[secdir] secdir review of draft-ietf-sipcore-digest-scheme-08

David Mandelberg <david@mandelberg.org> Thu, 05 September 2019 14:12 UTC

Return-Path: <david@mandelberg.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63B7B1200D7 for <secdir@ietfa.amsl.com>; Thu, 5 Sep 2019 07:12:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.801
X-Spam-Level:
X-Spam-Status: No, score=-0.801 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mandelberg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XGTVo0bAYvjt for <secdir@ietfa.amsl.com>; Thu, 5 Sep 2019 07:12:12 -0700 (PDT)
Received: from smtp.rcn.com (smtp.rcn.com [69.168.97.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C1CD120026 for <secdir@ietf.org>; Thu, 5 Sep 2019 07:12:12 -0700 (PDT)
X_CMAE_Category: , ,
X-CNFS-Analysis: v=2.3 cv=BoPjPrf5 c=1 sm=1 tr=0 a=OXtaa+9CFT7WVSERtyqzJw==:117 a=OXtaa+9CFT7WVSERtyqzJw==:17 a=KGjhK52YXX0A:10 a=IkcTkHD0fZMA:10 a=NTnny0joGdQA:10 a=J70Eh1EUuV4A:10 a=bmmO2AaSJ7QA:10 a=iiazv-oawmH03g7Men8A:9 a=QEXdDO2ut3YA:10 a=Z5ABNNGmrOfJ6cZ5bIyy:22 a=bWyr8ysk75zN3GCy5bjg:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
X-Authed-Username: ZHNlb21uQHJjbi5jb20=
Authentication-Results: smtp02.rcn.cmh.synacor.com header.from=david@mandelberg.org; sender-id=softfail
Authentication-Results: smtp02.rcn.cmh.synacor.com header.DKIM-Signature=@mandelberg.org; dkim=pass
Authentication-Results: smtp02.rcn.cmh.synacor.com smtp.mail=david@mandelberg.org; spf=softfail; sender-id=softfail
Authentication-Results: smtp02.rcn.cmh.synacor.com smtp.user=dseomn@rcn.com; auth=pass (LOGIN)
Received: from [209.6.43.168] ([209.6.43.168:49554] helo=uriel.mandelberg.org) by smtp.rcn.com (envelope-from <david@mandelberg.org>) (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTPSA (cipher=DHE-RSA-AES256-GCM-SHA384) id 56/50-38394-7B7117D5; Thu, 05 Sep 2019 10:12:07 -0400
Received: from [192.168.1.152] (DD-WRT [192.168.1.1]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 0894F1C60AC; Thu, 5 Sep 2019 10:12:06 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mandelberg.org; s=201909; t=1567692726; bh=Ew+Wfca8pzN4lqnVktoShI1uTNm7uBNL2v32ASNfOHA=; h=To:From:Subject:Date:From; b=mhiiBznWJa4J5uWyWne3+PZIy+rfENQXDGhMZUhEH1LY4MM50v4byrBGOrA69A3nf RMYTQflAu1ingrT26UCdWoeQtgPdouZtC11DJ01tRqt8duw8dCo1KfQtkAsXbTrnGQ KN8UxCUxlIWK42em4woV6HHStOe9sXuWsoRVqLLEO6k3gGoRoPSakrPytzQEiq93Dh Zxb9KQvzgdebWnx2od04McoWAVUf9qkxm8vmuXXCa/Kuiy0rJbzbIJ8wAwblfNWm4q iZXOsOUyWPA5DQP7lRA4Zb5ixCIga1qRvqMrnQECBYdFN48D/deNuCKGo7KntB9HYn Uf99E6/eQB5+Q==
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-sipcore-digest-scheme.all@ietf.org
From: David Mandelberg <david@mandelberg.org>
Message-ID: <46a1f70a-4099-4013-4244-bbf09c7bda8b@mandelberg.org>
Date: Thu, 5 Sep 2019 10:12:04 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RZcOOM1Yn2-ldTkWOD1bt6i6L4U>
Subject: [secdir] secdir review of draft-ietf-sipcore-digest-scheme-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Sep 2019 14:12:15 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is Ready.

This is a pretty straightforward draft to support more modern hash 
algorithms in SIP digest authentication. It doesn't remove support for 
MD5, but it paves the way for that to happen in the future.