[lamps] AD review of draft-ietf-lamps-rfc3709bis-04
Roman Danyliw <rdd@cert.org> Thu, 13 October 2022 14:10 UTC
Return-Path: <rdd@cert.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E66DC14F745 for <spasm@ietfa.amsl.com>; Thu, 13 Oct 2022 07:10:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fzoW6J9RQDf6 for <spasm@ietfa.amsl.com>; Thu, 13 Oct 2022 07:10:13 -0700 (PDT)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0109.outbound.protection.office365.us [23.103.208.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B496C14CF1E for <spasm@ietf.org>; Thu, 13 Oct 2022 07:10:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=McgzscZ5GgBwIjgc2lwefv9qnlZPM4Dum8kCgG1qpGhdPRnz102WCb/C6XtZh56pAkH/T3AEfaI3Dyqx4k6X+zvYzgPlRokddJpOJFNItQIkPkbPpyj8DCgQmxsuO2z8bJI1j/h1BSmR64Io1EAbbcRCYPZo36y9+ltbdGEE8qhcR7GPSGpZ6xrpjAo+BEOXBFJjzZKh9/+7VgWYl988568XWpRX4mjSuU/wFjarJAHGRLm2IYltYVtYJGMyFC6f19QWD4ygVRcyDjOTr03Gg8NlM7OElfVKct0J6psuBO+aS7PA3UWmrFRfAjCn8r1JHuGJX/lyAMxIibaDlxx9PQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2gBP8GVl/+B4x96s2emYk8o7aHGRc2XxJ+fae5OJhtQ=; b=vJwV0xjMd9ct2vRDX3RA/akFQ4QriYKguBn/4rbvuiC80d+tB8hO2TNU1vIRitpH9yAPZvEEHtFDVbI0g1S2+UQfCS9vlpwPkAzisbDa5Iw3TfPiVf8YD/6opg83tLPH37qXDCMX1Lmpepyr9qztXyeZv4Rnep2NhPR0TahNeiREsC/I8jV+0sWiwdwWdgoZW2SuSWPgXXRTRjqdji4TG6ZeRFvVr2vknpVbaoT4c5DBJ0fNRQyUnkalScVljKhtbwFQJjaA4IaC3FTDELv8LnadDfmlbx0g3u1WSJdZ68qOBQr/9BbqGM9iAbXFVaxqTpq/S3lubi3v5b8R4HqdNQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2gBP8GVl/+B4x96s2emYk8o7aHGRc2XxJ+fae5OJhtQ=; b=nDyCDn98+2Iu6g9VaC/baRonsn8+dNWlB/vzI0rkWd6re8v141I3hq6ezKIsGdWlFljSySj7WZ+3nHKg9atoVUQUfc2yaAiT9CPj1WkWQF17FlPSgxpq0wBcsyqWLeOqubkzGnH3H2MIo4JuSP4OdMMvb6joQO1zR3rPWbJ7r70=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1175.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17c::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.20; Thu, 13 Oct 2022 14:10:09 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::dbc:d573:57cb:e0e1]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::dbc:d573:57cb:e0e1%7]) with mapi id 15.20.5709.022; Thu, 13 Oct 2022 14:10:09 +0000
From: Roman Danyliw <rdd@cert.org>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: AD review of draft-ietf-lamps-rfc3709bis-04
Thread-Index: AdjfDGHfqBvw6IIER0OgXY+fZKlMpg==
Date: Thu, 13 Oct 2022 14:10:08 +0000
Message-ID: <BN2P110MB1107B95AB6FD27F9069DC6B3DC259@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1175:EE_
x-ms-office365-filtering-correlation-id: 8329cfda-2831-423d-51b6-08daad24a2f5
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ortgsdQUkWn+XuVjvTrEcujcGk1XgeacdqeZQvbm5lJTN32o5Ik8OiCi7D4kdUYZEUq8OStbFpKl9iYIquSEq7ztQniVT9HoiByQTquNX+1YIMkBUyypwdqGBVrBAE1OuYHjWxN/M1AbwheSaqc3uvjF5P3xUmrBjr/LIFM4Z7q8pK0yR4EOTX0yypk8Y/8CtuyGHSn3oqfzl8c/bfGhNw//WJ1P7UPViPRQojaJgU5GIBaMwzRe0uNSdGLxNJ3hGDoRmgvIXpbydWx+tA2/AyznAr09xGXvHD+OXJ+0gmjP5L40TKn8YemCzoo2EEqmwek+LhammFV5k9eAJAVuwLebm0kGEdxTXNJzkwcv7eetm1+w3M1CXzT8yzej6HUZcXnrHha04BTu5dYLgCmQLVMuxMc7ZDxgIWDLDCYljdk8EK0KlzCutmLoJOPoDo8SjmmswnUc5QBcRwl8f100DCT88b8P/iCG07bciocHqnS3FWtlpFwZwlEXyUFEXC5kFOXBzcvXXX7U/J+Be5yCU2OU8G76arQWMTxDKoKQZVnR69Ytn14xZLU5z6kiPIZaNBAWMWGrsv5r2EhZnOY7ropQuCYVhAWb2/PvD7PG15pA2i8zKmrZ1pViRwtA3ysOPX2ek87q/yixQPO7KqznmLxcYHKGZF+P2eZLNal6q1MhAJttgwDmVPYFMMnA44uA
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(366004)(451199015)(6916009)(2906002)(8936002)(498600001)(38070700005)(71200400001)(55016003)(86362001)(33656002)(64756008)(66446008)(38100700002)(9686003)(66556008)(83380400001)(8676002)(66946007)(66476007)(76116006)(5660300002)(52536014)(7696005)(122000001)(82960400001)(26005)(6506007)(186003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4dSvPSI0ZaU3aS/Xh+uPu7Jrb/hwBgT446hrXCfLn5PxnyndJRCpb4jLk61ZGjRHTy98CXkN9OEiA7MHVDPtFG6CanLlTRhFpWGyIMdreqQBbZ7PXqsipp4FAmt5CG9she5RZ9JZ5pUk46Wel41KSk7eBdB+mnJHGcdlGDaWmwn0OdIzM8zZMMwI5HrZeQ0H2leZJbHs6YMWhmxJYPx0gGjtx+CXkIkiJVUV1xOuwM6VcenGteOTdsuPWgcSSiAx6UmlAufFdFLdAL8xg/wqC+3D+CHOqTiAbvvVZDT/PVQblfoVrW2cFbng+NrQz3EUbYmIY4FUUw7CFF5Qq24gh1h7/eJoXn5CIz3LXs19GhEa1bii1QE1wsF5d56NAwxFkN5VeQqXG4gRbgp9V0pX9s5UIVIfXDc6Ls3p0/UJsC0=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 8329cfda-2831-423d-51b6-08daad24a2f5
