Re: [lamps] [EXTERNAL] Martin Duke's No Objection on draft-ietf-lamps-cmp-algorithms-14: (with COMMENT)

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Wed, 01 June 2022 16:50 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3AF2C14CF1E; Wed, 1 Jun 2022 09:50:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XqHQ6iJAjkvE; Wed, 1 Jun 2022 09:50:40 -0700 (PDT)
Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03on20621.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1a::621]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96735C14F73B; Wed, 1 Jun 2022 09:50:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m4bA3RTZn5rIVgEWQXYXajwQjSLnNoGHzcxA8+4TTiOxWlxD3XmfbNp5A9BEueP7FvMNxtcaM7/sVwd35Foz3tARPV6wxc9o7Jde0/X6sPqEDdrQfzd0i5JgQG7i+HX19hch4P2yWM9dECm+KSivWFHdibLAMIJIQBS5Igu92UnwDr38Ha79g9ywtJxjoP4najYfEqiYJ0t1uSXe7s/wlpFWkeDpJuR/Dt/0H5ainNNpLTCVo7zQMH11+3TDmHWQk20+5SLcNIqt/QlFza36oJXDQQ+J6d3I1jJzUyN75GOwnifKevK3p51v/v5/Xxu7zNQJrvtuoDk+tnRQF33QXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ppKrV+3IVSJE1+slD+n2aKH5iH91J56czxh6+uWOVeM=; b=CRfufI8gHC9FkwszvliPvbAzS2vXysQCxtG2rb3xOIyTJsLJPo2ptQ+LUjFNH/3Q/26p7RxWQp7tLCGISrmCxs3Zyu4dQmrh5dHfPR4ixKdPxHAnwZLAof7TIJDnsKh0XsBFHbx56utZyZGQWne1lXoMK2AB9cEBS5V+mNmb968YiNp21BDhgZkUYO9RhzMvA417VOMIBBj7G9PvLpVuhDjhoFQqoowiD7E8BScv/jS3em0obJXwRyaBmSGWVk+C2irt3qjtBjKEi5b3KSFadFAw9iM5G+AJyK3r1C1REXXphuIhVCckxw0JiN9J6Q3LBvVMTqZrVxIEMt1DDXCIkA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ppKrV+3IVSJE1+slD+n2aKH5iH91J56czxh6+uWOVeM=; b=K1xDNlpBPiPeIWNTEz0bSaZNDhjRo7LZQCK+4tchwfn/L1lbopm5p8QTZ7UlcAWv/vYcUUd184veF7MJ5vvavnuR2CUuRLqa2gVyPNIgPjQnaYuFB004qyO078Pk/5Iwg6GK3ACY8OKQu9H3aPRFll+xsb/yI724wzfV6vaewilBP5hPewvzkrHBtVlICVbtiFJ0PX8pbevCa9UPcN4HmDwuvsTUXV+tHxNb5WHth34I7hRL9bUB2ED9q2laiTfzpgmkxz9CpkPlrDMPIjqPH7xjXsUFX67mxV9QG9aerw/MrTe5PPpebHXTrbtC87FKihUVKbse2tJx1M37JyLVXQ==
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:7d::8) by AS8PR10MB5855.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:524::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.12; Wed, 1 Jun 2022 16:50:35 +0000
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::f97d:3f6e:909d:fbd6]) by GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::f97d:3f6e:909d:fbd6%4]) with mapi id 15.20.5314.012; Wed, 1 Jun 2022 16:50:35 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: The IESG <iesg@ietf.org>
CC: "draft-ietf-lamps-cmp-algorithms@ietf.org" <draft-ietf-lamps-cmp-algorithms@ietf.org>, "lamps-chairs@ietf.org" <lamps-chairs@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>, "housley@vigilsec.com" <housley@vigilsec.com>, "housley@vigilsec.com" <housley@vigilsec.com>
Thread-Topic: [EXTERNAL] Martin Duke's No Objection on draft-ietf-lamps-cmp-algorithms-14: (with COMMENT)
Thread-Index: AQHYdcpoBlRFD9JS4EyyrMXNdBflRK06wHEQ
