Re: [secdir] Secdir last call review of draft-ietf-lisp-sec-26
Luigi Iannone <ggx@gigix.net> Thu, 09 June 2022 08:11 UTC
Return-Path: <ggx@gigix.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BE28C157B58 for <secdir@ietfa.amsl.com>; Thu, 9 Jun 2022 01:11:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gigix-net.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dRzihPI5Ow97 for <secdir@ietfa.amsl.com>; Thu, 9 Jun 2022 01:11:39 -0700 (PDT)
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8612C14F726 for <secdir@ietf.org>; Thu, 9 Jun 2022 01:11:39 -0700 (PDT)
Received: by mail-wr1-x433.google.com with SMTP id q26so20903435wra.1 for <secdir@ietf.org>; Thu, 09 Jun 2022 01:11:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gigix-net.20210112.gappssmtp.com; s=20210112; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=d2MjoY0bG6mdNfJ8BWlfzSEThc5SGuALoNEBh0I7+OM=; b=jbW8TFitkmGeE8PC7dkX4nRQpEiIQ/36VlmNBc7egfUs1uVyCQDaPTsn8CviyyTcJH XJ+jgGvX7ixzDc0G2BomtvrAWAPl77Tx/0zLkiPi9XQAlxPjY1FKKq5FWMAcNj9UMC7r heVJ3m8oQsCGikm3+CeqrkK/F/t7uqwIgJ0f6QyizD5g9AcwCZzamybsPhVD/KK1s26/ KG2aPIw8sdAoA36LBlyK05jg6P8rrKxfA9v8MG41q9K4Dlvdy2BwLSYBb/x91daucU5F GsP3AdrZadRtNhp7162zT2DwHqvzblbNetjqB/rIHF8VrnJUebjpUtNsoMWgIlqtTalG k+MA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=d2MjoY0bG6mdNfJ8BWlfzSEThc5SGuALoNEBh0I7+OM=; b=OSyyuvEjBvej0ktCcenJ+vrvVNDgjquPXvaPzwIV1Gap4dKtAECAGF4RgPpQKg0602 IEFPcPrNToSlm8RylegOxuB3qVR1u1mJ2AKusMcVFAo4FMLy9dgVRMXOaJEit6YAcJlT fZ/TjYyvUSh+7wFTnmbBuKyg8ODD7USlSx6eFWyTyXsSCzX7wzspUGHGFNNJc2uJ4Ter O1srn1rv7zI4EEC6ePe3vPXcXONW6fT6MS3ej4oJ9jcMGwZ/xc02VMLX4TkCcJfv7/a0 yPWpOnMJXPiGMHWfrRsovfGaLlaF4bpzqajTsvWX2EdtmZ0mkSKgTvZjDc4pgpkfz/+l 2NBw==
X-Gm-Message-State: AOAM531sBcGNaQNM+eB59cEzTWkjMyTkyVsHcapuZO5v5UFOs4LvALxu Qdku/UUWIFIrSXaY8srPVSEpgw==
X-Google-Smtp-Source: ABdhPJz2wND7Xl4T6Zs9k3X3DWajhhxT2PTKl9kpbYse96rGVHxF2j9kHwnWqCphq7nh3baVAypbVA==
X-Received: by 2002:a5d:64ca:0:b0:218:5503:d0c3 with SMTP id f10-20020a5d64ca000000b002185503d0c3mr11083564wri.168.1654762297611; Thu, 09 Jun 2022 01:11:37 -0700 (PDT)
Received: from smtpclient.apple ([37.172.52.14]) by smtp.gmail.com with ESMTPSA id h24-20020a05600c145800b0039c54bb28f2sm10436869wmi.36.2022.06.09.01.11.36 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Jun 2022 01:11:36 -0700 (PDT)
From: Luigi Iannone <ggx@gigix.net>
Message-Id: <FC184D37-9FD3-471A-BF1A-05ECC11F31F1@gigix.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6ED7F4B7-36E9-4A0D-8EB9-EB7908A3BCA4"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
Date: Thu, 09 Jun 2022 10:11:35 +0200
In-Reply-To: <e5f3ba4f-c250-31de-59eb-8d3cc30b71a4@isode.com>
Cc: "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-lisp-sec.all@ietf.org
To: Alexey Melnikov <alexey.melnikov@isode.com>
References: <422b173b-64b2-679b-2929-609dbdf3eb58@isode.com> <6ECF9F57-308C-49F6-B2E2-0FB899DA4AEF@gigix.net> <e5f3ba4f-c250-31de-59eb-8d3cc30b71a4@isode.com>
X-Mailer: Apple Mail (2.3696.100.31)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/in6Y7GNw8XFDoLjPUwENdY2DO1w>
