IETF Logo Mail Archive

Re: [secdir] [EXTERNAL] Secdir last call review of draft-ietf-lamps-ocsp-nonce-update-04

Himanshu Sharma <himanshu@netskope.com> Tue, 09 April 2024 05:24 UTC

Return-Path: <himanshu@netskope.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6F86C14F619 for <secdir@ietfa.amsl.com>; Mon, 8 Apr 2024 22:24:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.092
X-Spam-Level:
X-Spam-Status: No, score=-2.092 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netskope.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LzogBiS29gPY for <secdir@ietfa.amsl.com>; Mon, 8 Apr 2024 22:24:41 -0700 (PDT)
Received: from us-smtp-delivery-117.mimecast.com (us-smtp-delivery-117.mimecast.com [170.10.129.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4A65C1516F3 for <secdir@ietf.org>; Mon, 8 Apr 2024 22:24:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netskope.com; s=mimecast20210603; t=1712640280; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=goVhDgBXJV8s7t3jHv1Uo2HwibmEetOd/fgebsUEMGU=; b=YFfaRTb/4V1g6+uFnRLxqxOtL6KZSls4FObVJx9tn7Q5jmXy+xjASSr6fDg0yL2vIC6KFO 17y0IcjL0knursJr6GgWUfYDqeifKicejQOY7VCkXo4+aqBxe+StMgzoP0n8L3zfGPn4+K zAA5ogQfKbGPxnECT8ODWBX4uEwiL6k=
Received: from mail-qv1-f72.google.com (mail-qv1-f72.google.com [209.85.219.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-451-BPyCjy5YPVmSmcou2pidXA-1; Tue, 09 Apr 2024 01:24:38 -0400
X-MC-Unique: BPyCjy5YPVmSmcou2pidXA-1
Received: by mail-qv1-f72.google.com with SMTP id 6a1803df08f44-6993edda019so47738766d6.3 for <secdir@ietf.org>; Mon, 08 Apr 2024 22:24:38 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712640277; x=1713245077; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=EvyggTvawuajraQFiZTxaoVw1auRKMvln4g0bqd7PF0=; b=o0Im/XjU8h7rRZc5XY2KUZIeLtTzrGL4PIGm0fbjQaM3d/4nSANGIa5tibLElIrwVv zXojMl9fYUoN8nwgHVnGlqo9cFKXf4i9knzLpcaUDYcbqrYErlF/CR8QUdm4Kl7NaKFa pauz5lgQAUHnBGhXkcVbzJdgN0VIcWgbSKE33Rz+GuVgZ46SnE62UqprbfbVpx+bTb9p WzwVJ/TkDDfSgBvcx4yZ5kfoHBNXYmEoh7DwHbB5JLXtw3xnSZ8GHt+djbqirYQOyBhl x2AbyD4nhU183qwoYNBKCWtoVD9uVGgJfivrsRHZvnfu6XPf4T+s8mw3epdZdAw8OZLy 6JBA==
X-Gm-Message-State: AOJu0YyesfZwoCMUvLriDM0lsKDA1bdasLlEmnA/fJKzw/a9vFT5/+4Y ULy2zCXShnZ2B4oji6NKxbRnzmUhAqgiyQ3R/MH4cwAYnIzVOLQBTrHTVzofqDQOKAmh2N9GNHT OPm9koMVu06OT4t5rU9rXG8+FEX2HGolXOpyRYq/3fK30hCfuzy7Imzvki5yhysnXtBKoyWF9nH Bc1OuyplfZUgps1vEljfdr
X-Received: by 2002:ad4:5d6b:0:b0:69b:2aa8:dc45 with SMTP id fn11-20020ad45d6b000000b0069b2aa8dc45mr851216qvb.17.1712640277693; Mon, 08 Apr 2024 22:24:37 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFOF1e7WgzVOJhAHRbau4tB0BM2yMk31U+qaRUHznDNdqWcYY76xcCi1Ikrb+y3LfbCGzAFLuL25OaQ
X-Received: by 2002:ad4:5d6b:0:b0:69b:2aa8:dc45 with SMTP id fn11-20020ad45d6b000000b0069b2aa8dc45mr851200qvb.17.1712640277233; Mon, 08 Apr 2024 22:24:37 -0700 (PDT)
Received: from netskope.com ([163.116.131.244]) by smtp-relay.gmail.com with ESMTPS id q2-20020ad45ca2000000b0069934d123afsm510562qvh.0.2024.04.08.22.24.36 for <secdir@ietf.org> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Apr 2024 22:24:37 -0700 (PDT)
X-Relaying-Domain: netskope.com
Received: by mail-pl1-f198.google.com with SMTP id d9443c01a7336-1e4b70e0dc9so89295ad.3 for <secdir@ietf.org>; Mon, 08 Apr 2024 22:24:36 -0700 (PDT)
X-Received: by 2002:a17:903:2312:b0:1e4:3c7f:c060 with SMTP id d18-20020a170903231200b001e43c7fc060mr5099221plh.66.1712640275628; Mon, 08 Apr 2024 22:24:35 -0700 (PDT)
X-Received: by 2002:a17:903:2312:b0:1e4:3c7f:c060 with SMTP id d18-20020a170903231200b001e43c7fc060mr5099202plh.66.1712640275214; Mon, 08 Apr 2024 22:24:35 -0700 (PDT)
MIME-Version: 1.0
References: <171191291059.15585.6093566049458714751@ietfa.amsl.com> <CAL9pJ7m=FWWwmXt0qBE_EAYtj19HRBDpnUdgq1rvOBpw37xJeg@mail.gmail.com>
In-Reply-To: <CAL9pJ7m=FWWwmXt0qBE_EAYtj19HRBDpnUdgq1rvOBpw37xJeg@mail.gmail.com>
From: Himanshu Sharma <himanshu@netskope.com>
Date: Mon, 08 Apr 2024 22:24:23 -0700
Message-ID: <CAL9pJ7kQJ9_7tgV_qArWLBMGSfd_2dgs6dGEQ4Ex4UHKZV8+uQ@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
Cc: secdir@ietf.org, draft-ietf-lamps-ocsp-nonce-update.all@ietf.org, last-call@ietf.org, spasm@ietf.org
x-netskope-inspected: true
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: netskope.com
Content-Type: multipart/alternative; boundary="0000000000003bd2a80615a323ca"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/nsWemlmHpSZdB8zIblYyGS4k53U>
Subject: Re: [secdir] [EXTERNAL] Secdir last call review of draft-ietf-lamps-ocsp-nonce-update-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2024 05:24:46 -0000

