[secdir] Secdir last call review of draft-ietf-kitten-pkinit-alg-agility-04

Takeshi Takahashi <takeshi_takahashi@nict.go.jp> Mon, 18 February 2019 06:12 UTC

Return-Path: <takeshi_takahashi@nict.go.jp>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id DE83E124B0C; Sun, 17 Feb 2019 22:12:49 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Takeshi Takahashi <takeshi_takahashi@nict.go.jp>
To: secdir@ietf.org
Cc: kitten@ietf.org, ietf@ietf.org, draft-ietf-kitten-pkinit-alg-agility.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.91.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155047036985.3948.13609799438850064569@ietfa.amsl.com>
Date: Sun, 17 Feb 2019 22:12:49 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/qun0HUsEK68I3I9WhSf5NoMBkSo>
Subject: [secdir] Secdir last call review of draft-ietf-kitten-pkinit-alg-agility-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Feb 2019 06:12:50 -0000

Reviewer: Takeshi Takahashi
Review result: Ready

I do not see any serious issues on this draft and enjoyed reading it.
I have only minor questions for the purpose of deepening my understanding of
the draft.

1. In section 5, regarding the The TD-CERT-DIGEST-ALGORITHMS-Data message, who
embed the rejectedAlgorithm field? If it will be the KDC, why does the KDC need
to fill and distribute this information to the others?

2. In section 8 (security consideration), it is stated that "to do otherwise
allows an active attacker to perform a downgrade attack". In my understanding
of the draft, arbitrary algorithm could be used (if the negotiation reaches
agreements). I wonder if there is any mechanism that discourages the
negotiation of using insecure algorithms.  For instance, the list of algorithms
that must be treated with care could be listed somewhere?

Thank you, and kind regards,