[secdir] Secdir review of draft-ietf-regext-10

Charlie Kaufman <charliekaufman@outlook.com> Wed, 03 October 2018 04:01 UTC

Return-Path: <charliekaufman@outlook.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D21C130FF0; Tue, 2 Oct 2018 21:01:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id imksIQYSGeG4; Tue, 2 Oct 2018 21:01:30 -0700 (PDT)
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (mail-oln040092011090.outbound.protection.outlook.com [40.92.11.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 798961311C5; Tue, 2 Oct 2018 21:01:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BGkR84zzArM4//ykD1dUgE2anDBQNgb7lD2PGy2PKe8=; b=IZm9fbz1565oXAzW4U1oDo74eqX2yE+govzklVNX+OZEyE1hbXx579rHPXUBFH42DNUJhRtsCyjxgGAdi2c1JBZLq9vFg87waGAMD6kbAhAxXiQTOD92+tVhXFYhho9kHwTeew7dhfxgI0WOojLunzWzJlym1y85MQ3TH6vvOf+piWunAOu+QF+5SePbukC+su3QJg+UB+z2Ryw2C7urAPuKL6/wBuQZBNmcz1392UiDzuNr0Oy80EMso1gpvITgDeBJfVoqaxwhY8O0BIpuh/twXcj/Cf/XBAeMNS9JKcT4TWtwfJbBxQUqh6ij3zJmeN2WjHldDbMe33BrHHQvoA==
Received: from CO1NAM04FT025.eop-NAM04.prod.protection.outlook.com (10.152.90.55) by CO1NAM04HT053.eop-NAM04.prod.protection.outlook.com (10.152.91.127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.1185.13; Wed, 3 Oct 2018 04:01:25 +0000
Received: from CY4PR04MB1031.namprd04.prod.outlook.com (10.152.90.51) by CO1NAM04FT025.mail.protection.outlook.com (10.152.90.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.1185.13 via Frontend Transport; Wed, 3 Oct 2018 04:01:25 +0000
Received: from CY4PR04MB1031.namprd04.prod.outlook.com ([fe80::d8f4:7e4c:6dd4:7330]) by CY4PR04MB1031.namprd04.prod.outlook.com ([fe80::d8f4:7e4c:6dd4:7330%4]) with mapi id 15.20.1185.024; Wed, 3 Oct 2018 04:01:25 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-regext-org.all@ietf.org" <draft-ietf-regext-org.all@ietf.org>
Thread-Topic: Secdir review of draft-ietf-regext-10
Thread-Index: AQHUWs2O7c9sPdfll0Kw2a17trwLwg==
Date: Wed, 3 Oct 2018 04:01:25 +0000
Message-ID: <CY4PR04MB10310B46003EAD868BA2C5FDDFE90@CY4PR04MB1031.namprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:FE6A6290D358872AEB5C7E4EC0610F01C83B328CEDE6432AE95DEF3CA337519C; UpperCasedChecksum:FF97EDB0E4B9E7F11153A1EBC21568947BA5873F4C401861AF776AD3E749DFB9; SizeAsReceived:7076; Count:43
x-tmn: [DVTN2yoNe3ajs0gEMyxOJrSlo0geUFD3t47Wh9kcTgxO2RUuCOhHZIlF6lp1CBRr]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CO1NAM04HT053; 6:KHR2nEaCY9CZPlSpZO8jpvNeEydPZ7XNDM0BRm60Dqz5b2x+LQQMcZT7wlGHMxS9etJTCh10bQ2XugRqvU1CCC6EMso1nnqrF2dlI20KTeq5AiyyM8YlwVBv8MKN4r5xGek6z+OvOhsjn9zK9fFVUsaOgbmRwnW9RwvVhgCqQv8/AsWAL50mkIFarwc2xRYSo1Kc3mAsqR/cKznycP5Zq3Jgh76Q4WHTInMmDLQhbcFun9zsKUzmiq9/o8gfVk3lpKWs8/beZy+oS/i0QdraWMzTkR8VpC5jsczS9L5AhgcMQfJMQKrrZLoau8t5L2yeKnjXl821YXkOzjiwut01QExs4dCB44ilWZ9XjFPyn8UTpy1ieNP2eAR6ZGFyB8oOpdtP6Yvwhd9LCuDwoZ/MyyFUGYghfncCCUxGfzQ7qD1P8aB2V0BGVeOAw/rRsetd8mmKp9dnmsXXHA8ElJna0Q==; 5:5aUBLKOaHYdvwgLYHVh4CiADlViddF32lBPkDJ5OyOmV6P4jFm5FjZpggeDkD5ypCjM/nrxXjTuBriJ5AO6on0l8Gerr4lP2bE2HHVg8vyPy327M7e8Oql3iJzDnqg5eC51HSKsAfnKzF3zfI0D01Ku3OEs6T0s5krMg1x6ekoo=; 7:vr7by7kG/eCQpUAwAp04Fr4vPUBbhUZLf784h2O3E9vlTaf02P2IPtJ7J4EAKqd6ZFNezxpYzWnhbXclatQbzjlpm4YYv50hdUmhKYim8zDJP1nJEbhp0pdRG9Cr2FrjdPSYKmx/Lnw9d7YMJGM1OImxwwef+23CJG8C0tuN+rWWkvug4+NgaOCRWydUc3faeJVn9evPDly8M08FLK/8aNgg/mj+6/o+E5rsUgMb2MPtE7F1qkGouVGa31UCJGVF
x-incomingheadercount: 43
