IETF Logo Mail Archive

Re: [TLS] 2nd WG Last Call for draft-ietf-tls-dtls-rrc

Marco Tiloca <marco.tiloca@ri.se> Mon, 09 October 2023 12:53 UTC

Return-Path: <marco.tiloca@ri.se>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8024C15198F for <tls@ietfa.amsl.com>; Mon, 9 Oct 2023 05:53:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ri.se
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5nGKL8rJicoa for <tls@ietfa.amsl.com>; Mon, 9 Oct 2023 05:53:10 -0700 (PDT)
Received: from GVYP280CU001.outbound.protection.outlook.com (mail-swedencentralazon11012013.outbound.protection.outlook.com [52.101.82.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 933B1C151530 for <tls@ietf.org>; Mon, 9 Oct 2023 05:53:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E1lAvAFMzkKtjc77CSbW/9/Z1lruP68mtBmEqLhtkkVdrMVXdwUXduFHVWnCL2dwTpy3d62XRL5eowD5+IWjo2FeRy2rWDyyVkmlylo37dYAyBNbWvvzaC43exWrO3vTG6EHFzhcVX/GKTeMtyyOaDVrJJpITS/ZhIOuLUVQQo6BriS5JgfjkxMqFjQ2vhNd6OymvXLieRTsKLBawmS2vzqkrK3sGMqFDh+pWxT3Ky6ULIB0zDxnrZjrkdm9TUGsRr7datfH44maxY04VHYxKlwLcY2k8UUubQIcYIIxP8D+4s9nxcv2rxvLLXTbKIohZRsKY4UWTmg88VQ1SRFJIw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5AGPfjprT6liAM3nPfhT7pyRvPXtdR9Ii/dkMoiVLG4=; b=OERktXqrl5lOQ3G1TnBNQg8m+UiEYiioIQWh92goAdmp2TZzNVMLNPjpKea8P/kbht9FqbbbJBWl1Z9jd/lx/Y2TPURSVTGfvq/6tTMe6M7azdBi97Q4xvYEkPQB6F3OVbciy5s/WUYa9dO3RRz402LiZcn+2VZjQhgLh1ge0FPMNNQZ8QlWArc4QC1wtcwDLRVYeUCxwQXDe8GifyE3hUxlJRZeQQwE7fW3iG36lJga1+dtZQ502sIGq8c2w/2UjRgnownXeDXUB1HI4iOL65SC/NWMFIWtGrEo6YQMCuuJtYQFZHa8OUbygaUQH7yx194a94uU87Uq7P/lPO3Wpg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5AGPfjprT6liAM3nPfhT7pyRvPXtdR9Ii/dkMoiVLG4=; b=U5q12LHC08Hh2yesxtb7eOW79ZBxLmbS6Vl/gyRHzCPp0R1K1JHW4soW0XkARBe5hVzv5Fc/bvJpZHM+4kurykc7mMbvhItYfc3R7eCwmZNRGNWtidoRllR12Pza9CDR9/Ka2+BNs91SPlGg3O72g8QadfaUckUjSFZGjmyH+M8=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ri.se;
Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17) by GV3P280MB0228.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Mon, 9 Oct 2023 12:53:06 +0000
Received: from GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::a953:e5ef:cd6f:9655]) by GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM ([fe80::a953:e5ef:cd6f:9655%4]) with mapi id 15.20.6863.032; Mon, 9 Oct 2023 12:53:06 +0000
Message-ID: <bb78c96a-ab25-4295-a091-d2f01e94c9fa@ri.se>
Date: Mon, 09 Oct 2023 14:53:05 +0200
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Thomas Fossati <thomas.fossati@linaro.org>
Cc: Sean Turner <sean@sn3rd.com>, TLS List <tls@ietf.org>
References: <50990212-57EB-4228-A259-BB8FEA6AC364@sn3rd.com> <e72afcd5-d3bf-2d85-7cee-5f42684b9981@ri.se> <CA+1=6yeLgfDMaV0pXkSvN5JtnUtp3eiWOv6F71rdZq-z6=bMXQ@mail.gmail.com>
From: Marco Tiloca <marco.tiloca@ri.se>
