IETF Logo Mail Archive

Re: [Taps] I-D Action: draft-ietf-taps-transport-security-03.txt

Theresa Enghardt <theresa@inet.tu-berlin.de> Fri, 26 October 2018 09:15 UTC

Return-Path: <theresa@inet.tu-berlin.de>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFC80128CF2 for <taps@ietfa.amsl.com>; Fri, 26 Oct 2018 02:15:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IgjSdi0T464D for <taps@ietfa.amsl.com>; Fri, 26 Oct 2018 02:15:15 -0700 (PDT)
Received: from mail.net.t-labs.tu-berlin.de (mail.net.t-labs.tu-berlin.de [IPv6:2001:638:809:ff20:130:149:152:141]) by ietfa.amsl.com (Postfix) with ESMTP id 5859B1293FB for <taps@ietf.org>; Fri, 26 Oct 2018 02:15:13 -0700 (PDT)
Received: from [130.149.220.45] (esmeralda.net.t-labs.tu-berlin.de [130.149.220.45]) by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTPSA id 291D920272 for <taps@ietf.org>; Fri, 26 Oct 2018 11:15:11 +0200 (CEST)
To: taps@ietf.org
References: <154022748014.6890.5464777930050299508@ietfa.amsl.com>
From: Theresa Enghardt <theresa@inet.tu-berlin.de>
Openpgp: preference=signencrypt
Autocrypt: addr=theresa@inet.tu-berlin.de; prefer-encrypt=mutual; keydata= xsBNBE2ktqYBCAC+3mnQMUTPJEPjKD0EaURx171qWkp4M60Zk97aeG6hSDU2GJAKG/IZ9/w7 NXLZxlfmfK9+y4Fia3aHfdhtdh+hZ/nkzhNHEahpt+coChrcaM/xyLmw7QOfYw6pLEe/snPY bdeiNdg3dsM8SFbLPvzs0REiAS9aVsux7fyDFmmJ4BGqJtjSzAv+l3X508wGeKgbUxT1Ceb5 /6DT5U1cPeSSCsXghHi5pcIfwW0KU00Ug56k3gSIRZ3YlahtBXVyIGOfPMLcvxpVypNejCt3 haLfbK6zI1GFHW39ietsk12DEODM0GiOhlCEx0qL+JxmR+A/IHKkINe5aj8Tl/Ie9TfZABEB AAHNKFRoZXJlc2EgRW5naGFyZHQgPHRoZXJlc2FAc29tZXNlcnZlci5kZT7CwJgEEwEKAEIC GyMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAhkBFiEE7xG3phZ0Plgk2BDpgz007xx2oPcF AlqgJ4EFCRC919sACgkQgz007xx2oPf5lAf/VKgireR+/7Pg+sNigE+25bYRjezB5CPz0rPk YQndvFNbegCPKIXlIUbCwAuj1BW4qgBvNzq3X6lsGQ+wE30bKxnRLfjNW4PDGqbT2SsdJPOH b4KOnwaZjLGkDXaqABmkejHEg2hyi1on5JHEWFKz24qsFGosSCH3ZrOrKo9boZS5Md6+J0P/ y8gSCgS2ABYuo9VhyoDWD9hDRF1d7mvRUzACVieSxTOgwFsTCfsNmRnlZjTKjrEWhgpG1W0v 2J6xthOaE9J4TA2uWIi4t6+gvbiseXclzu2KxKrxy+xXEDD7hUb+JvvVLKkhjXwqbyx3lQoS Vy/MEw80YybnHyYFYM7ATQRNpLamAQgAz5qAZBAFqJoFLTYeKHqy149JBtI8Oh4Ywktc1ExL uZDP7KPjLKGJv5ebMHblU579BiSMgj35Bw4H7V5zzgB2DzklLG61ZAjNd6uFEdFNLtf+2/Qq jVqqZjlXfCIlNeq+2U002q1SPzLniX9xm4uHUfL3dZqgOkAWa4fB/X1WmMcXMQX+Npwv9plE JOLdd1J6/XtwsUmnJnkicDiuyb7G8v4fPDJtc0m2sQIdXSL71VIHbme5w8p8OYN41q0vqefB aMp0PnppG/K32Xa9/zW5fTKMcXxcCFZH7Ww2tpnFqZe0zhrL9UjAfQsgXurujk0OvEFhhkQo nVRXUYmLTM0EXQARAQABwsBlBBgBAgAPAhsMBQJW+lhqBQkNGAjEAAoJEIM9NO8cdqD3fK4H /2Jk05xp6eL8jTQO4kpdZtngbP4dxZ9vwgbdmKsN5Rln88Xm5HH8GXHzxU0hY2pLU0QoPzE5 B//tEbM34tYLNXSQScc8UVvfsh3Qup4OmagkAGHPs3lSLnvX17IUaDuhjJcHeDNE0h3ZmhLc XaHijcuxn2OvCVT3qpE5C6voC/IwNQSQGyPogDxfD1IpL7u3aqAmGnuIkLLCnm8DFl3wcGur w3wbVLuMV/WHXvIVgvvjf0fWCKBiyDMimVr2tPEMv/MgRU7BcuMvJx8I4fnC03Wm0BD6Wti+ 01JN0gcYBRNUHnEl/IzOo8A0lHSV5V9Hd/X5G7kkslTSK1xLZMabOCTCwHwEGAEKACYCGwwW IQTvEbemFnQ+WCTYEOmDPTTvHHag9wUCWqAnjQUJEL3X5wAKCRCDPTTvHHag99GLB/0f0E0h NezbAsWOt6PvBXxegI7nPeI3hNN4rP/ZcDQJCvs6OSpsSSWWeUa/LAk6wKyt+JwcYv55eTu1 Zd/wsybRA4DWkSADug3Kcans7rlYbiQ33eP08UD/ST6eSpa3O27DcoEClKrK0QFpqrB144bm YJZhrACOlIgjYGj6v0iCEf2aIyACxPTjg4+PdAwpJkDNMTMd6QS5hr8Bmp8XEsUTbtZ0NmkS rO9De5ogNtjHkdtP7G0sklzOkQ12JPDK8c3g/A1J9ZpzK/VMDtYzZC6yCzk5VHBokhDKm+gZ GXRhrBoceDGkuCz/HevYiqadNdOF5r5bH+JhKs8UW/isRtL/
Message-ID: <6fb7824e-b24e-1b88-f8eb-3e8005906e1b@inet.tu-berlin.de>
Date: Fri, 26 Oct 2018 11:15:11 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0
MIME-Version: 1.0
In-Reply-To: <154022748014.6890.5464777930050299508@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/Y_ffPzaCY58WTNEjDKN4gbGRQUc>
Subject: Re: [Taps] I-D Action: draft-ietf-taps-transport-security-03.txt
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2018 09:15:18 -0000

