Re: [lamps] WG Last Call for draft-ietf-lamps-ocsp-nonce-01
Mohit Sahni <mohit06jan@gmail.com> Thu, 30 April 2020 04:02 UTC
Return-Path: <mohit06jan@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 218E33A10B5 for <spasm@ietfa.amsl.com>; Wed, 29 Apr 2020 21:02:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0PicB6UAlErA for <spasm@ietfa.amsl.com>; Wed, 29 Apr 2020 21:02:18 -0700 (PDT)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A3823A10AE for <spasm@ietf.org>; Wed, 29 Apr 2020 21:02:18 -0700 (PDT)
Received: by mail-io1-xd2c.google.com with SMTP id z2so19677iol.11 for <spasm@ietf.org>; Wed, 29 Apr 2020 21:02:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Pl6KGQiKPaUPESIu7R/JYbwDzAb/aOpy5ZGEFrUfMGc=; b=T3in9MC4DHLPWM2Yy/5Eo9NVbeNr8m9BmT3gYUCFSQpMWmc+7RjTzMJb1s1QrRuIiQ qxN9SZHb0K5AS8HImNdMn7slghUvtMlVZpZLhQ/hdBbay1Dhso0uSyNGOsDvJA1PO/mN z6dyseI7/rPUyZwpGHPUEpYl11wRP6AcS5nLehpkSfThol9swUB/spNSg6eYP0dEvk0I oxwuzje+U9oWn6VVGUqor8OuckDV6CudrH/GqKAjJOgoqyr+1wQqpdAEANR6kyCeTZrh nC5ON2Yey6seW72cDN/Gzzw1vKdB1akqmYusZ1X+wRxnF4Kq+laGGP69dsgCiRtU9Jym DGAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Pl6KGQiKPaUPESIu7R/JYbwDzAb/aOpy5ZGEFrUfMGc=; b=p3+AV1+4bBLPhrjGkNzIoFrsecrwiCSwZ3q7+LzDavoB/EjR/PoRlsZWErLfnOmVgk oSkstDi847nwxqggIj4EbZEsYi/R0jOaP08fVMihCdfEX0MknZZ90cOoMbBTpzlha7Bc m054Cs1q3jAoi+XsexwCEuXlP8skqYRMGrVmN5z9bX1sOqBn63Llq0frQZHnzZEXFrx8 uS1JowuWVaUCIWhQ5TYqGMVtMiuOXlc5YPVkheSnXaXVcVRdKekotypjNmAP0UZe9uja t+VpXVafd8ZL3X65yEUXGi7Kt5szMRcSzSDIWOqXVuwZ6mAmZw4P5Oq3v7vPnRKAZdzC 08BQ==
X-Gm-Message-State: AGi0PuaQUmJ5nWE/4/Si3RjApf7rZbc/UBPMMGtTObg5E2Wcz1pwgOM2 GdR6q1qDHz/ZI30452Nhi5V2bDitNFu55RHNNys=
X-Google-Smtp-Source: APiQypIALDkrmbZottLC1swBI8dcHlToNigpQH5ZVcXqtxlRYXBsDtxFA6ctNkU35s3t3G3Z/S6L7Xq1+gxXPkk7eTs=
X-Received: by 2002:a5d:9604:: with SMTP id w4mr42886iol.105.1588219337393; Wed, 29 Apr 2020 21:02:17 -0700 (PDT)
MIME-Version: 1.0
References: <31FF8CDA-9A6B-4C16-ABD0-800E06325748@vigilsec.com> <679B73FC-7C1B-4F9B-87E9-ADF5AB70BCDB@akamai.com> <MN2PR18MB3264D1191332AA6B7B631F4FC3AA0@MN2PR18MB3264.namprd18.prod.outlook.com>
In-Reply-To: <MN2PR18MB3264D1191332AA6B7B631F4FC3AA0@MN2PR18MB3264.namprd18.prod.outlook.com>
From: Mohit Sahni <mohit06jan@gmail.com>
Date: Wed, 29 Apr 2020 21:02:06 -0700
Message-ID: <CAEpwuw06MEdr6xnPhB2w4yZDTtZnJDymQq=cD0tFPM53jMt5Fg@mail.gmail.com>
To: Corey Bonnell <cbonnell@outlook.com>
Cc: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Russ Housley <housley@vigilsec.com>, LAMPS WG <spasm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006e4b9905a47a2173"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/7AH7hhkCr9OXe2I7dgVongXjzCQ>
Subject: Re: [lamps] WG Last Call for draft-ietf-lamps-ocsp-nonce-01
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Apr 2020 04:02:23 -0000
Hi Corey The intention here is to provide a recommended value of 32 bytes and set a lower bound of 16 bytes along with making sure the specification is backward compatible for older clients that talk to new responders. I choose a lower bound of 16 bytes as most of the implementations including OpenSSL uses 16 bytes of nonce by default. Giving a range instead of fixed length provides more flexibility and makes it even more secure by adding one more attribute for an attacker to figure out to guess the nonce. Think of it as trying to guess a fixed size password compared to a variable size password. Thanks Mohit On Wed, Apr 29, 2020 at 6:22 PM Corey Bonnell <cbonnell@outlook.com> wrote: > Section 2.1 mandates that "newer clients" MUST send a nonce of at least 16 > octets output from a CSPRNG. However, section 3.2 specifies that clients > SHOULD send 32-octet nonces. > > Given that newer clients would not be bound by legacy limitations and > could presumably support 32-octet nonces, is there a compelling reason to > specify two different lengths in the two sections? It seems to me it would > be preferable to have alignment with the guidance for newer client > implementations and recommended best practice in the Security > Considerations. > > Thanks, > Corey > > ------------------------------ > *From:* Spasm <spasm-bounces@ietf.org> on behalf of Salz, Rich <rsalz= > 40akamai.com@dmarc.ietf.org> > *Sent:* Monday, April 27, 2020 1:40 PM > *To:* Russ Housley <housley@vigilsec.com>; LAMPS WG <spasm@ietf.org> > *Subject:* Re: [lamps] WG Last Call for draft-ietf-lamps-ocsp-nonce-01 > > Nit in the abstract: > OCSP responder [insert oxford comma here] and possible evasions > > Section 2.1 > newer OCSP clients MUST use length of at least 16 octets for Nonce > Should MUST be a SHOULD? Don't care either way since it says "newer > clients" > > Looks good to me, ship it. > > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > > https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspasm&data=02%7C01%7C%7C89e67c46d5fd4966ff0a08d7ead21ddc%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637236060478859670&sdata=Ol3rSY9uu7Fi3Rjv17KXVV4M%2FWNXJjBgXpWZSxB0oOg%3D&reserved=0 > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm >
- [lamps] WG Last Call for draft-ietf-lamps-ocsp-no… Russ Housley
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Salz, Rich
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Corey Bonnell
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Mohit Sahni
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Russ Housley
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Russ Housley
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Mohit Sahni
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Mohit Sahni
- Re: [lamps] WG Last Call for draft-ietf-lamps-ocs… Russ Housley