Autocrypt: addr=marco.tiloca@ri.se; keydata= xsBNBFSNeRUBCAC44iazWzj/PE3TiAlBsaWna0JbdIAJFHB8PLrqthI0ZG7GnCLNR8ZhDz6Z aRDPC4FR3UcMhPgZpJIqa6Zi8yWYCqF7A7QhT7E1WdQR1G0+6xUEd0ZD+QBdf29pQadrVZAt 0G4CkUnq5H+Sm05aw2Cpv3JfsATVaemWmujnMTvZ3dFudCGNdsY6kPSVzMRyedX7ArLXyF+0 Kh1T4WUW6NHfEWltnzkcqRhn2NcZtADsxWrMBgZXkLE/dP67SnyFjWYpz7aNpxxA+mb5WBT+ NrSetJlljT0QOXrXMGh98GLfNnLAl6gJryE6MZazN5oxkJgkAep8SevFXzglj7CAsh4PABEB AAHNNk1hcmNvIFRpbG9jYSAobWFyY28udGlsb2NhQHJpLnNlKSA8bWFyY28udGlsb2NhQHJp LnNlPsLAdwQTAQgAIQUCWkAnkAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRDuJmS0 DljaQwEvCACJKPJIPGH0oGnLJY4G1I2DgNiyVKt1H4kkc/eT8Bz9OSbAxgZo3Jky382e4Dba ayWrQRFen0aLSFuzbU4BX4O/YRSaIqUO3KwUNO1iTC65OHz0XirGohPUOsc0SEMtpm+4zfYG 7G8p35MK0h9gpwgGMG0j0mZX4RDjuywC88i1VxCwMWGaZRlUrPXkC3nqDDRcPtuEGpncWhAV Qt2ZqeyITv9KCUmDntmXLPe6vEXtOfI9Z3HeqeI8OkGwXpotVobgLa/mVmFj6EALDzj7HC2u tfgxECBJddmcDInrvGgTkZtXEVbyLQuiK20lJmYnmPWN8DXaVVaQ4XP/lXUrzoEzzsBNBFSN eRUBCACWmp+k6LkY4/ey7eA7umYVc22iyVqAEXmywDYzEjewYwRcjTrH/Nx1EqwjIDuW+BBE oMLRZOHCgmjo6HRmWIutcYVCt9ieokultkor9BBoQVPiI+Tp51Op02ifkGcrEQNZi7q3fmOt hFZwZ6NJnUbA2bycaKZ8oClvDCQj6AjEydBPnS73UaEoDsqsGVjZwChfOMg5OyFm90QjpIw8 m0uDVcCzKKfxq3T/z7tyRgucIUe84EzBuuJBESEjK/hF0nR2LDh1ShD29FWrFZSNVVCVu1UY ZLAayf8oKKHHpM+whfjEYO4XsDpV4zQ15A+D15HRiHR6Adf4PDtPM1DCwggjABEBAAHCwF8E GAECAAkFAlSNeRUCGwwACgkQ7iZktA5Y2kPGEwf/WNjTy3z74vLmHycVsFXXoQ8W1+858mRy Ad0a8JYzY3xB7CVtqI3Hy894Qcw4H6G799A1OL9B1EeA8Yj3aOz0NbUyf5GW+iotr3h8+KIC OYZ34/BQaOLzdvDNmRoGHn+NeTzhF7eSeiPKi2jex+NVodhjOVGXw8EhYGkeZLvynHEboiLM 4TbyPbVR9HsdVqKGVTDxKSE3namo3kvtY6syRFIiUz5WzJfYAuqbt6m3TxDEb8sA9pzaLuhm fnJRc12H5NVZEZmE/EkJFTlkP4wnZyOSf/r2/Vd0iHauBwv57cpY6HFFMe7rvK4s7ME5zctO Ely5C6NCu1ZaNtdUuqDSPA==
In-Reply-To: <CA+1=6yeLgfDMaV0pXkSvN5JtnUtp3eiWOv6F71rdZq-z6=bMXQ@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------s9l9E8dMqsCBp1h6w6V0Uhr3"
X-ClientProxiedBy: GVX0EPF0000FA7B.SWEP280.PROD.OUTLOOK.COM (2603:10a6:144:1:0:4:0:8) To GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:37::17)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: GVYP280MB0464:EE_|GV3P280MB0228:EE_
X-MS-Office365-Filtering-Correlation-Id: 4d205676-8a45-4e30-404e-08dbc8c6ae9a
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 5Mq++waoOqmVD91d2nooRV6KztXQkCj98ux5fW5fDBO9v04g+xTf77Rs0FNcD6gZLLJAnF1daJ7oNMChNC/m89/Mfi9Vjnn2zNTQN2Lu1Jnp79g5jWbPo5xAQvCz64y+RJt0LqS6c7yUKZr9UIz/i9lKSBna38azWYCO8/81loxGE2fkR1gMKkCseZETxEQ4VFAjGA+i8kPBAYFVEwuWXa3nzJdp9+nGWRJBmqwtO/YNPmbuMcagZsk/FmrfkZIOfa/sBoGlbOOgSUqwlDj8oyQKMAff83y9dvSwpysAYGn2I+k0Yz0IrIm2oUVALk1KrJKctOv2vlIrJsMfORClfEk418ijHubVoDafvgoYYBJfVSePHPfQqDgAQp4ThAQSsknZdT2IqNB+Afc9ZAAVWntri8bmutffBgD3XJ80fjrgVFE/fN4z/FQEd3ImVpZNdbcU6I+Ll8YZs5HrWBMEg7O46Wrlbgfon47DdhZFai5PFJGqtC0GoAN9jB/OPBjxdrcQUwgNtxuZy2kqPjFDwW2Q30HR0FpYSb3kDwyvaAplISlJjN+te9FrltkWdS4IkgZYKSlCJ77Tj9hBhIqc9B80IRgwrjE+enBDdy4vqTTJb662r7y97m/jscArMdKr7F0D1gfeX4JaZfBtRoqFXw==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(346002)(366004)(39860400002)(396003)(376002)(136003)(230922051799003)(64100799003)(451199024)(186009)(1800799009)(31696002)(38100700002)(86362001)(36756003)(31686004)(6512007)(2906002)(966005)(478600001)(6486002)(45080400002)(41300700001)(44832011)(8936002)(5660300002)(4326008)(8676002)(53546011)(6506007)(33964004)(316002)(83380400001)(21480400003)(235185007)(2616005)(66946007)(66556008)(66476007)(54906003)(6916009)(26005)(166002)(43740500002)(45980500001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: bR3wxW1OZ7PpPdeTXVGS+lC+0O6iqHhaNQK803M8cr8TCapGi37cFbsTpFn2zpL2IC7Z1p07MF3QYQwg9elksnWsGIOTqalvkKgzLVOZw0tB8Y/Rq5HGk6zX9xVjaDwFtP75fBchtPkmx8PE/V5iJQUrGEw3QBvKeIGkxhLZ9ivsiLeVA7AwyNANKVED4K9hlSbaBbcrGAQLCwlpr6WSyLXO6K3OBTsQWGFypGltMZ3FKeGEbEM7Y/8sDSttJshGEJaeT41hp3V6RJNfyS8hcH6HpG6ccCMd4Iw33qSVD9mGx4IKZWOhvAk285ejyFdZlOLU4WRJEK5h8kzxGr+PGZL9bSTyJoDd4kTj/HOaAAZBH8EjYSaXxeJv4DsJMSsk9wTWHiZ8D3M3AW0w4UU4bm6oRkHVSR2vM/Awjb3tlvS4jh8g31hYq/9pddxNMfS79eaGT9oOMHTgjuvK+F4Ib6G6okdJS+0JAceIdARLcVMak7grudUdYglp+86Bh17H1x+e/TIGmS/zuuDOzuTUrrnDf2dH2JEYA/E4SweTwF8QifJ6xH3tSCy17CWxk+IUdEaIr/5pRfocoCuNS4zxtdYeypLGT4/8RlIfV6Q2mZEmihhUXu53G3otKpUYCNvy8Yjam3Dqs8i6ZaytJJQakNXPx3k8WKZNFtdW6Ls+6BSUe9nplQsAWm9s/GTKOTSiAUD8WKK/XwOHzhOxMQqlkGXrFn6Zt00NFoumSuD1Ob+p8NNBHACUpqUsnJJxbPjphCSFg+Lk2pppcld06mQR8aqdaVYPxXM6HosskOhDfwuEs4YTqVRr46SYKRAcxOu7XjiEElY/792Lgo7R9ZaPRKR4Z8KTIpjWJsUu8b7VQs7uzliIHouesPCR4+9j0p9oPe5vnWGWLMevryl14OfZgN/Zq+Q0KZf45yhOoEP6NGF7KM4g75vZi7jh+/qaOpI1B2x06rxHtq/9KxQrFGkvnbsGQDjn0M208x+LfLVPxjfwPqiUGsaHJhQk1eGHokOp549ODIViziLIcA4meNSAw/Cox+LCMRLcWJdqQzDl2CJUhHCrXOhUsdBchzhrlaiBJnwlqUyiRYLszCgmml8ivLsjG8esa2Z2HvP6VuW3AbQEh9s4xoMIa9/gtAaRefPf8fkVDn8glb0DGBHsjDTm1JJbYPVKOod+52TrOWthSn8vdZoZ6w7OgVUW0dGlXOYwA5iL0lS4fborYXBmo8fgRbaF1ftb5huUJorkfOHsfhOX5i8XcOjBePH98Isz1DQxq0Rc4HUd92hC3epCc6t1G49q++KTzdVjkP5WgO4QCPLckjp25PdQI215TkWaVc3zWjIrHXNew6gl/nHOFjsIF5PWgNFnkhWkTAsgNtbQ1fZ244haF9z5zVcBXwb5896+0mOgsD/JK1UYfGuQTZz56gkV/MbssmQq20N13hQeHSA/KNnCsgzRDm6euABC/nz5LKTNq50aNiu2owWsMQ01KpmR9IUck72nC0evrzH0N48q9u7GGB2jgPYKZ1MZPz+Kq5b54BngOlqQDswHY/Yz2eBE25JsUdYV6bUdLBVgyBj7IvWcDrf9ZRJsBQbxcHya
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: 4d205676-8a45-4e30-404e-08dbc8c6ae9a
X-MS-Exchange-CrossTenant-AuthSource: GVYP280MB0464.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2023 12:53:06.3402 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: +beuK0Dv5jQHmrMbJrsf+KwWuLU0iEtRBWnfv1kMa0VdcC8mCw6i6mODRZMWXxwOG0Kk1ACjUdd4HbcGrqRAGQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV3P280MB0228
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uimyEYq0dOGFmWCuUPbbX3ZgTp8>
Subject: Re: [TLS] 2nd WG Last Call for draft-ietf-tls-dtls-rrc
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Oct 2023 12:53:15 -0000

