Re: [lamps] Secdir last call review of draft-ietf-lamps-pkix-shake-08
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 08 April 2019 17:16 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 193021200B7; Mon, 8 Apr 2019 10:16:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=cNRwgUN5; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=dDMXcZiX
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Xgyw_e-S_sK; Mon, 8 Apr 2019 10:16:20 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D65BC120103; Mon, 8 Apr 2019 10:16:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2634; q=dns/txt; s=iport; t=1554743780; x=1555953380; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=oc5GspCFN4BWWIjb5Ifk12QHe17bE22IxL2KMY18yxc=; b=cNRwgUN5zTm/caXA/b1VhoarhHPdsDaB+CKFG/hXZMVZCI3IMYTBZGwU UPRUqTuc4RYLqg6kzfrWyr/5ik7a870Y8WZqHsjoHr2sE6GOwpbEVa4s3 Y9gGthj1FUZfdI8A53yVSjGGHEBuDkPQ7SwrkrhSzjdJtWU5haGVFwcP0 A=;
IronPort-PHdr: 9a23:JJsgKxI/hEtS+lRrFdmcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeBvKd2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXFX4JfvyZiozNM9DT1RiuXq8NBsdFQ==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AUAAAWgatc/4wNJK1lGQEBAQEBAQEBAQEBAQcBAQEBAQGBUQQBAQEBAQsBgT1QA2hUIAQLJ4dVA4RSilaCV5cYgS6BJANUDgEBGAsJhEAChWUiNAkNAQEDAQEJAQIBAm0cDIVKAQEBBAEBOAYBASwLAQsEAgEIDgMEAQEfECcLHQgCBAENBQiDG4FdAxUBDqMcAooUgiCCeQEBBYR6GIIMAwWBMAGLRheBQD+BEUaCTD6CYQEBgWODOYImpgkJAogBjBqUXItThiKNXAIEAgQFAg4BAQWBTziBVnAVO4JsggoLAReDTIUUhT9ygSiPRQEB
X-IronPort-AV: E=Sophos;i="5.60,326,1549929600"; d="scan'208";a="544977749"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Apr 2019 17:16:18 +0000
Received: from XCH-RCD-006.cisco.com (xch-rcd-006.cisco.com [173.37.102.16]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id x38HGI3O006786 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 8 Apr 2019 17:16:18 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-006.cisco.com (173.37.102.16) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 8 Apr 2019 12:16:17 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 8 Apr 2019 13:16:16 -0400
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 8 Apr 2019 12:16:15 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rf5sFZfy1N/OtilfylmeqcOZeqxmNw/zupd9ecLTLCs=; b=dDMXcZiXHb8BDm34CxWB212BB8yVuzo7dPIcRJ9KreChqPih7SZBeAKsc8uiPCLoahZwTu/P7jywrTuMJSOIORute588662i+Jxug6Zhhk7XdoxBuL4fH7sOVnfBhDCTOlXin/s5i0L3Nkl3vG4JVaVinqjZissadCMOfGzi3Lk=
Received: from CY4PR11MB1527.namprd11.prod.outlook.com (10.172.70.18) by CY4PR11MB1894.namprd11.prod.outlook.com (10.175.61.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1771.21; Mon, 8 Apr 2019 17:16:14 +0000
Received: from CY4PR11MB1527.namprd11.prod.outlook.com ([fe80::11b1:a7a0:b5b8:bef]) by CY4PR11MB1527.namprd11.prod.outlook.com ([fe80::11b1:a7a0:b5b8:bef%8]) with mapi id 15.20.1771.016; Mon, 8 Apr 2019 17:16:14 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Yoav Nir <ynir.ietf@gmail.com>, "secdir@ietf.org" <secdir@ietf.org>
CC: "spasm@ietf.org" <spasm@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "draft-ietf-lamps-pkix-shake.all@ietf.org" <draft-ietf-lamps-pkix-shake.all@ietf.org>
Thread-Topic: [lamps] Secdir last call review of draft-ietf-lamps-pkix-shake-08
Thread-Index: AQHU5/ykXrE8DKHUeE+V24TJfSdmxKYyhOZQ
Date: Mon, 08 Apr 2019 17:16:14 +0000
Message-ID: <CY4PR11MB152713EDFEB9A5CF786DDE88C92C0@CY4PR11MB1527.namprd11.prod.outlook.com>
References: <155406252797.12369.12070204875103995275@ietfa.amsl.com>
In-Reply-To: <155406252797.12369.12070204875103995275@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [2001:420:c0c4:1005::f1]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: da184403-edb3-4939-27fe-08d6bc45e7d6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(7193020); SRVR:CY4PR11MB1894;
x-ms-traffictypediagnostic: CY4PR11MB1894:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <CY4PR11MB1894A0BDDB07E9CCE9535E23C92C0@CY4PR11MB1894.namprd11.prod.outlook.com>
x-forefront-prvs: 0001227049
