+O6/Quqkqxq93NQnH1mvvy9OodOTY=; b=GldL65tA0fBEGOZCZP+lHZvpSrES1sTXTl8tOGrgafZUWas4uOaG6jftV2dcDmFQDq O0J1qjT5awsxHaekE8IFhab8bqq8RAOHTRTU9HQjKrNpZouMOJL1QDbYnIVaRV49Gcg4 EMD/2SHHnqU42mq2rBhc24qoWQpHJlxvdN+cLaxfz2Lu5WK4e7Lk+mb0bqI6nrkx2dfS TY9pqZzHqUj9ujE0DvPwSsKEguB6vSlM1nnJNLbvWiWLRHDoJ3xoqwis28F0Q+AaG3kG 6/Xej9OFxjEe73v8WkhaLX/N49NWwEJE6aHcD5BSjqurEdYFEbmjjOcEHt5fgUwx8A86 mKIw==
X-Gm-Message-State: ALoCoQkJ1aGEYzOFg9iQcR/uMAjyz7zoGSXA77WMbrGcyxr7OGSRigE/+FtX8FrBF8yuXvRgvh3Z
X-Received: by 10.68.183.228 with SMTP id ep4mr26147201pbc.54.1446454353504; Mon, 02 Nov 2015 00:52:33 -0800 (PST)
Received: from t20010c4000003024a954d2ff947796cc.v6.meeting.ietf94.jp (t20010c4000003024a954d2ff947796cc.v6.meeting.ietf94.jp. [2001:c40:0:3024:a954:d2ff:9477:96cc]) by smtp.gmail.com with ESMTPSA id we9sm22682969pab.3.2015.11.02.00.52.32 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 02 Nov 2015 00:52:32 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.1 \(3096.5\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <20151101165448.18272.29225.idtracker@ietfa.amsl.com>
Date: Mon, 2 Nov 2015 17:52:29 +0900
Content-Transfer-Encoding: quoted-printable
Message-Id: <2205089A-4961-4582-824F-C21138775DC8@sn3rd.com>
References: <20151101165448.18272.29225.idtracker@ietfa.amsl.com>
To: draft-ietf-ntp-extension-field.all@tools.ietf.org, The IESG <iesg@ietf.org>, secdir@ietf.org
X-Mailer: Apple Mail (2.3096.5)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/3B9hEBIyu83_k0E1rtQIV2mhr0Q>
Subject: [secdir] secdir review of Re: I-D Action: draft-ietf-ntp-extension-field-05.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Nov 2015 08:52:35 -0000

This version addresses my main concerns.

Not sure what you’re going to do with this though, but I guess that another draft’s problem:

> On Sep 17, 2015, at 02:02, Danny Mayer <mayer@pdmconsulting.net>; wrote:
> 
> We probably need to update the dgest field in RFC5905 to make it clear
> that it can have multiple lengths depending on the algorithm used. On
> the other hand I would prefer to get rid of the MAC and turn it into an
> extension field, assuming that the NTS/CMS scheme is not used. The
> advantages of that is obvious especially as no guessing would be
> required and we could specify the algorithm to use and you could have
> multiple MAC extension fields that would cover different parts of the
> packet.

spt