Subject: Re: [secdir] Secdir last call review of draft-ietf-lisp-sec-26
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2022 08:11:44 -0000
Hi again Alexey, > On 8 Jun 2022, at 18:58, Alexey Melnikov <alexey.melnikov@isode.com> wrote: >> >> Wouldn’t this create an issue with older implementations? >> Do you think that text could be adapted to RECOMMEND SHA-256 also expressing the concern that old implementation may not interoperate? >>> As a side note, this is what I found in draft-ietf-lisp-rfc6833bis: >>> >>> 2. Implementations SHOULD use the 'HMAC-SHA256-128+HKDF-SHA256' as >>> the Algorithm ID (Section 12.5) in Map-Register message >>> (Section 5.6), and MUST NOT use 'None' or 'HMAC-SHA-1-96-None' as >>> Algorithm ID (Section 12.5) in the Map-Register message >>> (Section 5.6) >>> >>> >>> 1: The KDF algorithm is identified by the field 'Algorithm ID' >>> according to the table in Section 12.5. Implementations of >>> this specification MUST implement HMAC-SHA-256-128 [RFC4868] >>> and SHOULD implement HMAC-SHA-256-128+HKDF-SHA256 [RFC5869] . >>> >>> >>> To publish an authoritative EID-to-RLOC mapping with a Map-Server >>> using the Map-Register message, an ETR includes authentication data >>> that is a MAC of the entire message using a key derived from the pre- >>> shared secret. An implementation SHOULD support HMAC-SHA256- >>> 128+HKDF-SHA256 [RFC5869]. >>> >>> There are some possible inconsistencies between this draft and draft-ietf-lisp-rfc6833bis. >>> >> >> Can you be more specific? > So in draft-ietf-lisp-sec-26 the requirements are: > > MUST AUTH-HMAC-SHA-1-96 > MUST AES-KEY-WRAP-128+HKDF-SHA256 > MUST HKDF-SHA1-128 > > In draft-ietf-lisp-rfc6833bis (in the 3 paragraphs quoted above): > > SHOULD HMAC-SHA256-128+HKDF-SHA256 and MUST NOT HMAC-SHA-1-96-None. > MUST HMAC-SHA-256-128 and SHOULD HMAC-SHA-256-128+HKDF-SHA256 > > In the thirs paragraph: SHOULD HMAC-SHA256-128+HKDF-SHA256. This is similar to HMAC-SHA-256-128+HKDF-SHA256, but there is no "-" after HMAC-SHA". Is this a typo and should be the same as HMAC-SHA-256-128+HKDF-SHA256? > > I appreciate that these recommendations are for different pieces of software, but, for example, you require use of HMAC-SHA-1-96 in one context and disallow its use in another. I am not saying that any of the above should change, but use of different hashing primitives doesn't seem very consistence above. I understand your point and I agree. Not sure whether at this point is worth changing all of that. Ciao L. > > Best Regards, > Alexey >
- [secdir] Secdir last call review of draft-ietf-li… Alexey Melnikov
- Re: [secdir] Secdir last call review of draft-iet… Luigi Iannone
- Re: [secdir] Secdir last call review of draft-iet… Luigi Iannone
- Re: [secdir] Secdir last call review of draft-iet… Alexey Melnikov
- Re: [secdir] Secdir last call review of draft-iet… Alexey Melnikov
- Re: [secdir] Secdir last call review of draft-iet… Luigi Iannone
- Re: [secdir] Secdir last call review of draft-iet… Luigi Iannone
- Re: [secdir] Secdir last call review of draft-iet… Alexey Melnikov