x-eopattributedmessage: 0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1601125500)(1603101475)(1701031045); SRVR:CO1NAM04HT053;
x-ms-traffictypediagnostic: CO1NAM04HT053:
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(4566010)(82015058); SRVR:CO1NAM04HT053; BCL:0; PCL:0; RULEID:; SRVR:CO1NAM04HT053;
x-forefront-prvs: 0814A2C7A3
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(189003)(199004)(14444005)(25786009)(5660300001)(97736004)(486006)(81156014)(56003)(110136005)(99286004)(19627405001)(476003)(6436002)(8936002)(87572001)(102836004)(20460500001)(2900100001)(104016004)(68736007)(33656002)(14454004)(82202002)(86362001)(450100002)(6346003)(71190400001)(2201001)(426003)(54896002)(71200400001)(55016002)(74316002)(46003)(105004)(2501003)(8676002)(256004)(105586002)(5250100002)(106356001)(7696005); DIR:OUT; SFP:1901; SCL:1; SRVR:CO1NAM04HT053; H:CY4PR04MB1031.namprd04.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: outlook.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=charliekaufman@outlook.com;
x-microsoft-antispam-message-info: QsNRHnkFVgNvdV9OYfDQADxbwRC9CPwv+3HiDtGNshoRbomLOJvumPJUlKpvJluKs9+SPCvgNM1M37x94FGQ2e+Z0y2Pk4i7EY0gZxzagNQAqKD6ixsdkpYnm6ci/driW4mMsAKI0qMTpXvk0V3Fe8PWWAYKxApX3BoUyYJB03AD0Enb3x3C/92uC9S8ALhuBhF1rCLSEmBvkC8xD0nGeUEzbJDNagA25NSWwb6lfCA=
Content-Type: multipart/alternative; boundary="_000_CY4PR04MB10310B46003EAD868BA2C5FDDFE90CY4PR04MB1031namp_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 9a4e3081-9524-43cf-bfc3-dcaef82d5da1
X-MS-Exchange-CrossTenant-Network-Message-Id: 579110d0-a290-4c32-a663-08d628e4e3c1
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 9a4e3081-9524-43cf-bfc3-dcaef82d5da1
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Oct 2018 04:01:25.7526 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1NAM04HT053
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/65YjYpaRZkz-fF1f0S_BFa6Ve5Q>
Subject: [secdir] Secdir review of draft-ietf-regext-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Oct 2018 04:01:34 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.


This specification defines a syntax for extending the Extensible Provisioning Protocol (EPP) [RFC 5730] to support a new object type representing organizations. It does not change any aspect of the security of the protocol, and I believe it therefore does not require any sort of detailed security review.


There was one line that I found curious. It might be a typo, or there might be some arcane explanation:


The last paragraph of section 4.2 reads:

"Server operators SHOULD confirm that a client is authorized to perform a transform command on a given object. Any attempt to transform an object by an unauthorized client MUST be rejected, and the server MUST return a 2201 response code to the client to note that the client lacks privileges to execute the requested command."


Given that unauthorized requests MUST be rejected, it seems curious that server operators only SHOULD confirm that the requestor is authorized. I don't know how else the server operator could know to reject unauthorized requests. Perhaps this relates to the question of whether a queued request is rejected before it is queued or only as it is eventually processed.

But this is truly a nit, and even if wrong I don't believe it would ever cause an implementation to be incorrect.


 --Charlie