Re: [lamps] Genart last call review of draft-ietf-lamps-crmf-update-algs-04
Russ Housley <housley@vigilsec.com> Fri, 26 March 2021 19:34 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 022083A0AFE for <spasm@ietfa.amsl.com>; Fri, 26 Mar 2021 12:34:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D1kW851w4Os7 for <spasm@ietfa.amsl.com>; Fri, 26 Mar 2021 12:34:37 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA2D33A0AEB for <spasm@ietf.org>; Fri, 26 Mar 2021 12:34:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id BE124300BA5 for <spasm@ietf.org>; Fri, 26 Mar 2021 15:27:06 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id X-GeE4nqvnRo for <spasm@ietf.org>; Fri, 26 Mar 2021 15:27:04 -0400 (EDT)
Received: from [192.168.1.161] (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 3C700300AEF; Fri, 26 Mar 2021 15:27:04 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <161677207615.11612.13922111242017074185@ietfa.amsl.com>
Date: Fri, 26 Mar 2021 15:27:04 -0400
Cc: IETF Gen-ART <gen-art@ietf.org>, last-call@ietf.org, LAMPS <spasm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <5E3926F8-7E34-4815-BB93-5274F53FE1AE@vigilsec.com>
References: <161677207615.11612.13922111242017074185@ietfa.amsl.com>
To: Ines Robles <mariainesrobles@googlemail.com>
X-Mailer: Apple Mail (2.3445.104.17)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/COZkza39kBZzYj3E8n6rt_HYU3A>
Subject: Re: [lamps] Genart last call review of draft-ietf-lamps-crmf-update-algs-04
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 19:34:42 -0000
Ines Robles: Thank you for the careful review and comments. > Nits/Comments: > > 1- Introduction: "however, these algorithms are no longer > considered the best choices. " => It would be nice to add 1 or more > sentences explaining why they are no longer the best choices I suggest: This document updates the cryptographic algorithm requirements for the Password-Based Message Authentication Code (MAC) in the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) [RFC4211]. The algorithms specified in [RFC4211] were appropriate in 2005; however, these algorithms are no longer considered the best choices: * HMAC-SHA1 [HMAC][SHS] is not boken yet, but there are much stronger alternatives [RFC6194]. * DES-MAC [PKCS11] provides 56 bits of security, which is no longer considered secure [WITHDRAW]. * Triple-DES-MAC [PKCS11] provides 112 bits of security, which is now deprecated [TRANSIT]. This update specifies algorithms that are more appropriate today. With these references: [RFC6194] Polk, T., Chen, L., Turner, S., and P. Hoffman, "Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms", RFC 6194, DOI 10.17487/RFC6194, March 2011, <https://www.rfc-editor.org/info/rfc6194>. [TRANSIT] National Institute of Standards and Technology, "Transitioning the use of cryptographic algorithms and key lengths", NIST SP 800-131Ar2, March 2019. [WITHDRAW] National Institute of Standards and Technology, "NIST Withdraws Outdated Data Encryption Standard", 2 June 2005. > 2- Page 3: "id-PasswordBasedMAC as presented in Section 4.4 of this document" > It should be perhaps be "id-PasswordBasedMAC as presented in Section 4.4 of > [RFC4211]" ? I was thinking of the NEW text appearing in the "updated" RFC 4211. Your suggestion is more clear. > 3- If this document does not present privacy considerations, should it be > explicitly mentioned in Section 6? I do not agree. A document that simply modernized the mandatory-to-implement cryptographic algorithm in not the place to introduce the privacy considerations for CRMF. > 4- Since the new updates include the use of PBMAC1, HMAC-SHA256, AES-GMAC AES. > Should Section 6 include considerations about them or point to place where to > find them? e.g. For information on security considerations for PBMAC1 see > [rfc8018#section-8]. Good idea. I suggest: Please see [RFC8018] for security considerations related to PBMAC1. Please see [HMAC] and [SHS] for security considerations related to HMAC-SHA256. Please see [AES] and [GMAC] for security considerations related to AES-GMAC. Russ
- [lamps] Genart last call review of draft-ietf-lam… Ines Robles via Datatracker
- Re: [lamps] Genart last call review of draft-ietf… Russ Housley
- Re: [lamps] Genart last call review of draft-ietf… Ines Robles
- Re: [lamps] [Last-Call] Genart last call review o… Lars Eggert