[TLS] Last call comments for draft-santesson-tls-(ume-04,supp-00)
<Pasi.Eronen@nokia.com> Mon, 03 April 2006 10:45 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQMYW-00018g-QX; Mon, 03 Apr 2006 06:45:08 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FQMYV-00018Y-FP; Mon, 03 Apr 2006 06:45:07 -0400
Received: from mgw-ext14.nokia.com ([131.228.20.173]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FQMYV-0004E1-0a; Mon, 03 Apr 2006 06:45:07 -0400
Received: from esebh105.NOE.Nokia.com (esebh105.ntc.nokia.com [172.21.138.211]) by mgw-ext14.nokia.com (Switch-3.1.8/Switch-3.1.7) with ESMTP id k33AiUSj011563; Mon, 3 Apr 2006 13:44:32 +0300
Received: from esebh101.NOE.Nokia.com ([172.21.138.177]) by esebh105.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 3 Apr 2006 13:45:05 +0300
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by esebh101.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 3 Apr 2006 13:45:04 +0300
x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 03 Apr 2006 13:45:02 +0300
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F2402751404@esebe105.NOE.Nokia.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Last call comments for draft-santesson-tls-(ume-04,supp-00)
Thread-Index: AcZXC6k0G1x/GIYAS5STcqLB9lH1HA==
From: Pasi.Eronen@nokia.com
To: stefans@microsoft.com, iesg@ietf.org
X-OriginalArrivalTime: 03 Apr 2006 10:45:04.0676 (UTC) FILETIME=[AAB31E40:01C6570B]
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 6cca30437e2d04f45110f2ff8dc1b1d5
Cc: tls@ietf.org
Subject: [TLS] Last call comments for draft-santesson-tls-(ume-04,supp-00)
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Some additional last call comments for draft-santesson-tls-ume-04 and draft-santesson-tls-supp-00: 1) The IANA considerations sections in both documents are incomplete (missing the requests to assign new numbers), in some details correct (number ranges overlap), and unclear. Here's a proposal for better text: draft-santesson-tls-supp: This document defines a new TLS handshake message, "supplemental_data", assigned a value of TBD-BY-IANA from the TLS HandshakeType registry defined in [RFC4346]. This document establishes a new registry, to be maintained by IANA, for TLS Supplemental Data Types. Initially, the registry is empty. Values from the range 0-16385 are assigned via Standards Action [RFC2434]. Values from the range 16386-65279 are assigned via Specification Required [RFC2434]. Values from the range 65280-65535 are reserved for Private Use [RFC2434]. draft-santesson-tls-ume: This document defines a new TLS extension, "user_mapping", assigned a value of TBD-BY-IANA1 from the TLS Extension Type registry defined in [RFC4366]. This document defines a new TLS supplemental data type, "user_mapping_data", assigned a value of TBD-BY-IANA2 from the TLS Supplemental Data Type registry defined in [draft-santesson-tls-supp]. This document establish a new registry, to be maintained by IANA, for TLS User Mapping Types. Initially, the registry contains one entry: upn_domain_hint (0). Values from the range 1-63 are assigned via Standards Action [RFC2434]. Values from the range 64-223 are assigned via Specification Required [RFC2434]. Values from the range 224-255 are reserved for Private Use [RFC2434]. 2) tls-ume, Section 5: "The client SHOULD only send the UserMappingDataList in the supplemental data message if it is agreed upon in the hello message exchange" This is wrong (and violates a "MUST" in tls-supp): the user mapping data list MUST NOT be sent if it was not agreed in the ClientHello/ServerHello exchange. 3) Security considerations in both documents should explicitly point out that the information is not encrypted (and thus visible to eavesdroppers), and is sent before the peer is authenticated (unless the "double-handshake" trick is used). This may be obvious to the authors, but not to everyone reading these documents... 4) tls-ume: Would it make sense to define two UserMappingData types, one for "user@domain" and another one for just "domain", instead of combining them in one type? 5) tls-ume, Section 3: ".. contain a domain name in the "preferred name syntax," as specified by RFC 1123". RFC 1123 never even mentions the term "preferred name syntax" (it is mentioned in RFC 1034, though). 6) tls-ume: The document should contain at least an informative reference to a document describing what this Microsoft UPN is. Simply saying it's of the form "user@domain" is not very helpful. For instance, does "domain" mean it's a DNS name? (Windows uses the word "domain" also for names that don't have anything to do with DNS). Is the domain part an IDN-aware or IDN-unaware domain name slot? (Or neither?) Are some special characters (e.g., punctuation, at sign) in the "user" part forbidden, or escaped/encoded somehow specially? 7) References in tls-ume: IMHO references N7,N8,N9 seem more Informative than Normative. Reference N5 is never cited in text. RFC 1123 is cited in the text, but not included in reference list. Best regards, Pasi _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Last call comments for draft-santesson-tls-… Pasi.Eronen
- [TLS] Re: Last call comments for draft-santesson-… Russ Housley
- [TLS] RE: Last call comments for draft-santesson-… Pasi.Eronen
- [TLS] RE: Last call comments for draft-santesson-… Russ Housley