Dear TAPS,

having shepherded the minset draft, and, in the process, having seen a
lot of discussion around security, where we mostly pointed to the
security survey draft, I gave this draft another read in the current
version, with a focus on Section 5.

Thanks for the update, this document was a good read.

However, I have some comments, which I'm sharing now rather than later,
just in case there's anything which is better discussed in-person in
Bangkok.


Right now, the abstract states that this document is a survey of
security protocols. I suggest to add text saying that the document also
provides a minimal set of security features. Essentially, this document
and minset together cover the "minimum requirements of a secure
transport system".


In Section 5, the document groups security features into mandatory and
optional features, and states their transport dependency and application
dependency. Application dependency, for me, relates to whether a feature
is "functional", "optimizing", or "automatable" (in minset terminology).
For example, if there is no application dependency, the feature is
"automatable" and does not have to be exposed to the application. In
contrast, a "function" feature needs to be exposed to the application.

In Section 5.1, I am missing transport dependency and application
dependency for the mandatory transport features. For example, I would be
interested to know what is the minimum that the transport system needs
to expose to the application for public-key based authentication?

In Section 5.1, what is "unilateral responder authentication", which I
haven't found in other places in the document under this name?

In Section 5.2, "Session caching and management" has no application
dependency. However, later in Section 6.1, we do expose Session Cache
Management to the application. My interpretation is that this is just an
"optimizing" feature, which is why there is no application dependency,
but it is still useful to expose. It might help to make this explicit in
the text.

In Section 5, do we want to mention any security features related to
integrity protection?


As far as I can see, none of the protocols we survey provide any
features explicitly providing privacy. Maybe this is worth highlighting
in the Security considerations section, beyond saying that no claims of
privacy properties are made.


Finally, I would be in favor of asking for a Secdir early review to make
sure we're not missing anything in the survey.


Thank you again for this draft. I really appreciate that we're
discussing transport security features in this way.


Best,
Theresa

v2.23.0 | Report a Bug | By Email