Re: [Taps] AD review of draft-ietf-taps-transport-security-08
"Philipp S. Tiesel" <philipp@tiesel.net> Fri, 04 October 2019 18:44 UTC
Return-Path: <philipp@tiesel.net>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1734E120945; Fri, 4 Oct 2019 11:44:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nYpKfkctWiQl; Fri, 4 Oct 2019 11:44:31 -0700 (PDT)
Received: from einhorn-mail.in-berlin.de (einhorn-mail.in-berlin.de [217.197.80.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23FEE120025; Fri, 4 Oct 2019 11:44:30 -0700 (PDT)
X-Envelope-From: philipp@tiesel.net
Received: from x-berg.in-berlin.de (x-change.in-berlin.de [217.197.86.40]) by einhorn.in-berlin.de with ESMTPS id x94IiQjB014500 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 4 Oct 2019 20:44:26 +0200
Received: from dhcp-242.in-panik.de ([217.197.86.242]) by x-berg.in-berlin.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <philipp@tiesel.net>) id 1iGSWj-0000Ug-Af; Fri, 04 Oct 2019 20:42:05 +0200
From: "Philipp S. Tiesel" <philipp@tiesel.net>
Message-Id: <231DF732-90B1-493C-ADF5-C9A7F3E413F2@tiesel.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5686BBC4-228C-4E1F-B1C5-5F43AB58ED16"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 04 Oct 2019 20:44:25 +0200
In-Reply-To: <aaf9096a8fc31c31138d7edcb18ece02336b7e86.camel@ericsson.com>
Cc: "taps@ietf.org" <taps@ietf.org>, "draft-ietf-taps-transport-security.all@ietf.org" <draft-ietf-taps-transport-security.all@ietf.org>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
References: <DB7PR07MB57363FEBD350EBB0A73A7F9695860@DB7PR07MB5736.eurprd07.prod.outlook.com> <aaf9096a8fc31c31138d7edcb18ece02336b7e86.camel@ericsson.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/3x8VwDlCgsLIWnrHRqD1EHGx4ao>
Subject: Re: [Taps] AD review of draft-ietf-taps-transport-security-08
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Oct 2019 18:44:34 -0000
Hi, the writeup has been updated to explain the obsolete references. - We can go ahead > On 4. Oct 2019, at 11:20, Magnus Westerlund <magnus.westerlund@ericsson.com> wrote: > > Thanks for the answers. > > I will initiate IETF last call of this draft now. > > Phillip, please update the writeup regarding the intentional reference to the > obsoleted TCP-AO. > > Cheers > > Magnus > > On Thu, 2019-09-26 at 08:01 +0000, Magnus Westerlund wrote: >> Hi, >> >> Sorry about the delay in getting the AD review done. Below are my comments and >> questions. Note the questions are truly questions and after answering we can >> discuss if there needed to be any changes or not. >> >> >> 1. Section 4.1: Is there a reason to use TLS 1.2 specification (RFC5246) >> rather than TLS 1.3 as the general reference? >> >> 2. Comment on the writeup: Considering that ID nits results in the below >> relevant references warning I would expect some comment in the writeup if they >> are intentional. If not please update the references. If they are intentional, >> please update the writeup to note them. >> >> >> >> -- Obsolete informational reference (is this intentional?): RFC 2385 >> (Obsoleted by RFC 5925) >> >> -- Obsolete informational reference (is this intentional?): RFC 4474 >> (Obsoleted by RFC 8224) >> >> -- Obsolete informational reference (is this intentional?): RFC 5246 >> (Obsoleted by RFC 8446) >> >> -- Obsolete informational reference (is this intentional?): RFC 7539 >> (Obsoleted by RFC 8439) >> >> 3. Section 4.1.2: Is there a point to mention that TLS forward secrecy are >> dependent on cipher suit for the key exchange and not ensured prior to 1.3? >> >> 4. Section 4.1.2: Second to last paragraph: Broken reference to DTLS 1.3 >> draft: “(Note that this extension is only supported in >> DTLS 1.2 and 1.3 {{?I-D.ietf-tls-dtls13}.)” >> >> 5. Section 4.3.3: “QUIC transport relies on UDP.” Although QUIC is targeting >> UDP as its main deployment vessel, isn’t QUIC in fact dependent on a >> unreliable datagram service. But, maybe writing UDP is more straightforward? >> >> 6. Section 4.5.4: When it comes to variants of SRTP. I think referencing RFC >> 7201 would actually be reasonable, as in the many different options hide some >> transport security options that so far is not discussed in this document. Like >> securing multicasted / broadcasted RTP. >> >> 7. Section 4.5.4: So are ZRTP included as variant because it provides new >> security features? Is that session continuity, or something else? >> >> 8. Section 11: There are a number of references here that I don’t think meets >> the requirement for references. These are the ones that only have a title and >> n.d. All these could include a URL a date when these pages was visited and >> contained the information you want to reference. >> >> >> Cheers >> >> Magnus Westerlund > -- > Cheers > > Magnus Westerlund > > > ---------------------------------------------------------------------- > Network Architecture & Protocols, Ericsson Research > ---------------------------------------------------------------------- > Ericsson AB | Phone +46 10 7148287 > Torshamnsgatan 23 | Mobile +46 73 0949079 > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com <mailto:magnus.westerlund@ericsson.com> > ---------------------------------------------------------------------- AVE! Philipp S. Tiesel / phils… -- {phils}--->---(phils@in-panik.de)--->---(http://phils.in-panik.de)----, wenn w eine aube ist dn man au dran dre en | o Schr an muss hc h (Kurt Schwitters) | :wq! <----(phone: +49-179-6737439)---<---(jabber: phils@in-panik.de)----'
- [Taps] AD review of draft-ietf-taps-transport-sec… Magnus Westerlund
- Re: [Taps] AD review of draft-ietf-taps-transport… Colin Perkins
- Re: [Taps] AD review of draft-ietf-taps-transport… Philipp S. Tiesel
- Re: [Taps] AD review of draft-ietf-taps-transport… Christopher Wood
- Re: [Taps] AD review of draft-ietf-taps-transport… Magnus Westerlund
- Re: [Taps] AD review of draft-ietf-taps-transport… Philipp S. Tiesel