IETF Logo Mail Archive

Re: [Taps] Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)

Magnus Westerlund <magnus.westerlund@ericsson.com> Thu, 09 April 2020 14:58 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCDC73A0921; Thu, 9 Apr 2020 07:58:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.267
X-Spam-Level:
X-Spam-Status: No, score=-2.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bzSqQOU8SN-e; Thu, 9 Apr 2020 07:58:47 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20053.outbound.protection.outlook.com [40.107.2.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23C333A091B; Thu, 9 Apr 2020 07:58:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VwRCiQ7i8dqvXA5j+SauskouDI15JAuWIrC9pg1Lg5MTNADGDGgIGCigwbOo6TkRcnc68aD07+1/qUXpa7L2RxTEeAD4gGfMLFzDDVGn91i5azm6MRJTqeJlNJo+zNOQZ6nwDNlI7xKi8htcpnrhucHcnZJuTj8rROinyLb4ehyXYHHUah0dm3XmVY/QRQcnTClbW284dfSLGwketGldQhFSa3HY9Ymmse+ONEMgW1m9GOA5/B+UnYfndWTcdsXHXLJIN14A+5jrIx74ZxuUgKkmT16iWwCjoCqQKokJ8tZoEp+xajBlsdM9yO96mU4JaC9sQBSzDg7efkivAe+vEA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LSYAYNhI6xhP2PC0iREkxw5rn0RE3CAyhCo7Nll7LFM=; b=l4B3NvU0KlXxIL8yevUlJzZIIDsdnCZpkIHWIsna0I6JipWJHvajnuy1YikXqI4i60NqIS/prjslcEcgzPAupe3UB3z8bGDMyAtfzp/JYfJ6ZxPX2E9IAGgi968yderEbw+Jc/rLpgw2kNDsponphTpgpZvMFRww/WWDloAZsxe9VvsBoUJKO7358+se44HDRFtLctTb10uxr6JtQUOBvbKbbnVyk1Gmx/TzeCyVGB1fFei3YAcJY0+U/Q9iJkhXDbBRvrBdG7rxoeyKIQ7qWKHW4MCVgP53hBDYqyHTosY1j87sHEVBo6USHXYz4KyiyQwBnD0ufMrJP/o14vkvpg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LSYAYNhI6xhP2PC0iREkxw5rn0RE3CAyhCo7Nll7LFM=; b=f8Ijh5HRPV6cW6nYpdY82txiu68iJ44TXq6WJ5BeKLJJCh/pr6okfRnn5OgAzluhQ5QzfrXqoSI7vD6TmIzaOydM8oHN+5T3bNaAeK2uYRS+KC+p8G2Vu5Cqi/O8SFLuYsVJ7jTkXYuI9eFqGRgNYrkTUohVuAzoHM7sKWUhniA=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0702MB3595.eurprd07.prod.outlook.com (2603:10a6:7:87::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.13; Thu, 9 Apr 2020 14:58:32 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::ec28:2c21:6d78:917a]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::ec28:2c21:6d78:917a%2]) with mapi id 15.20.2900.012; Thu, 9 Apr 2020 14:58:32 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "krose@krose.org" <krose@krose.org>, "barryleiba@computer.org" <barryleiba@computer.org>
CC: "evyncke=40cisco.com@dmarc.ietf.org" <evyncke=40cisco.com@dmarc.ietf.org>, "brian@innovationslab.net" <brian@innovationslab.net>, "philipp@tiesel.net" <philipp@tiesel.net>, Mohit Sethi M <mohit.m.sethi@ericsson.com>, "taps-chairs@ietf.org" <taps-chairs@ietf.org>, "draft-ietf-taps-transport-security@ietf.org" <draft-ietf-taps-transport-security@ietf.org>, "int-dir@ietf.org" <int-dir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "taps@ietf.org" <taps@ietf.org>, "magnus.westerlund=40ericsson.com@dmarc.ietf.org" <magnus.westerlund=40ericsson.com@dmarc.ietf.org>, "caw@heapingbits.net" <caw@heapingbits.net>
Thread-Topic: Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)