Date: Wed, 01 Jun 2022 16:50:35 +0000
Message-ID: <GV2PR10MB62101CAC0088446AAA02B235FEDF9@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
References: <165404069488.59074.3290246289413583700@ietfa.amsl.com> <CH0PR11MB5739CDDD0F7D2AC142BF27419FDF9@CH0PR11MB5739.namprd11.prod.outlook.com>
In-Reply-To: <CH0PR11MB5739CDDD0F7D2AC142BF27419FDF9@CH0PR11MB5739.namprd11.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2022-06-01T16:50:34Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=c7a70d12-f5b6-4e13-8e62-c75598a8e866; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 940d4d81-570b-474b-57b3-08da43eed976
x-ms-traffictypediagnostic: AS8PR10MB5855:EE_
x-microsoft-antispam-prvs: <AS8PR10MB5855B9606EBD4CD31134CBBBFEDF9@AS8PR10MB5855.EURPRD10.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Wr/dbO2r/W4cQ3F7CeG0uEWXzwpIIwsS4LeKdCaPcP0y0PVcWqUi7qKCRUgaEqOUocVnxkJ1ioL0G126tT/H25Y8yCkC5cQPdkJLGxmJvxwsXT9f9PPXZiQSid8uwvNlu90DfPRHaHAO3vDnjSZvyNDqQcgEpBZDuFu0/wWqWqh9KfboNYTAefEhkU3E9L1zNGfVuryZhkpZc1p78rlqCrn9KqKY2ZxOqynAmeyB4IRKFqmhTE9rf+LimnjtQJZ9OJWeBOE8Qz/25TvUjIXcfAUwOwvzr8TgvSGnwKF9WGbpaz/cT1AnimKc8epyQl3Wkny2hfPx4qCGNhjIhrRC0u1Tg+rRfc8F+ucYuNNGeVnx94b1xykuNus5RZRMv/KrXjRWyAS09mJA4V83a1ZFYzKpDblfu2947S4KITmQYhs/OoTk0yABmi0coGpwRi7odj5GQU4YQYsNp7wNX9IkBES0W5N22WvAaGHKqI4XblDDUl0AW6w+LcV74DLXuh+fHUKjlVcwmAp8K5eku8c/Gk/xgWaQJaaSNFnlXFvzr1kfzhDds0NlOoWGFoJKUxd/ylLZ7p09VCkeD/Z0jTdHtw3ZEyJ0m0A5d2DOQV/zqiWSBtowGPJSwLHPSeKm4fd37GBgb9frNrDGe9RV5DnOwB6Syw5gFIEpK2dDEnFBjVRWYq4DmR/h2l8zRyuadynuEdiL1zULbeRDxyCTJle6Jw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(26005)(6916009)(7696005)(33656002)(54906003)(6506007)(83380400001)(316002)(186003)(508600001)(55016003)(71200400001)(86362001)(9686003)(82960400001)(2906002)(52536014)(8936002)(38100700002)(8676002)(64756008)(38070700005)(4326008)(5660300002)(66446008)(76116006)(66946007)(66476007)(66556008)(122000001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: IK5arnQGDrbiMXYrUmDrOqMTcwoSpFmlQIylITcXyUcNhdIoTRIEjlUFJQIZMS6rZ29OCvE4BvBaW4QmLOFA56+jTQ22V2Irbu3XKjtapzXBpDbUYhqrwG308FrrmLHl1jSwi/Q+o1qQoZGhA8Gsjo5h0W0OtYM4B+08BybWOQYFpEScMKOAxUxxdyiU0jzQ6pbc9LT0sAbLFTBuhBlnn1CMyUcuVzZJeQEJpDuJ/wTjkzye+kjxOmiEgnrVRtX66YjEbZl3B+gjrHN2YtLeo6/WywaRbCHmnZlMDHbXBi76tWNSWGp3rNVZ4KxV0YlM8zuqCqeuRMBD5LDD80yg2yvigdfw1u1esTuogyjKBKjN94LfoEviLEmavYJOZA7SypNQsE9UJEKmuj44aoD/DsIi+LGDTmZj0SBV5GwkTC194Jm4Rd8f8fub61+eSM2StWIvkZEr5dfIv/Ch52PB8HS6QXFH0jHjg9lHNjtHwIl65n8zBuoC/e0lYWniZ85gEz31wYUvan5+LAhRGVqf3gvS8ZsISNAYmsp/MZ1VOyxIj+ojj+TAdAwYCM2DuFD5wLIE5rEw4nzaQsDHr4oBrNAPSaGU+ijA12R7pdqj+QlPjVCcXGyPVcFeMyRfFSSXVmdc+DzmF7uty8A+e54tIcEyh2G4s5WdYHaKfqKWx5Y1YWRVXKWttEiWkKSLW1r/tilXaGq5wSidGCN8iZ9otCXGYpbQQta2LSDy/0wQicS+QgFy+hLeQOz1cTty4LCDRu9B643kAMowoFAqLKtw5M9N/fH54Hfz4reUX/kKDN7KUVJrlGDoYVrQXMp0qbZiK4vYCiGcH8EcRR2qXcbBgbmcOEklRol5iduzPGuh9vW6