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(396003)(376002)(346002)(366004)(136003)(13464003)(51914003)(199004)(189003)(229853002)(106356001)(52536014)(71200400001)(71190400001)(2501003)(99286004)(5660300002)(7736002)(305945005)(74316002)(2906002)(105586002)(256004)(14444005)(86362001)(102836004)(6506007)(53546011)(7696005)(46003)(76176011)(186003)(478600001)(476003)(11346002)(68736007)(6116002)(14454004)(6436002)(6246003)(966005)(54906003)(97736004)(25786009)(8676002)(110136005)(316002)(4326008)(81166006)(81156014)(53936002)(6306002)(9686003)(8936002)(55016002)(446003)(486006)(33656002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR11MB1894; H:CY4PR11MB1527.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 9OW8GlQKCW/5vL8EMM4t7lXi7YdASREpW+XjMIWD9wU0176ob6JB76QGpaiPVipky/1Fqcxsz+VquJNx1cW3iIfxou8wuYNTHt5UUKxx3jXZfVySNLl7aCV3lkZU9FQbbLz/9iPGbtcUdhaygpiwF7VKTcEOdWvzOQeutwjD3fQsqMF/bRY6D4jRzq4fJbXQ9BE76SYCRXcf5YNfHp8uejHjrsHQa2P4aqjeATMWU0aKy11wT38KPrKAM9gBZmIBRll+bh8ttDfCeogJTnLzBeYGjyK8uj4mk9QaeP7ZKoFUcEXW2rM2YVDCZgaBnvZrGJaNn8Uqk+BgpBh+IqABKGc8Oif95S9A9Roblsl+5Z9b1wHBxMq5CeUw6SkmKw0XF+U5QmqsLxCidFrA0ekcn04kH6pDg04mgaRw6gfn7Sw=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: da184403-edb3-4939-27fe-08d6bc45e7d6
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Apr 2019 17:16:14.6459 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1894
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.16, xch-rcd-006.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/FM_qT4pjNOJNzzmSlJkBIlU84zE>
Subject: Re: [lamps] Secdir last call review of draft-ietf-lamps-pkix-shake-08
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2019 17:16:23 -0000
Thanks for the review Yoav. I made changes in the Sec Considerations to address your comments. The changes are described here https://github.com/csosto-pk/adding-shake-to-pkix/issues/42 I will reupload the draft at the end of this week probably unless there are more comments while in IESG review. Panos -----Original Message----- From: Spasm <spasm-bounces@ietf.org> On Behalf Of Yoav Nir via Datatracker Sent: Sunday, March 31, 2019 4:02 PM To: secdir@ietf.org Cc: spasm@ietf.org; ietf@ietf.org; draft-ietf-lamps-pkix-shake.all@ietf.org Subject: [lamps] Secdir last call review of draft-ietf-lamps-pkix-shake-08 Reviewer: Yoav Nir Review result: Has Issues I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document is almost ready. The intent is clear and the IANA instructions are good. I have two issues with the Security Considerations section. That section has two paragraphs, and I'll start with the second one. The second paragraph has a SHOULD-level requirement to choose an ECDSA curve with an appropriate strength to match that of the hash function (SHAKE128 vs SHAKE256). This seems to me like a compliance requirement. While this is not a hard-and-fast rule, these should usually go in the body of the document, such as in section 5 rather than in security considerations. It's also puzzling why there are no similar recommendations for the strength of the RSA key. The first paragraph I find confusing. It states that the SHAKE functions are deterministic, and goes on to explain that this means that executing them on the same input will result in the same output, and that users should not expect this to be the case. Why does this need to be said? Is this not the same for any hash function? The paragraph than goes on to tell the reader that with different output lengths, the shorter ones are prefixes of the longer ones, and that this is like hash function truncation. Why do we need any of this information and why is this related to security? This is especially puzzling considering that the document fixes the output length to a specific value for each of the two functions. _______________________________________________ Spasm mailing list Spasm@ietf.org https://www.ietf.org/mailman/listinfo/spasm
- [lamps] Secdir last call review of draft-ietf-lam… Yoav Nir via Datatracker
- Re: [lamps] Secdir last call review of draft-ietf… Panos Kampanakis (pkampana)