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2022 14:10:09.0135 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1175
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/-y7mwrFZp0gNildqIt5vMklcaFs>
Subject: [lamps] AD review of draft-ietf-lamps-rfc3709bis-04
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2022 14:10:19 -0000
Hi! I performed an AD review of draft-ietf-lamps-rfc3709bis-04. My feedback is below. Thanks for the clean diff from RFC3709. ** Section 1. Editorial. Given the wide use of PKIs in OT, in addition to IT, consider: OLD However, the art of Public Key Infrastructure (PKI) has developed certificates far beyond this functionality in order to meet the needs of modern global networks and heterogeneous information technology structures. NEW However, the art of Public Key Infrastructure (PKI) has developed certificates far beyond this functionality in order to meet the needs of modern global networks and heterogeneous information and operational technology structures. ** Section 2. Editorial. Being explicit of what the URI provides and s/one-way hash/hash/ OLD Image and audio data for logotypes can be remote by including a URI that identifies the location to the logotype data and a one-way hash of the referenced data in the certificate. NEW Image and audio data for logotypes can be provided by reference by including a URI that identifies the location of the logotype data and a hash of the referenced data in the certificate. ** Section 3. If a logotype of a certain type (as defined in Section 2) is represented by more than one image object, then each image objects MUST contain variants of roughly the same visual content. Likewise, if a logotype of a certain type is represented by more than one audio object, then the audio objects MUST contain variants of the same audio information. What is the mechanism to assess "roughly the same visual content" and that the "audio objects ... contain[s] [a] variant of the same audio information"? Will that be subject to the issuer's local policy? Section 4.1 Client applications SHOULD support both direct and indirect addressing. Certificate issuing applications MUST support direct addressing, and certificate issuing applications SHOULD support indirect addressing. Isn't the first sentence redundant to the next two? The second sentence already says direct addressing is required and the third sentence strongly encourages it. ** Section 4.1 All direct addressing URIs SHOULD use either the HTTP scheme (http://...) or the HTTPS scheme (https://...) or the DATA scheme (data://...) [RFC3986]. -- Is support for HTTP needed? If so, why? If it is unavoidable, could some preference be expressed for choosing HTTPS schemes in the sequence before HTTP? -- Editorial. "Either" is intended to choose between two things, three options are presented here ** Section 4.1 ASN.1 definition: LogotypeDetails ::= SEQUENCE { mediaType IA5String, -- MIME media type name and optional -- parameters logotypeHash SEQUENCE SIZE (1..MAX) OF HashAlgAndValue, logotypeURI SEQUENCE SIZE (1..MAX) OF IA5String } Corresponding text: CAs SHOULD include a hash value that computed with the one-way hash function associated with the certificate signature, and CAs MAY include other hash values. Clients MUST compute a one-way hash value using one of the identified functions, and clients MUST discard the logotype data if the computed hash value does not match the hash value in the certificate extension. -- Typo. s/CA SHOULD include a hash value that computed/CA SHOULD include a hash value that is computed/ -- Per "CAs SHOULD include a hash value that computed with the one-way hash function associated with the certificate signature", it would be clearer to say that "CAs SHOULD use the hash function associated with the certificate signature to compute the hash value ..." -- Per "... and CAs MAY include other hash values", if other hash values are included where are they represented? -- The text doesn't explicitly say that the positional value of the logotypeHash value lines up with the logotypeURI (i.e., hash #3 is for the data at URI #3) ** Section 4.1 Clients