Re: [secdir] SecDir review of draft-ietf-keyprov-pskc-05
"Philip Hoyer" <phoyer@actividentity.com> Tue, 11 May 2010 11:18 UTC
Return-Path: <phoyer@actividentity.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 936B23A68C1; Tue, 11 May 2010 04:18:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.471
X-Spam-Level:
X-Spam-Status: No, score=0.471 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_50=0.001, HELO_EQ_FR=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EGA0WXU6f-a1; Tue, 11 May 2010 04:18:24 -0700 (PDT)
Received: from frhub1.activcard.fr (frhub1.activcard.fr [92.103.229.143]) by core3.amsl.com (Postfix) with ESMTP id 789233A68CC; Tue, 11 May 2010 04:17:04 -0700 (PDT)
Received: from sur-corp-ex-02.corp.ad.activcard.com (sur-corp-ex-02.corp.ad.activcard.com [192.168.33.40]) by frhub1.activcard.fr (Postfix) with ESMTP id B94A4183947; Tue, 11 May 2010 13:16:52 +0200 (CEST)
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Tue, 11 May 2010 13:19:42 +0200
Message-ID: <5BFE9E473DBFC24CA87F18F29B3F0AC406890884@sur-corp-ex-02.corp.ad.activcard.com>
In-Reply-To: <4BDF2F06.2030406@inrialpes.fr>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: SecDir review of draft-ietf-keyprov-pskc-05
Thread-Index: Acrq/eqCAFT9H3o4TRiMNcLiwclhsgF9mL9g
References: <4BDF2F06.2030406@inrialpes.fr>
From: Philip Hoyer <phoyer@actividentity.com>
To: Vincent Roca <vincent.roca@inrialpes.fr>, secdir@ietf.org, iesg@ietf.org
X-Mailman-Approved-At: Tue, 11 May 2010 04:40:50 -0700
Cc: draft-ietf-keyprov-pskc.all@tools.ietf.org
Subject: Re: [secdir] SecDir review of draft-ietf-keyprov-pskc-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 May 2010 11:18:25 -0000
Vincent, Thanks for the review please see comments [PH] inline -----Original Message----- From: Vincent Roca [mailto:vincent.roca@inrialpes.fr] Sent: Monday, May 03, 2010 9:16 PM To: secdir@ietf.org; iesg@ietf.org Cc: draft-ietf-keyprov-pskc.all@tools.ietf.org Subject: SecDir review of draft-ietf-keyprov-pskc-05 All, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. 1- section 13: about the use of the reserved keywords... On many places I have the feeling that the authors are not sufficiently directive. Two examples (others will follow): * introduction: must => MUST in sentence: "This means that special care must be taken to ensure the confidentiality..." [PH] corrected * 13.1: before the last paragraph of the first solution, add: "Additionally, it is strongly RECOMMENDED that practical implementations use PBESalt and PBEIterationCount when PBE encryption is used." [PH] Added and corrected sentence 2- section 13, about the use of the term "payload" in titles: After reading the introduction of section 13, I understand that "payload" refers to "the information contained within [a PSKC container]". However I have the feeling that the three desired security services are for the whole PSKC container, not only "the information contained within". The titles are therefore a little bit misleading IMHO. [PH] agreed and changed to PSKC 3- section 13.1: rather than "one of the password-based encryption methods provided above", I suggest the authors add an explicit reference to section 6.2. [PH] added explicit reference 4- section 13.1: it is said: "Different PBESalt value per key container should be used for best protection." It's rather ambiguous. It's not clear to me whether it is recommended to use a different PBESalt for each PSKC container, or whether it is recommended to use a different PBESalt when a given PSKC container carries several keys, one PBESalt per key. Also: "should" => "SHOULD" [PH] corrected to " A different PBESalt value per PSKC SHOULD be used for best protection." 5- section 13.1: why isn't the IPsec/ESP not considered also as a third solution to provide the confidentiality, integrity and sender authentication services? Why do the authors only focus on PCKS integrated or TLS solutions? It's not clear. [PH] the authors felt that the usage of the container was intended for application level interchange of keys. Especially in online scenarios where TLS is much more prevalent than IPSec. This does not mean that one could not envisage use of the PSKC over IPsec and hence use IPsec protection mechanisms. 6- section 13.1, last but one paragraph: The authors say that TLS offers extra security measures, especially when the digital signature does not encompass the entire payload. I agree, but section 13.1 is dedicated to confidentiality, not to integrity/authenticity verifications. Referring to digital signatures is meaningless in this section. [PH] agreed and removed 7- section 13.1, last paragraph: Instead of: "Validating the secure channel end-points" I'd rather say: "Authenticating". [PH] agreed and corrected 8- sections 13.1, 13.2 and 13.3: It is mentioned on several places that TLS can be useful in situations where "the signature of the payload does not encompass the entire payload". Shouldn't the authors RECOMMEND that the digital signature encompass the whole payload instead? It would clarify... This is all the more true if TLS is not used, in which case this is strongly RECOMMENDED. [PH] changed text of section 13.2 "PSKC Integrity" to: " It is RECOMMENDED that for best security practices, the digital signature of the container encompasses the entire PSKC." 9- section 13.3: it is said: "A weaker payload authenticity guarantee may be provided by the transport layer if it is configured to digest each message it transports." Why is this feature necessarily weaker? The source can be authenticated with the same level of security as if it was done by the recipient end. [PH] it is weaker in the sense that the TLS endpoints could differ from the key provisioning endpoints. So in that sense the signature in the message would protect it from message sender to receiver. Typos: * section 13.1 (also section 3): Rather than saying "the portable key container", I suggest the authors either write everything in extenso, or use the PSKC acronym. [PH] changed to PSKC besides in the first sentence of the section. * section 6.3, first sentence: a comma is missing between "element information", making the sentence difficult to understand. [PH] corrected Regards, Vincent
- [secdir] SecDir review of draft-ietf-keyprov-pskc… Vincent Roca
- Re: [secdir] SecDir review of draft-ietf-keyprov-… Philip Hoyer
- Re: [secdir] SecDir review of draft-ietf-keyprov-… Vincent Roca
- Re: [secdir] SecDir review of draft-ietf-keyprov-… Philip Hoyer