Re: [Sframe] Publication has been requested for draft-ietf-sframe-enc-06
"Murray S. Kucherawy" <superuser@gmail.com> Thu, 29 February 2024 16:52 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 728C3C14F6B4 for <sframe@ietfa.amsl.com>; Thu, 29 Feb 2024 08:52:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XUQwdhORoclJ for <sframe@ietfa.amsl.com>; Thu, 29 Feb 2024 08:52:17 -0800 (PST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B877EC14F6B2 for <sframe@ietf.org>; Thu, 29 Feb 2024 08:52:17 -0800 (PST)
Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-5645c90f626so243432a12.0 for <sframe@ietf.org>; Thu, 29 Feb 2024 08:52:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709225536; x=1709830336; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=59Lzqb/MoX0RIny2ca0n+5pn62aoEZR9s1btnUHOTps=; b=dWbGFNaW7qAu+24SeEe2Q8OiKDFCS+6ENX4q0T1YObDwaoUyZyIwEGqdiGstL9LXli xJfphVQR19oQ9YARgPq21+dPUgzmprDazE+nnKcfwL79pV3MQZ6HZgKWdaIS1BeXPE9G b/vUdY7XoFETjqdXVqxnJ0MSCqUH1ovkxTCVqa1+wvm5yIEHOX2ymOX3vl9pkX1vxPRi 05Sw6JO22WcSSayZEkwVDvzoxSgZcZJrO1ydlDNf4vruGz72vp2UgFtw12ovFBnJsJU1 W5eJyR/d5dQipmLNDDt9M7uakKyIZLQGh28x9GO7DHWlUrEVsDGEZnN1SBDoKZ4T8nav w2VA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709225536; x=1709830336; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=59Lzqb/MoX0RIny2ca0n+5pn62aoEZR9s1btnUHOTps=; b=nqpVhO7b+xSjfUgtXuF/Mv5adW91kfuaGsi/zZuH8zoktbE3LUUzBy9vLtPM52BJaY 3Bt0Tp/H4SomMUEK0acFR9NrSv6Y81aGINLMPozlvrqtKTvBNSTQQdTa89MI8MXdNEUB OYkJUeXkbWEQIw9qNzhje7h+yLvO4Oef4lN8sCpDiYfZl950nt6bw+ENMjEOw3zGi9/p hbiLR0H1npXI9tJa4QGsCaSFLNMQ3HlvOhKQPtOwRSBfIu9HIuHW7HpiOYjQkr3GDcVT E0t/gtFa/uv+3eUt66f2FgplF8RHi7XKEKWEYdnG4qnpxBJnUCx8hUoxtbwhnmIeQBoh 5GIQ==
X-Gm-Message-State: AOJu0YxSGSK2CGBojOo0Syb9Aawes+rHuUhRUZNECTfQ6YyotS3ogHjU UIi8TaYBplHzZWCRTDd2odtM8WOxveVbJorlFTW25T0IKfXsO28gYDFMCB8x2DNRaibicHEws/J XO2QDw6s+gukg2dgJpUJTgz/fwssaK7ho
X-Google-Smtp-Source: AGHT+IF4Ot8JXOgSjSNEC/Ph0RYiLbwc3nWqltIa+7b3kA2HG6IhvCTvd4BnT2j2Ev1GVr2snSwkDVcUY8xGS5foRp4=
X-Received: by 2002:a17:907:77d7:b0:a3e:9bce:b5b1 with SMTP id kz23-20020a17090777d700b00a3e9bceb5b1mr1528291ejc.5.1709225535196; Thu, 29 Feb 2024 08:52:15 -0800 (PST)
MIME-Version: 1.0
References: <170182043936.679.4345250232615285561@ietfa.amsl.com> <CAL0qLwa+73QryfCxGEG_0FSGRK06sJDsNjq2JZH3X4J9_JeUZg@mail.gmail.com> <CAL02cgTV62U7pRcnJ3EmPn93CmPqH3iyi6m-wERQkz3jWK2wxg@mail.gmail.com>
In-Reply-To: <CAL02cgTV62U7pRcnJ3EmPn93CmPqH3iyi6m-wERQkz3jWK2wxg@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Thu, 29 Feb 2024 08:52:02 -0800
Message-ID: <CAL0qLwbnRm9yKygbS=96dxufmVOhpsH8bTXcYi_ButHrCsdn3Q@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Cc: sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ddd9290612881447"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/AVJcg-JC1bgMQo30eZ5mYNSEBvI>
Subject: Re: [Sframe] Publication has been requested for draft-ietf-sframe-enc-06
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Feb 2024 16:52:18 -0000