MUST compute a one-way hash value using one of the identified functions, Why does the client have to choose between "one of the identified functions?" For validation, isn't the exact hash algorithm specified in the function supposed to be used? ** Section 4.1 ASN.1 LogotypeInfo ::= CHOICE { direct [0] LogotypeData, indirect [1] LogotypeReference } ... LogotypeReference ::= SEQUENCE { refStructHash SEQUENCE SIZE (1..MAX) OF HashAlgAndValue, refStructURI SEQUENCE SIZE (1..MAX) OF IA5String } Text The indirect addressing includes one reference to an external hashed data structure that contains information on the type, content, and location of each image and audio object. Indirect addressing supports cases where each logotype is represented by many alternative audio or image objects. ... When using indirect addressing, the URI (refStructURI) pointing to the external data structure MUST point to a resource that contains the DER-encoded data with the syntax LogotypeData. If I'm reading my ASN.1 correctly, LogotypeReference is used only to implement the indirect functionality. The explanatory text says that indirect is "one reference to an external hash data structure." If only one reference is supported, why is does LogotypeReference support a SEQUENCE of refStructHash and refStructURI? ** Section 4.2 The xSize and ySize fields represent the recommended display size for the logotype image. When a value of 0 (zero) is present, no recommended display size is specified. When non-zero values are present and these values differ from corresponding size values in the referenced image object, then the referenced image SHOULD be scaled to fit within the size parameters of LogotypeImageInfo, while preserving the x and y ratio. Per the idea of preserving the x and y ratio, what is the prescribed behavior when the supplied XSize and ySize would suggest scaling the image in a way where the x and y ratio is not respected. For example, if the source image is 320x240 and the xSize=640 x ySize=480, the ratio is easy to preserve. How would the same image be treated if the xSize=640 and ySize=600. ** Section 4.3 However, the visual representation of Certificate Subject and Certificate Issuer information from the certificate MUST have the same meaning as the textual representation of that information in the certificate itself. Can the visual representation of the Certificate Context conflict with the key usage or basic constraints? ** Section 7 Whether the SVG image is GZIP-compressed or uncompressed, the hash value for the SVG image is calculated over the uncompressed SVG content with canonicalized EOL characters as specified above. When a SVG image is embedded in the certificate extension using the "data" URL scheme, the SVG image data MUST be provided in GZIP- compressed form, and the XML structure, prior to compression, SHOULD use linefeed (0x0A) as the end-of-line (EOL) character. What is the thinking behind the design choice of not hashing the GZIPed file, and instead doing the integrity check against the uncompressed file? ** Section 9 This also underlines the general necessity for relying parties to use up-to-date software libraries to render or dereference data from external sources, including logotype data in certificates, to minimize risks related to processing potentially malicious data before it has been adequately verified and validated. Perhaps add that implementers should heed the guidance in Section 7 of RFC 3986. ** Section 10 Since clients are expected to locally cache logotype data, network traffic to the server containing the logotype data will not be generated every time the certificate is used. Where was this expectation to cache the logotype set? ** Section 10. In addition to the recommendation to use HTTPS and pad HTTPs, would using an encrypted DNS mechanism also help? Regards, Roman
- [lamps] AD review of draft-ietf-lamps-rfc3709bis-… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-rfc3709… Russ Housley
- Re: [lamps] AD review of draft-ietf-lamps-rfc3709… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-rfc3709… Russ Housley
- Re: [lamps] AD review of draft-ietf-lamps-rfc3709… Roman Danyliw