[lamps] Artart last call review of draft-ietf-lamps-header-protection-20
Bron Gondwana via Datatracker <noreply@ietf.org> Mon, 18 March 2024 06:59 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: spasm@ietf.org
Delivered-To: spasm@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BC359C151099; Sun, 17 Mar 2024 23:59:06 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Bron Gondwana via Datatracker <noreply@ietf.org>
To: art@ietf.org
Cc: draft-ietf-lamps-header-protection.all@ietf.org, last-call@ietf.org, spasm@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.8.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <171074514675.55089.15405007721268117579@ietfa.amsl.com>
Reply-To: Bron Gondwana <brong@fastmailteam.com>
Date: Sun, 17 Mar 2024 23:59:06 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/pq7-7CnI3JZaip8guRksCcX9j20>
Subject: [lamps] Artart last call review of draft-ietf-lamps-header-protection-20
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 06:59:06 -0000
Reviewer: Bron Gondwana Review result: Ready with Nits I'm the ARTART reviewer for this document. Ouch, 200 pages! I admit I didn't read all the examples, just grepped them for keywords. I do appreciate giving many examples to help implementations check their behaviour against those examples; and wish there was a way to do so by reference without including them inline in a document which is rendered as paginated text. Generally I'm very impressed with the clarity of writing; as with draft-ietf-lamps-e2e-mail-guidance which I also reviewed, it's a pleasure to read this document. I have no editorial comments. My one concern with HP-Removed and HP-Obscured is that some or any of these could be multi-valued headers; and it would be possible to remove or obscure a header (with the more complex hcp algorithms; hcp_minimal only affects a header which SHOULD be single-valued) and have legimitate intermediates add another header with the same name. This is somewhat handled by the language in this draft around things like "List-Unsubscribe", but if the sender happened to have one of these and protect it, then an intermediate adding it might be unintentionally making the message appear to be tampered with. And the intermediate can't know that this header is being tamper protected; because the HP-Obscured and HP-Removed headers are NOT visible to the intermediate. My initial proposal around this was to have some kind of count in HP-Obscured (or multiple of them with the same name), and any multi-valued header, include one per removal in HP-Removed - but I'm unsure whether this is overthinking things. Bron.
- [lamps] Artart last call review of draft-ietf-lam… Bron Gondwana via Datatracker