Hi Joseph
    In case the updated I-D was missed, I am trying to put the email on top.
Here I am summarizing our off-line discussion so that everyone in the group
will be on the same page.

[Joe] So 32 bytes will hopefully help interoperability.
[HS] Yes, I mentioned and explained the decision and discussion related to
RFC8954 and keeping the same Nonce length recommendation (32 bytes) for
interoperability purposes. I believe that the concern related to length of
32 bytes has been addressed.


[Joe] I think it is better to have a MUST.  It should result in better
interoperability.  (referring the section 2.1 para 2)
[HS] I have updated I-D to version 05 to include the "MUST" inplace of
"SHOULD"  As per your feedback and discussion.
Now I-D 05 mentions
"An OCSP client that implements this document MUST use a minimum
   length of 32 octets for Nonce octets in the Nonce extension. "


[Joe] With current deployed behavior servers can choose not to support the
nonce extension and ignore it.  For servers that do support the nonce
extension would it be acceptable to say that they have to respond to the
nonce extension if it is between 16 and 128 bytes? Or are there servers
that will just ignore nonces greater that 32 bytes (instead of sending an
error).
[HS] With this Draft we are making sure that the server that supports
Nonce, MUST support the nonce between 16-32  and may choose to ignore the
nonce between 1-to-16 and 33-to-128 bytes.


[Joe] What do clients typically do if they do not get a nonce in response,
do they reject the response?"
[HS] Most of the clients just log a warning message and accept
the response. As few public responders do not support nonce for performance
reasons.


I believe the I-D 05 version  (
https://datatracker.ietf.org/doc/draft-ietf-lamps-ocsp-nonce-update/05/)
addresses your concerns. Please let me know if there is any outstanding
concern that I can answer.

-Himanshu


On Thu, Apr 4, 2024 at 11:58 AM Himanshu Sharma <himanshu@netskope.com>
wrote:

> Hi Joseph,
>   As discussed offline, explained and agreed upon the reason for choosing
> the 32 bytes primarily for backward compatibility, and explained about the
> behavior of ocsp client in case of response that doesn't contain nonce from
> responder.
> I have updated the ID (
> https://datatracker.ietf.org/doc/draft-ietf-lamps-ocsp-nonce-update/05/)
> according to your and other reviewr's suggestions.
> Russ helped in verification of ASN.1 modules and it compiles fine.
>
> I believe it satisfies all the outstanding questions.
>  Please let me know if there are still any outstanding questions that I
> can answer in order to get the approval.
>
> Thanks
> Himanshu
>
>
>
>
> On Sun, Mar 31, 2024 at 12:21 PM Joseph Salowey via Datatracker <
> noreply@ietf.org> wrote:
>
>> Reviewer: Joseph Salowey
>> Review result: Has Issues
>>
>> I have reviewed this document as part of the security directorate's
>> ongoing effort to review all IETF documents being processed by the
>> IESG. These comments were written primarily for the benefit of the
>> security area directors. Document editors and WG chairs should treat
>> these comments just like any other last call comments.
>>
>> The summary of the review is has issues.  I'm probably just missing some
>> history/context, here are the items that stood out.
>>
>> 1. The document states "An OCSP client that implements this document
>> SHOULD use
>> a minimum length of 32 octets for Nonce octets in the Nonce extension."
>> How
>> was the minimum of 32 bytes chosen? This seems like it might be longer
>> than
>> necessary. Is there a security reason for this or a different reason?
>> Later in
>> the document it states receiver MUST accept at least 16 octets.
>>
>> 2. In addition, the SHOULD should say when it is acceptable not to follow
>> it.
>> When is it OK for an implementation to send less than 32 bytes?  For
>> example,
>> you could rephrase this as "clients MUST use a minimum length of 32 octets
>> unless they are configured to interoperate with a OCSP responder that
>> requires
>> a shorter nonce length or ... ".  Also if a client uses more than 32 bytes
>> their request may be ignored.
>>
>> 3. An 8954 server will respond to greater than 32 octet nonce with a
>> malformedRequest. The client can report this and indicate that perhaps it
>> needs
>> to be configured to talk to an 8954 server. The text goes further to say
>> that
>> the server MAY ignore nonces greater than 32 and less than 16 octets.
>> Does this
>> mean that the response does not contain the nonce? What should the client
>> do in
>> this case? Why even allow responders to ignore a nonce that is greater
>> than 32
>> octets?
>>
>> 4. I took a look at the ASN.1, it looks OK to me, but I'm a bit rusty. I
>> assume
>> that it was reviewed by the working group, it not then someone with more
>> recent
>> ASN.1 experience should look at it.
>>
>>
>>

v2.23.0 | Report a Bug | By Email