IETF Logo Mail Archive

[lamps] AD Review: draft-ietf-lamps-cms-hash-sig-08

Roman Danyliw <rdd@cert.org> Thu, 11 July 2019 17:26 UTC

Return-Path: <rdd@cert.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DB74120490 for <spasm@ietfa.amsl.com>; Thu, 11 Jul 2019 10:26:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 56X13YgFw0EO for <spasm@ietfa.amsl.com>; Thu, 11 Jul 2019 10:26:02 -0700 (PDT)
Received: from taper.sei.cmu.edu (taper.sei.cmu.edu [147.72.252.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A17EE120271 for <spasm@ietf.org>; Thu, 11 Jul 2019 10:26:02 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by taper.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x6BHQ1uP009881 for <spasm@ietf.org>; Thu, 11 Jul 2019 13:26:01 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 taper.sei.cmu.edu x6BHQ1uP009881
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1562865961; bh=WwHHdOwAC2VnRsWJtFdQGNlf2ilBXiKUK5wllgaDTlU=; h=From:To:Subject:Date:From; b=osgqm8xkc3s9O7W30IFeCMG7aqNotLntQKgKma00PQzK6VKFt7W2Lo/bKy+Ch7WVz sDE0Z5AySUmDdW5y6SBvjQ0vIiUDdwy147IdL0IK5OICJXGGopg2HBr47KLFBviu58 wKvywUhDV+kYXRzVnEtP1bv+LvZ/RGeaQM7AxSgI=
Received: from CASSINA.ad.sei.cmu.edu (cassina.ad.sei.cmu.edu [10.64.28.249]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x6BHPwXD031405 for <spasm@ietf.org>; Thu, 11 Jul 2019 13:25:58 -0400
Received: from MARCHAND.ad.sei.cmu.edu ([10.64.28.251]) by CASSINA.ad.sei.cmu.edu ([10.64.28.249]) with mapi id 14.03.0439.000; Thu, 11 Jul 2019 13:25:58 -0400
From: Roman Danyliw <rdd@cert.org>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: AD Review: draft-ietf-lamps-cms-hash-sig-08
Thread-Index: AdU4DFJniyrzBBvrQQ2vMK3V3Jcnmw==
Date: Thu, 11 Jul 2019 17:25:57 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01B33CD760@marchand>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.22.6]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/lZmbwO5DYsV1TpSpQdGkq7HPS0A>
Subject: [lamps] AD Review: draft-ietf-lamps-cms-hash-sig-08
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 17:26:08 -0000

Hi!

The following is my AD review of draft-ietf-lamps-cms-hash-sig-08.  Given the substance of these comments, it can be handled with IETF LC comments.

(1) Section 1.3.  Per the paragraph starting with "Today, RSA is often used to digitally sign software updates", why is this discussion about software updates in this draft?  If this is to motivate the weakness of these algorithms?  If so, why not also talk certificates?  An example using DSS?  IMO, this paragraph isn't needed.

(2) Section 2.2.  Per "... a typecode indicating the particular LMS algorithm ...", where is typecode defined?

(3) Section 2.3, when describing the components of the LM-OTS signature value, y[] is not explained

(4) Section 5.  How is the object identifier should be used for the content-type?

(5) Editorial matters

** Abstract.  Typo.  s/the the/the/

** Abstract and Section 1.  Expand HSS/LMS on first use

** Abstract.  Editorial.  It seems odd to wait till the third paragraph to explain what is HSS/LMS.  Perhaps sentence one should be what is HSS/LMS (sentence 1).

** Section 1.3.  Would this section be better titled as "Motivation"?

** Section 1.3.  Editorial (remove colloquialism).  s/some researchers/researcher/

** Section 1.3.  FWIW, I didn't find the quote compelling contextually.  Six years ago it suggests significant changes are coming but there is no follow-up on whether they were correct with the benefit of hindsight.  Likewise, the relevant advances in quantum computers isn't cited.

The reference is helpful.  Perhaps I would have just said:

"There have been recent advances in cryptoanalysis [BH2013] and in the development of quantum computers [insert ref].  Each of these advances pose a threat to widely deployed digital signature algorithms.  There is a need to prepare for a day that cryptosystems such as RSA and DSA that depend on discrete logarithm and factoring cannot be depended upon."

** Section 1.3.  The text "Hash-based signatures [HASSIG] are currently defined ... An IANA registry is defined ..." is duplicated almost verbatim again in Section 2.  Why is it needed twice.  IMO, it can be removed here.

** Section 1.3. LM-OTS signature generation needs a reference.

** Section 2.  Provide a reference to the IANA registry.

** Section 2.1.  Per "Otherwise, generation of the entire tree might take weeks on longer", perhaps add "on a current <insert system type>".

** Section 2.1.  Cite the functions (i.e., u32str() is from [HASHSIG]) and string notation (i.e., "||" is concat)

** s/in Section 3.3/in struct signed_public_key in Section 3.3/

v2.23.0 | Report a Bug | By Email