Thanks for these; can we expect a -07 with that PR incorporated before I send it to the IESG? -MSK On Thu, Feb 1, 2024 at 2:37 PM Richard Barnes <rlb@ipv.sx> wrote: > Inline... > > On Wed, Jan 31, 2024 at 7:48 PM Murray S. Kucherawy <superuser@gmail.com> > wrote: > >> >> Hello all, >> > > Hello Murray! > > >> Sorry this has taken me so long to get through. Overall I think it's >> quite well done and what I've managed to come up with is mostly minor. So, >> here's what I've got so far; rather than have you keep waiting on more >> comments or questions, I'm going to request Last Call now in parallel with >> me finishing my review. We can deal with these alongside any Last Call >> feedback and directorate reviews if you like. >> > > Sounds good to me. I filed a PR for your comments: > https://github.com/sframe-wg/sframe/pull/183 > > >> In no particular order: >> >> Section 8: >> >> This kind of reads like at one point you were asking for multiple >> registries, but only one remains. Some of the grammar mismatches should be >> tidied up. >> > > Done. > > >> Per RFC 8126, a "Specification Required" registry strongly encourages >> advice to the Designated Expert about what one should consider when >> deciding if the reference being offered is satisfactory, but no such advice >> is present here. Do we need any? >> > > I think the RFC's guidance is sufficient. ("documented in a permanent and > readily available public specification, in sufficient detail so that > interoperability between independent implementations is possible") > > >> Section 4.4.1: >> >> I'm a stickler for correct use of SHOULD, so I'm going to test a couple >> of these. In this section, there's a SHOULD mark keys one way or the >> other, but never both. Since SHOULD allows a choice, is there ever a >> reason to mark a key as both? Or should that really be a MUST? >> > > I think you're right on this one. > > >> Section 4.4.4: >> >> Same SHOULD question. >> > > This one is "SHOULD" as in "it's complicated". For example: > > * Not all crypto libraries are constant-time in this way > * In some systems, failures will manifest to higher layers as dropped > packets, which may end up in things like RTCP reports. > > The attacks that would be enabled by failing to meet the requirement are > conditional in some similarly complicated ways. So it's not an "absolute > requirement"; thus SHOULD. > > There's also a SHOULD in Section 7.3, which is conditional in a similar > way. The desired FS/PCS properties vary among applications, and it's not > up to this specification to enforce a specific set of properties at this > level. > > >> Section 9.3: >> >> Are there any informative references that might be offered regarding the >> mitigations suggested here? >> > > Added a citation to the SRTP algorithm. > > >> >> Section 7.5: >> >> The first bullet appears to be one sentence that's been broken into two. >> > > So you don't like the initial "So". Reworded. > > --RLB > > > >> >> -MSK >> >> >> -- >> Sframe mailing list >> Sframe@ietf.org >> https://www.ietf.org/mailman/listinfo/sframe >> >
- [Sframe] Publication has been requested for draft… Martin Thomson via Datatracker
- Re: [Sframe] Publication has been requested for d… Murray S. Kucherawy
- Re: [Sframe] Publication has been requested for d… Richard Barnes
- Re: [Sframe] Publication has been requested for d… Murray S. Kucherawy
- Re: [Sframe] Publication has been requested for d… Murray S. Kucherawy
- Re: [Sframe] Publication has been requested for d… Richard Barnes
- Re: [Sframe] Publication has been requested for d… Richard Barnes