IETF Logo Mail Archive

Re: [Sframe] Publication has been requested for draft-ietf-sframe-enc-06

"Murray S. Kucherawy" <superuser@gmail.com> Thu, 29 February 2024 16:52 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 728C3C14F6B4 for <sframe@ietfa.amsl.com>; Thu, 29 Feb 2024 08:52:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XUQwdhORoclJ for <sframe@ietfa.amsl.com>; Thu, 29 Feb 2024 08:52:17 -0800 (PST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B877EC14F6B2 for <sframe@ietf.org>; Thu, 29 Feb 2024 08:52:17 -0800 (PST)
Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-5645c90f626so243432a12.0 for <sframe@ietf.org>; Thu, 29 Feb 2024 08:52:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709225536; x=1709830336; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=59Lzqb/MoX0RIny2ca0n+5pn62aoEZR9s1btnUHOTps=; b=dWbGFNaW7qAu+24SeEe2Q8OiKDFCS+6ENX4q0T1YObDwaoUyZyIwEGqdiGstL9LXli xJfphVQR19oQ9YARgPq21+dPUgzmprDazE+nnKcfwL79pV3MQZ6HZgKWdaIS1BeXPE9G b/vUdY7XoFETjqdXVqxnJ0MSCqUH1ovkxTCVqa1+wvm5yIEHOX2ymOX3vl9pkX1vxPRi 05Sw6JO22WcSSayZEkwVDvzoxSgZcZJrO1ydlDNf4vruGz72vp2UgFtw12ovFBnJsJU1 W5eJyR/d5dQipmLNDDt9M7uakKyIZLQGh28x9GO7DHWlUrEVsDGEZnN1SBDoKZ4T8nav w2VA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709225536; x=1709830336; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=59Lzqb/MoX0RIny2ca0n+5pn62aoEZR9s1btnUHOTps=; b=nqpVhO7b+xSjfUgtXuF/Mv5adW91kfuaGsi/zZuH8zoktbE3LUUzBy9vLtPM52BJaY 3Bt0Tp/H4SomMUEK0acFR9NrSv6Y81aGINLMPozlvrqtKTvBNSTQQdTa89MI8MXdNEUB OYkJUeXkbWEQIw9qNzhje7h+yLvO4Oef4lN8sCpDiYfZl950nt6bw+ENMjEOw3zGi9/p hbiLR0H1npXI9tJa4QGsCaSFLNMQ3HlvOhKQPtOwRSBfIu9HIuHW7HpiOYjQkr3GDcVT E0t/gtFa/uv+3eUt66f2FgplF8RHi7XKEKWEYdnG4qnpxBJnUCx8hUoxtbwhnmIeQBoh 5GIQ==
X-Gm-Message-State: AOJu0YxSGSK2CGBojOo0Syb9Aawes+rHuUhRUZNECTfQ6YyotS3ogHjU UIi8TaYBplHzZWCRTDd2odtM8WOxveVbJorlFTW25T0IKfXsO28gYDFMCB8x2DNRaibicHEws/J XO2QDw6s+gukg2dgJpUJTgz/fwssaK7ho
X-Google-Smtp-Source: AGHT+IF4Ot8JXOgSjSNEC/Ph0RYiLbwc3nWqltIa+7b3kA2HG6IhvCTvd4BnT2j2Ev1GVr2snSwkDVcUY8xGS5foRp4=
X-Received: by 2002:a17:907:77d7:b0:a3e:9bce:b5b1 with SMTP id kz23-20020a17090777d700b00a3e9bceb5b1mr1528291ejc.5.1709225535196; Thu, 29 Feb 2024 08:52:15 -0800 (PST)
MIME-Version: 1.0
References: <170182043936.679.4345250232615285561@ietfa.amsl.com> <CAL0qLwa+73QryfCxGEG_0FSGRK06sJDsNjq2JZH3X4J9_JeUZg@mail.gmail.com> <CAL02cgTV62U7pRcnJ3EmPn93CmPqH3iyi6m-wERQkz3jWK2wxg@mail.gmail.com>
In-Reply-To: <CAL02cgTV62U7pRcnJ3EmPn93CmPqH3iyi6m-wERQkz3jWK2wxg@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Thu, 29 Feb 2024 08:52:02 -0800
Message-ID: <CAL0qLwbnRm9yKygbS=96dxufmVOhpsH8bTXcYi_ButHrCsdn3Q@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Cc: sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ddd9290612881447"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/AVJcg-JC1bgMQo30eZ5mYNSEBvI>
Subject: Re: [Sframe] Publication has been requested for draft-ietf-sframe-enc-06
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Media Frames <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Feb 2024 16:52:18 -0000

