Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana-registry-updates-04: (with COMMENT)
Sean Turner <sean@sn3rd.com> Wed, 04 April 2018 22:05 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9602E12D86C for <tls@ietfa.amsl.com>; Wed, 4 Apr 2018 15:05:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uWDTkSW0KVVM for <tls@ietfa.amsl.com>; Wed, 4 Apr 2018 15:05:20 -0700 (PDT)
Received: from mail-pl0-x230.google.com (mail-pl0-x230.google.com [IPv6:2607:f8b0:400e:c01::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D63B512D877 for <tls@ietf.org>; Wed, 4 Apr 2018 15:05:18 -0700 (PDT)
Received: by mail-pl0-x230.google.com with SMTP id v5-v6so14129916plo.4 for <tls@ietf.org>; Wed, 04 Apr 2018 15:05:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=fTqSIB/QnpLls6cFT7Xa1xq+/9SNyZTWNtAQcpZzUOU=; b=FYWb03BFGQSQo+uMuHpXUmYMaXycs8hmUgHTxlQQb54eqkh5AmiFcoZnqP6LbuJYgi 3ADHmeecpIhNCkOoPeOGiViuaVJVZk7csiu8sORBNpe9bW9u3EH8m/WG8ff2wZJfvwuV RZrAebv3LNK6IZXWIln4qh6qBrY3g62tFo9Co=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=fTqSIB/QnpLls6cFT7Xa1xq+/9SNyZTWNtAQcpZzUOU=; b=EeQqwub7CP476xuEg/KEoOHdmW7iGTVZQp8wofjbhtm0d3a5xcGZ/O08WrNy53XxgI jxeUJmFgKT3MSk1hFW3zWM3o+7OGnLkRq8HLJ33Tir83o9nMG/BFfazqoxgHKi373LhJ ASOhbtnDoJosfdp81lGAl8awqxKOWKpBnEtTNRklf9cpjwvovIkj1YbSJjgvTG2Ki7IE GAIU0lQ5kEsMHnSPNOYoyJrECSkO7PcGCk1vRkoYi1DIZflP3nHVEu8q11B6I91Z7wp/ mBEkklJIGZkGTqtI1kEa6TDVonnK88/Hh7S3pX/fHBpjQQ53LM5Hf7VEAq9TLgEZXMjT cL+g==
X-Gm-Message-State: AElRT7G622J+SNSvWsyll6IC7LbScdwqavGHyHfz60jcNQOQLdpxSW8j 74VmNsRUWV5HJWQths2R8kxmzA==
X-Google-Smtp-Source: AIpwx48gDikQTqF4CtmRDhJHrK/fVce/qFHPdunZasrMC782QXDPDKwR+W1N2QxjmKnowkMnZzN1bw==
X-Received: by 10.99.141.200 with SMTP id z191mr13011092pgd.418.1522879518290; Wed, 04 Apr 2018 15:05:18 -0700 (PDT)
Received: from [5.5.33.147] (vpn.snozzages.com. [204.42.252.17]) by smtp.gmail.com with ESMTPSA id r14sm11945321pfa.163.2018.04.04.15.05.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Apr 2018 15:05:17 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <152281496113.23972.392506465427726208.idtracker@ietfa.amsl.com>
Date: Wed, 04 Apr 2018 17:05:08 -0500
Cc: The IESG <iesg@ietf.org>, draft-ietf-tls-iana-registry-updates@ietf.org, Stephen Farrell <stephen.farrell@cs.tcd.ie>, tls-chairs@ietf.org, tls@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <E6D3C143-8121-4119-91E4-70F0D22A84CD@sn3rd.com>
References: <152281496113.23972.392506465427726208.idtracker@ietfa.amsl.com>
To: Adam Roach <adam@nostrum.com>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4d1cyV2Z0OQ_uoYj9Qh9QdXYXcc>
Subject: Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana-registry-updates-04: (with COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2018 22:05:21 -0000
On Apr 3, 2018, at 23:09, Adam Roach <adam@nostrum.com> wrote: > > Adam Roach has entered the following ballot position for > draft-ietf-tls-iana-registry-updates-04: Yes > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-tls-iana-registry-updates/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for the work everyone put in on this document. I have a handful of > comments, ranging from nits to minor issues. They appear in document order. > > --------------------------------------------------------------------------- > > Title: > > Please expand "TLS" and "DTLS" in the title. See > https://www.rfc-editor.org/materials/abbrev.expansion.txt for guidance. Sure, but I have also just sent a request off to get TLS and DTLS added as well-known abbreviations so I’m hoping to change it back during AUTH48 ;) > --------------------------------------------------------------------------- > > Abstract: > > Please include the list of updated RFCs in the abstract. See > <https://www.ietf.org/standards/ids/checklist/> §3.1.D. The current formulation > of "This document updates many (D)TLS RFCs (see updates header)" is problematic > due to the factors described in the final paragraph of RFC 7322 §4.3. See Ben’s response. > --------------------------------------------------------------------------- > > §2: > >> Instead of listing the changes and their rationale in