Thread-Index: AQHWDlXqWLSSULahQE2VBetBTFRtmahwtISAgAAErgCAAAIo4IAAEMUAgAAByYCAAAP7AIAADO4w
Date: Thu, 09 Apr 2020 14:58:32 +0000
Message-ID: <HE1PR0702MB377238FD1F3C743AAAD9F01D95C10@HE1PR0702MB3772.eurprd07.prod.outlook.com>
References: <158642650492.8627.16111048765603393250@ietfa.amsl.com> <33e2fe4c9f68ee3fea18ed7109f210ea9374e1d8.camel@ericsson.com> <894AC91E-8128-42F0-8E6B-1A66EF84CF43@cisco.com> <HE1PR0702MB37723EFD59A730E22EE3D8FF95C10@HE1PR0702MB3772.eurprd07.prod.outlook.com> <EA85FA19-A337-49E7-95C8-FC0D39ABA63E@cisco.com> <CALaySJLn4N13CdHhwg695_uBOm22FsX3WE_yuzQDeZP0HnB3cQ@mail.gmail.com> <CAJU8_nUy0ga6F--W6S9UK_V=WC18LrFRDtDpsk3heNdbdFsZqQ@mail.gmail.com>
In-Reply-To: <CAJU8_nUy0ga6F--W6S9UK_V=WC18LrFRDtDpsk3heNdbdFsZqQ@mail.gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=magnus.westerlund@ericsson.com;
x-originating-ip: [158.174.118.23]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 608c5a76-6dfb-4739-22df-08d7dc967896
x-ms-traffictypediagnostic: HE1PR0702MB3595:|HE1PR0702MB3595:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0702MB3595DB3A77D12D24E637451A95C10@HE1PR0702MB3595.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 0368E78B5B
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(39860400002)(366004)(136003)(346002)(376002)(396003)(86362001)(55016002)(478600001)(52536014)(66446008)(66616009)(316002)(110136005)(9686003)(76116006)(66946007)(54906003)(81166007)(66556008)(71200400001)(64756008)(6506007)(66476007)(53546011)(224303003)(99936003)(44832011)(33656002)(186003)(26005)(2906002)(5660300002)(7696005)(15650500001)(4326008)(8936002)(7416002)(81156014); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3edgvhCSNi8haeQTZgRmGXx55sfMK6L9/cuwkmJRA+euETAEa54cgToWyWxaeHhtLyJoEXpAksCw6SB4gxqn+01E9W/mpceb810qJ3NjNUu23KAODEt0s+HcrGcQ3WA7kxuxOXP236pjwOCyt8h5nrta/GWjSSMjip4Tt0SuSs9TwtItVAUHrIDZAohQl2v+KRwL/tOQb2wb5/ttzkOAV1EJYMIPnj6BAfs8Pw5AoxyR9ZITfCO71JxSzJuIWzAHGrI51omAO5V208YJ3p158BW4y1Taey0S9itzqk1Z51NIZJ5oreB9R4XaVIKkzB86kEwZTzvU71FbTqulpy1ZK8qd7CEiPLBfAqdK84gi123gkUzjyj5W6ja6L/KaweyF0WJN0sHQIRsLbFvyHqKSSQGb1sYuU8cuNt+nqJjK1HwuyHq1l5FcKt4E4/5aAR9u
x-ms-exchange-antispam-messagedata: V4GDKD3fjwG8NVStOnsOKvDaQRmvY0gB74CMqHIOQCIQYMTKTfvX2mRmKaw8eLvXr02paA0kUjZE7NpyjF6EByH2WwxCUtdXdaYhRiaUIrFvGjw7MnW2U4Eubu0PYJZ+Kw5R5UQfHrKCIfZtqJLNnQ==
Content-Type: multipart/signed; micalg="SHA1"; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_015F_01D60E90.18B7DA70"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 608c5a76-6dfb-4739-22df-08d7dc967896
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2020 14:58:32.1385 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8Mou1VuJzgrUt+64Gj1L2XspyGq9aQ//3Np3KE9IF/D5Qvf11y2aNDeyDSkkE3MVTuUZCKLLPSxI2X48LgNmSBT3NTiLjEZtlLmEK7yomWI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3595
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/oR-XdaXoS1XR2unIgpQu4PMLSJk>
Subject: Re: [Taps] Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2020 14:58:50 -0000

