Re: [secdir] Secdir last call review of draft-ietf-ohai-ohttp-05
Martin Thomson <mt@lowentropy.net> Fri, 09 December 2022 03:39 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9338C152587; Thu, 8 Dec 2022 19:39:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=MKFAAxpr; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=BmS0ap0q
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b2EoTlJ_4IQZ; Thu, 8 Dec 2022 19:39:21 -0800 (PST)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0E04C14F75F; Thu, 8 Dec 2022 19:39:20 -0800 (PST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id AF4553200344; Thu, 8 Dec 2022 22:39:17 -0500 (EST)
Received: from imap41 ([10.202.2.91]) by compute6.internal (MEProxy); Thu, 08 Dec 2022 22:39:18 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:cc:content-transfer-encoding:content-type:date:date:from :from:in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm3; t=1670557156; x= 1670643556; bh=PMCEuOCd4dvIgPNPuTrNZDkIIy4CObu/7/fl2um0sYQ=; b=M KFAAxprYQ5BRY35+9kUbHXbKnp5/nGTWmLme913WS0uSKeyqof92FsehzY8c8z/c +XpguWF8MZRA0Zks355S65+kjsX+7fHIMVxpTMBeNSoIsRrvKDjmkFh/qcSboJLm rcf5vTXFfpuABxWDP+U9RuXrxbJwlLdaJgDNxF2U+moPzqvcR46+QbaX6JckJmEk mq/JOpTpnFUqJEAfY6NOjFc5qcJb+sCOaLqX8xFke7Ux1rtI5wE7ldRT1M2PY/Yx k+sVboUvFimZoyQOk9We042vIgZsOCoJcNpClm2XMtM41H5r9Lg53CCInQ4sp6xl UygBuwxFvosFJLaIKCncw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1670557156; x= 1670643556; bh=PMCEuOCd4dvIgPNPuTrNZDkIIy4CObu/7/fl2um0sYQ=; b=B mS0ap0qASJygedpdFpFSxIEegE2TUOzGjCJCGW3MDCM7AMlRa+6fhXni+m028DkY +44qeuz9d4tOoYC/Gw/dtFMGppyp1SnK0rIc5awJ187vO2C2BUTknjU7NGKav60h aP42Sbzp/+3/v4c/RQppz4A3XrXf3GuEpCQBtaucNHOUWQliHL+X/gYmCgPvdrC1 zNlK5jYyFTDb7Jp4tlRQTIH9FuYBZN/MM5O/aQ5zCgalD1NSOczrn1wfyNY/Q54n D6XhW2INYLmabPyP/HK4WiAQaEqrFDExzTzYcL+lku+GWeE1I+4sDRSUagz2AG6q DXZp66ILcVMvUsmpW90zA==
X-ME-Sender: <xms:5K2SY7xxEwqqdZbsgYz5zVG-lLrGt32vmLrQ8IeUzSMuOhA6-6VKzw> <xme:5K2SYzRxvOttUaRdb_OWameeXPAM9QX4L7h_T4aXvaPHFdF52wkJozDGhv__lU3W1 mOFdlceorNpMtAbj0U>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvddugdeifecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvvefutgfgsehtqhertderreejnecuhfhrohhmpedfofgr rhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenuc ggtffrrghtthgvrhhnpeeiueeuieetieejiefggedutefgteffhfffudeifffffeffleev ieetteduffdtjeenucffohhmrghinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrh fuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhp hidrnhgvth
X-ME-Proxy: <xmx:5K2SY1VDQRjxQdB2T3ZTKyxFQ2lm3BCVeVPIZVNVj5n4_fhHkC0-uw> <xmx:5K2SY1h1hwN_7ngL4pnArARAv6fT7oMKb0CvmtZzrkKwhqmLVZNxWg> <xmx:5K2SY9DKfe3SLm-SjzSL3ARTpwVUSN-pAPRYaP-m2dYAsI-drzkVgA> <xmx:5K2SY67TZk_L1hL3kiORYjHIpFfszAQWmqkcT5Mynn-9gFgGxQ4ggQ>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 82086234007B; Thu, 8 Dec 2022 22:39:16 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.7.0-alpha0-1115-g8b801eadce-fm-20221102.001-g8b801ead
Mime-Version: 1.0
Message-Id: <daef5d2f-2c60-4386-9f9f-fa772156079e@betaapp.fastmail.com>
In-Reply-To: <d303c4e3-ca0f-4915-4240-8ecf96ef01cc@isode.com>
References: <d303c4e3-ca0f-4915-4240-8ecf96ef01cc@isode.com>
Date: Fri, 09 Dec 2022 14:39:00 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Alexey Melnikov <alexey.melnikov@isode.com>, secdir@ietf.org, draft-ietf-ohai-ohttp@ietf.org
Cc: last-call@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/UkgFh5FDEoZhSSJ3YIpgjp8-Sf8>
Subject: Re: [secdir] Secdir last call review of draft-ietf-ohai-ohttp-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Dec 2022 03:39:25 -0000
Hey Alexey, Thanks for reviewing. I'll respond inline and link some pull requests as appropriate. Some of the changes were already made in response to other reviews, which I think is a good sign that some changes are needed. On Fri, Dec 9, 2022, at 01:02, Alexey Melnikov wrote: > It looks that the term "server" sometimes means the target server and > sometimes the Oblivious Gateway. I think this creates a bit of confusion > when reading the document. Kyle Rose also noted similar concerns: https://github.com/ietf-wg-ohai/oblivious-http/pull/225 There are good reasons for the condensing of the gateway and target resources into "server" for the security analysis. But I've put in more effort here to correct the terminology usage. > |4.4. Encapsulation of Responses > | > | Given an HPKE context context, a request message request, and a > > I wish the document used a convention for variables/fields to make > reading of paragraphs like this a bit easier. Maybe put them in quotes? Ah, you are reading the text version, which lacks the markings of the HTML version. I agree. We have already made some changes in this regard, using commas to separate where the definition appears. (I think that Sean Turner suggested the requisite changes.) The example you quoted now appears as: > Given an HPKE context, context; a request message, request; and a response, response, servers generate an Encapsulated Response, enc_response, as follows: > > 1. Export a secret, secret, from context, using the string "message/bhttp response" as the exporter_context parameter to context.Export; see Section 5.3 of [HPKE]. The length of this secret is max(Nn, Nk), where Nn and Nk are the length of AEAD key and nonce associated with context. Note: Section 4.6 discusses how alternative message formats might use a different context value. The changes are in our editor's copy, but the changeset was https://github.com/ietf-wg-ohai/oblivious-http/pull/221 Open to suggestions for improvement. The first sentence you quote is still a little janky. > The following comment is with my Media Type reviewer hat on and it > applies to all 3 section 9.1, 9.2 and 9.3. Using section 9.3 as an example: Thanks for that. Fixed in: https://github.com/ietf-wg-ohai/oblivious-http/pull/230 (I hope)
- [secdir] Secdir last call review of draft-ietf-oh… Alexey Melnikov
- Re: [secdir] Secdir last call review of draft-iet… Martin Thomson