[Taps] IETF last call comments on draft-ietf-taps-transport-security
Magnus Westerlund <magnus.westerlund@ericsson.com> Thu, 24 October 2019 08:06 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81FD91208D9; Thu, 24 Oct 2019 01:06:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vcePoDQdcNb7; Thu, 24 Oct 2019 01:06:22 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50085.outbound.protection.outlook.com [40.107.5.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57B06120048; Thu, 24 Oct 2019 01:06:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cKKr+adZRCD1FOyn0lkgx88LLgCYhHnQtgi2musBY29kMSSuQPllbt2tpBgg9a0kDqHwF0C7+R29/twHJcOB++bM/YE4v0tRvBqOva2HoHbP5vAYMeYBzDpmgd9t6uUwZG1R+oCmMb2kN/eV7gsSg69i1tEp3rGVAwAFMZOSBC4x0vveMYhT899NFKJg8OGW5tfqHYUakogdGgE18TkmZDRvUbJApZD80Hpu0pHCvgZufRb74dYsiy+N0OV1dxb/TJXFxCCZoDJJ9x1kcgef3HndnIEjIKtHSSVC84BD+B/GJb2P0IuU3mV+JmSUL9RTMkVXohyxBPZimN8JQM9P0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xfriAA3SSvn6dWjr5e9MnwuoQ1SbjAnRzMiHbdr5G6M=; b=nwYuU9nrATwXR6Pd2C/cqmk/QmrkQfs/PX9htlwHzsU3Wd7s8KzDfObP0gxgK26t1zBU625ueWewsDjww6dMDwYskjyqcApcN4haUJYKWJIhyKcT8tQIni+Kbj7+GzewT3UuFqnZxYsJNK7wsmie2QX0ziEF+5PCW4nmxuH4CX9MU6dLxwNTRNPCBeSfDReu65xEUUpT8Iu2jFubcY6JIRSNmBuk/2LXf8V8jFQsTQnSohWBkQg9Fk5wXhaYBhiT8L2td3WsIBR0eJoYEnxSJFT8S/ZBCHVL2VJr2U69QIJSztxhonSX6A+hI/XInZsCixuFK+mkr55f0FdgOBvs4Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xfriAA3SSvn6dWjr5e9MnwuoQ1SbjAnRzMiHbdr5G6M=; b=fa5Vfy1R4R33FnLGXvu+kXnrnAmz4BqxGV7H68sojAOeS6LGI6WgPbSk1qHS473DeEufuO5+EUVqg7ccF2axH3Ms//8HxYv5YRO50JwC66pwokG9fK8+7gcj4iF+5jemzqJroCwsowQlYHTuIw4ZATg3+6o5m8ro7gW3U5vN42o=
Received: from HE1PR0701MB2697.eurprd07.prod.outlook.com (10.168.188.16) by HE1PR0701MB2667.eurprd07.prod.outlook.com (10.168.188.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.14; Thu, 24 Oct 2019 08:06:20 +0000
Received: from HE1PR0701MB2697.eurprd07.prod.outlook.com ([fe80::1d5c:4814:3c1e:b769]) by HE1PR0701MB2697.eurprd07.prod.outlook.com ([fe80::1d5c:4814:3c1e:b769%10]) with mapi id 15.20.2387.019; Thu, 24 Oct 2019 08:06:20 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "taps@ietf.org" <taps@ietf.org>, "draft-ietf-taps-transport-security.all@ietf.org" <draft-ietf-taps-transport-security.all@ietf.org>
Thread-Topic: IETF last call comments on draft-ietf-taps-transport-security
Thread-Index: AQHVikHr1GhdQdO2WEOQmxKct/uzOA==
Date: Thu, 24 Oct 2019 08:06:19 +0000
Message-ID: <ce2ae5fafdd4a4971b65a903f8f1d2cb2b8db6d0.camel@ericsson.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=magnus.westerlund@ericsson.com;
x-originating-ip: [192.176.1.84]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6a2d5142-ae7b-4ef4-0f1e-08d758590da6
x-ms-traffictypediagnostic: HE1PR0701MB2667:
x-microsoft-antispam-prvs: <HE1PR0701MB26675C3905621374CE097A45956A0@HE1PR0701MB2667.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0200DDA8BE
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(396003)(366004)(346002)(136003)(39860400002)(199004)(189003)(2906002)(3846002)(6116002)(110136005)(102836004)(99286004)(316002)(5660300002)(118296001)(14444005)(15650500001)(256004)(2501003)(8676002)(6486002)(71200400001)(6436002)(8936002)(71190400001)(81156014)(81166006)(66616009)(486006)(86362001)(99936001)(76116006)(66556008)(476003)(305945005)(66476007)(2616005)(66066001)(186003)(478600001)(66946007)(64756008)(26005)(450100002)(36756003)(6506007)(7736002)(6512007)(66446008)(14454004)(44832011)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB2667; H:HE1PR0701MB2697.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: X3f5sWVF+bbx0v4cay0zniMGeRHFFVH8mUI63Qn8QW4m2mhimECkyJWHBP2oOhRf/NV0yS4rZkHQILo0AG03JIdFbjgU8Ke6QUkynrPQ3QS7BYdVamOCHF9WYVZN7pFDudF3oBG7qR/H0uMcpnEf4F1O+d0dkK1xap7mgAeP2BpJer9+YaTA/NSQ7n46NPo4TKPVXvdr3OJFnxvzPPMkyJmSj48m34qc8B0ihYxo+C/laZ4L+Rv8+Sse3xYQf1NNskFL6HU7trps7e/7LOiA3QaWBCle3SaUSrxJDVcMPCDpgYnALxr8dT1/EJTmq5OBzfGUFcqRrwdsoMtBM+TtKNknUvpfgZSaji4vQOFefwCXFK+M2cOaAZ7gg5jdOMbC0T8SXO2/4+DSeSvlVGUr29VqMsT0wCeQ6xIYxf3Pfa/YaGzSq91mQ2cn3+3gtCsf
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-0OWP5A69mKnpiEQoEMDj"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6a2d5142-ae7b-4ef4-0f1e-08d758590da6
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Oct 2019 08:06:19.8695 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ylcTylPzv3Dbq9vFzyS0vE3BGVqo2CyI8nCdu5Mqr2STeF4lUta3xtuYf87RuHcNTAsxuUxnQhF29CmoDcXll/eYwI/UsIDkh9L36mgsM74=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2667
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/vCuf-_vAHsrsdzIMtk3DrhaC-jY>
Subject: [Taps] IETF last call comments on draft-ietf-taps-transport-security
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Oct 2019 08:06:25 -0000
Authors and WG, Considering the IETF last call comments by Eric Rescorla and Christian Huitema I would like to see discussion on the points they bring up. I can understand that addressing this fully could be a very significant change to the document. I do see the point they are bringing up about the architectural view of how the protocols are used. I get the impression that TAPS does have a small set of viable security architectures and the choices do affect properties seen from the TAPS API level. Also there are details beyond the properties that gets affected by the layering of security and transport mechanisms and what implementation parts you have to trust for the security properties. So discussion of these aspects may be needed. So please discuss how these are addressed. Cheers Magnus Westerlund ---------------------------------------------------------------------- Networks, Ericsson Research ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Torshamnsgatan 23 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [Taps] IETF last call comments on draft-ietf-taps… Magnus Westerlund
- Re: [Taps] IETF last call comments on draft-ietf-… Philipp S. Tiesel