z3eYQWu5C/600Cvb5L9XCPVA11o63853P3GCySqOns19oD/lL21WRnPlrsRj9Flql+GjrlFxolklKAiIqWYaQ1vA8oeoIq9BmWTXf/rV9d2hzCGt9SVRCZYSVG2vd0Uqfjg+efxd5vhv3YlevjJPg2RZ3t9C01u8ADwZCp6Q7wV4JAXlgSh3jQ8ConSNjo8Fzj9LXjCgiK1zGx4T79Uspl+/lsrTrsZLLmtXxRmp92+TYmrbyUbqUEB/kRQdyF8hs53BH6kbwT50900G4wPXqnJMM/9pZHahl79k7jMn6UhG9CRU2hoMPDP0TO3RGIrsSkV35uxZWBD+SjMMWlcVIh7Ze9D92+LOat+WgcEWC0S3JV45bUavpLHOxVXZDcB5nrowOHZBmhHoUzezkRqCYYWd1lgNuvgw7GDUqjlLGNuJArCvviid5ibjeu1b2PlylAgNvQKHlHGUYwt3iDSv6O15J3/yBl39yNfd4wxtgF1J8w0FxU7yOUAPp0BeavOX26ey4KT35B1cqaI0db1NiIOWzH123fa+t77BgPKlbqvnM7jPcCBwOLXZ3lVpcdykdvFGGh6U+xQBcrPsm0SZNXdZDmvxZvL7Mg4z4/kFuy7Ul2AfD1xirDJ/EZ0aWcczl1m/5OTU8WJsEF/EYCbukrKW+aBoesKTWvLrXhK7AhQEbrl2wHSbioC0IrlURjoYsm/TWGyudxwL5sL0dKYrnusZGqtaxMWftbRrSC2VBMp6hHi7/2DtCttDpzaXU3mPnb6qn/5IJHtPyvYSuQCzNhqjmnDfBQUFnc7bUJffwquBPJHhFVtxjLgWP32gsj1z/ACUnKl8OkI7CC6s/VVR9/xg/7q6KeCs1L6BcW9stBLV7wj1dFM0zbFEkx1E0VU=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 940d4d81-570b-474b-57b3-08da43eed976
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jun 2022 16:50:35.5723 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: LGXWD8JdFuMW4WrHQQ0vEP2WpGo4HaYL9qXV6wuL8EhaXEzTEVMY2brGe8g7MFonmQwggBnBvwq+G9ACNP8fB53/UMoizjC0Jdum4LOexPE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR10MB5855
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/tuSOQ8i5UUQB0MyRe0tBi3dlNVM>
Subject: Re: [lamps] [EXTERNAL] Martin Duke's No Objection on draft-ietf-lamps-cmp-algorithms-14: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2022 16:50:44 -0000

Martin

Thank you for this comment. Sorry, I seam to have overlooked it.
Thanks to Mike for pointing me at it.

> From: Martin Duke via Datatracker <noreply@ietf.org>
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> It would be nice if the Introduction motivated this document, perhaps using
> some of the words in the Security Considerations. I didn't really understand what
> this was trying to do until I got there.

My proposal is to move the first paragraph from the Security Considerations to the Introduction.
Does this proposal solves your issue?

Old text: 
1.  Introduction

1.1.  Terminology

New text:
1. Introduction

   RFC 4210 Appendix D.2 [RFC4210] contains a set of algorithms,
   mandatory to be supported by conforming implementations.  These
   algorithms were appropriate at the time CMP was released, but as
   cryptographic algorithms weaken over time, some of them should not be
   used anymore.  In general, new attacks are emerging due to research
   cryptoanalysis or increase in computing power.  New algorithms were
   introduced that are more resistant to today's attacks.

   This document lists current cryptographic algorithms usable with CMP to
   offer a easier way maintaining the list of suitable algorithms over time.  

1.1.  Terminology