Hi,

 

Eric and I have discussed this and the proposal is a clarifying change to the initial statement in Section 3:

 

OLD:

 

   This section contains brief descriptions of the various security

   protocols currently used to protect data being sent over a network.

 

NEW: 

 

   This section contains brief transport and security descriptions of the various security
   protocols currently used to protect data being sent over a network.

 

The purpose of this change to clarify that these descriptions are only concerning relevant aspects of transport and security. 

 

Are the WG and authors ok with the above change? 

 

Cheers

 

Magnus

 

 

From: iesg <iesg-bounces@ietf.org> On Behalf Of Kyle Rose
Sent: den 9 april 2020 16:01
To: Barry Leiba <barryleiba@computer.org>
Cc: Eric Vyncke (evyncke) <evyncke=40cisco.com@dmarc.ietf.org>; brian@innovationslab.net; philipp@tiesel.net; Mohit Sethi M <mohit.m.sethi@ericsson.com>; taps-chairs@ietf.org; draft-ietf-taps-transport-security@ietf.org; int-dir@ietf.org; iesg@ietf.org; taps@ietf.org; Magnus Westerlund <magnus.westerlund=40ericsson.com@dmarc.ietf.org>; caw@heapingbits.net
Subject: Re: Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)

 

Agreed. This document is not an endorsement of any of the protocols mentioned, merely an analysis from a security perspective. Mentioning IPv6 here would be a non-sequitur.

 

 

On Thu, Apr 9, 2020 at 9:46 AM Barry Leiba <barryleiba@computer.org <mailto:barryleiba@computer.org> > wrote:

I have to agree with Magnus here: I think this is really a stretch.

Barry

On Thu, Apr 9, 2020 at 9:40 AM Eric Vyncke (evyncke)
<evyncke=40cisco.com@dmarc.ietf.org <mailto:40cisco.com@dmarc.ietf.org> > wrote:
>
> Magnus,
>
> While my comment is not directed to the core of the document, I believe that when one IETF document refers in the section 3, ' Transport Security Protocol Descriptions', to non-IETF protocols, then in order to avoid any 'IETF blessing' of this protocol, it should clearly state the important protocol limitations when describing this protocol.
>
> Regards
>
> -éric
>
> -----Original Message-----
> From: iesg <iesg-bounces@ietf.org <mailto:iesg-bounces@ietf.org> > on behalf of Magnus Westerlund <magnus..westerlund=40ericsson.com@dmarc.ietf.org <mailto:40ericsson.com@dmarc.ietf.org> >
> Date: Thursday, 9 April 2020 at 14:41
> To: "evyncke=40cisco.com@dmarc.ietf.org <mailto:40cisco.com@dmarc.ietf.org> " <evyncke=40cisco.com@dmarc.ietf.org <mailto:40cisco.com@dmarc.ietf.org> >, "iesg@ietf.org <mailto:iesg@ietf.org> " <iesg@ietf.org <mailto:iesg@ietf.org> >
> Cc: "brian@innovationslab.net <mailto:brian@innovationslab.net> " <brian@innovationslab.net <mailto:brian@innovationslab.net> >, "int-dir@ietf.org <mailto:int-dir@ietf.org> " <int-dir@ietf.org <mailto:int-dir@ietf.org> >, Mohit Sethi M <mohit.m.sethi@ericsson.com <mailto:mohit.m.sethi@ericsson.com> >, "taps-chairs@ietf.org <mailto:taps-chairs@ietf.org> " <taps-chairs@ietf.org <mailto:taps-chairs@ietf.org> >, "draft-ietf-taps-transport-security@ietf.org <mailto:draft-ietf-taps-transport-security@ietf.org> " <draft-ietf-taps-transport-security@ietf.org <mailto:draft-ietf-taps-transport-security@ietf.org> >, "philipp@tiesel.net <mailto:philipp@tiesel.net> " <philipp@tiesel.net <mailto:philipp@tiesel.net> >, "caw@heapingbits.net <mailto:caw@heapingbits.net> " <caw@heapingbits.net <mailto:caw@heapingbits.net> >, "taps@ietf.org <mailto:taps@ietf.org> " <taps@ietf.org <mailto:taps@ietf.org> >
> Subject: RE: Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)
>
>     >
>     > A simple mention of the lack of IPv6 in section 3 of the description would
>     > be
>     > more than enough for me.
>
>     Yes, but why do you consider that relevant for this document?
>
>     Cheers
>
>     Magnus
>
>
>
>

v2.23.0 | Report a Bug | By Email