Thanks for these; can we expect a -07 with that PR incorporated before I
send it to the IESG?

-MSK

On Thu, Feb 1, 2024 at 2:37 PM Richard Barnes <rlb@ipv.sx> wrote:

> Inline...
>
> On Wed, Jan 31, 2024 at 7:48 PM Murray S. Kucherawy <superuser@gmail.com>
> wrote:
>
>>
>> Hello all,
>>
>
> Hello Murray!
>
>
>> Sorry this has taken me so long to get through.  Overall I think it's
>> quite well done and what I've managed to come up with is mostly minor.  So,
>> here's what I've got so far; rather than have you keep waiting on more
>> comments or questions, I'm going to request Last Call now in parallel with
>> me finishing my review.  We can deal with these alongside any Last Call
>> feedback and directorate reviews if you like.
>>
>
> Sounds good to me.  I filed a PR for your comments:
> https://github.com/sframe-wg/sframe/pull/183
>
>
>> In no particular order:
>>
>> Section 8:
>>
>> This kind of reads like at one point you were asking for multiple
>> registries, but only one remains.  Some of the grammar mismatches should be
>> tidied up.
>>
>
> Done.
>
>
>> Per RFC 8126, a "Specification Required" registry strongly encourages
>> advice to the Designated Expert about what one should consider when
>> deciding if the reference being offered is satisfactory, but no such advice
>> is present here.  Do we need any?
>>
>
> I think the RFC's guidance is sufficient. ("documented in a permanent and
> readily available public specification, in sufficient detail so that
> interoperability between independent implementations is possible")
>
>
>> Section 4.4.1:
>>
>> I'm a stickler for correct use of SHOULD, so I'm going to test a couple
>> of these.  In this section, there's a SHOULD mark keys one way or the
>> other, but never both.  Since SHOULD allows a choice, is there ever a
>> reason to mark a key as both?  Or should that really be a MUST?
>>
>
> I think you're right on this one.
>
>
>> Section 4.4.4:
>>
>> Same SHOULD question.
>>
>
> This one is "SHOULD" as in "it's complicated". For example:
>
> * Not all crypto libraries are constant-time in this way
> * In some systems, failures will manifest to higher layers as dropped
> packets, which may end up in things like RTCP reports.
>
> The attacks that would be enabled by failing to meet the requirement are
> conditional in some similarly complicated ways.  So it's not an "absolute
> requirement"; thus SHOULD.
>
> There's also a SHOULD in Section 7.3, which is conditional in a similar
> way.  The desired FS/PCS properties vary among applications, and it's not
> up to this specification to enforce a specific set of properties at this
> level.
>
>
>> Section 9.3:
>>
>> Are there any informative references that might be offered regarding the
>> mitigations suggested here?
>>
>
> Added a citation to the SRTP algorithm.
>
>
>>
>> Section 7.5:
>>
>> The first bullet appears to be one sentence that's been broken into two.
>>
>
> So you don't like the initial "So".  Reworded.
>
> --RLB
>
>
>
>>
>> -MSK
>>
>>
>> --
>> Sframe mailing list
>> Sframe@ietf.org
>> https://www.ietf.org/mailman/listinfo/sframe
>>
>

v2.23.0 | Report a Bug | By Email