this, >> the introductory, section each section provides rationale for the >> proposed change(s). > > There's something awkward with the commas here. Perhaps you mean: > >> Instead of listing the changes and their rationale in this, >> the introductory section, each section provides rationale for the >> proposed change(s). Yep that does read better. > --------------------------------------------------------------------------- > > §8: > > This section doesn't indicate anything about the disposition of > "token_binding," which is due to (potentially) expire in 11 months. Given that > the temporary property of this registration is due only to the previous policy > that this document is obsoleting, it seems that this document should instruct > IANA to remove the temporary status from the "token_binding" TLS ExtensionType. I think that would be terribly unfair especially since the draft defining the token_binding extension is on the 5/10 telechat ;) https://datatracker.ietf.org/doc/draft-ietf-tokbind-negotiation/ How about I just get them to add a Recommended = Yes column. > --------------------------------------------------------------------------- > > §8: > > The table that adds a "Recommended" column to the TLS ExtensionType does not > indicate values for "token_binding" or "cached_info." I suggest either adding > them, or adding text to explain their omission. Can’t believe I forgot cached_info. I’ll add a note about token_binding. I also just sent the WG a note about needing to add the Recommended “Yes” value to their IANA considerations. > --------------------------------------------------------------------------- > > §9: > >> assigned via Specification Required {{RFC8126}}. Values with the >> first byte 255 (decimal) are reserved for Private Use {{RFC8126}}. > > Nit: the "{{...}}" citation style is probably not what you intended. Ah it did that because it’s a code snipet :(. Fixed the multiple occurrences. > --------------------------------------------------------------------------- > > §13: > >> o A "Recommended" column to the TLS Exporter Label registry. The >> table that follows has been generated by marking Standards Track >> RFCs as "Yes" and all others as "No". > > No rows are marked "No." Presumably, the text above should instead say "any > values not indicated in the table below [will be/have been] marked 'No’" yeah I think it’s that the others are "to be marked” (same for the cipher suites). > --------------------------------------------------------------------------- > > §14: > >> 120 no_application_protocol Y [RFC7301] > > Every other updated table is amended to also point to this document. I presume > that omitting it from this entry is an oversight, and that it should instead be: > >> 120 no_application_protocol Y [RFC7301] [RFCthis] Yep. See the following PR to address the above changes: https://github.com/tlswg/draft-ietf-tls-iana-registry-updates/pull/71 > --------------------------------------------------------------------------- > > §17: > >> o [SHALL update/has updated] the TLS HashAlgorithm Registry to list >> values 7-223 as "Reserved" and the TLS SignatureAlgorithm registry >> to list values 4-223 as "Reserved". > > HashAlgorithm 8 is already assigned, as are SignatureAlgorithms 7 and 8. > Presumably the reserved ranges should be "7 and 9-223" and "4-6 and 9-223", > respectively. https://github.com/tlswg/draft-ietf-tls-iana-registry-updates/pull/65 > --------------------------------------------------------------------------- > > §17: > >> Despite the fact that the HashAlgorithm and SignatureAlgorithm >> registries are orphaned, it is still import to warn implementers of > > nit: "important" > >> pre-TLS1.3 implementations about the dangers of blinding implementing > > nit: “blindly" https://github.com/tlswg/draft-ietf-tls-iana-registry-updates/pull/70
- [TLS] Adam Roach's Yes on draft-ietf-tls-iana-reg… Adam Roach
- Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana… Benjamin Kaduk
- Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana… Sean Turner
- Re: [TLS] Adam Roach's Yes on draft-ietf-tls-iana… Sean Turner