Hi Thomas,

On 2023-10-09 11:42, Thomas Fossati wrote:
> Hi Marco,
>
> We think we have addressed all your comments (but one, see below).
> Could you please check that the PR at [1] is good to go?

==>MT
Thank you, the PR looks good me!

(please see below about the two other points)
<==

>
> [1]https://eur05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftlswg%2Fdtls-rrc%2Fpull%2F63%2Ffiles&data=05%7C01%7Cmarco.tiloca%40ri.se%7C52b4e41e5459444c222508dbc8ac2441%7C5a9809cf0bcb413a838a09ecc40cc9e8%7C0%7C0%7C638324413891462331%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=8WOJtf7yh71vA08CvogTi0Qrlqu8W%2FcTnAfoa33RE%2Bw%3D&reserved=0
>
> The one comment we wanted to have a bit more discussion before
> deciding how to proceed is this:
>
> On Tue, 3 Oct 2023 at 15:50, Marco Tiloca
> <marco.tiloca=40ri.se@dmarc.ietf.org>  wrote:
>> [Section 7.4]
>>
>> * I think that another requirement should be that the initiator MUST NOT act on more than one valid path_response or path_drop message for each path_challenge message that it has sent.
> §7.4 currently says:  "The responder MUST send exactly one
> path_response or path_drop message for each received path_challenge."
>
> So it's not clear how a situation with multiple occurrences of
> path_drop/path_challenge could come off, if the responder obeys the
> specified MUST?
>
> Could you clarify your concern a bit more?

==>MT
Right, I was thinking of spelling out how the initiator should behave if 
the responder does not comply with the specification.

If that can be excluded altogether or a safe behavior at the responder 
is obvious/implied, then the current text is just fine.
<==

>
>> [Section 10]
>>
>> * You will need to add a new subsection that provides expert review instructions, for the Designated Experts assigned to the new subregistry defined in Section 10.3.
> Thanks: this made us realise that expert review was a bit too
> lightweight, therefore we moved to STD required.

==>MT
That makes sense.

Best,
/Marco
<==

>
> cheers, thanks!

-- 
Marco Tiloca
Ph.D., Senior Researcher

Phone: +46 (0)70 60 46 501

RISE Research Institutes of Sweden AB
Box 1263
164 29 Kista (Sweden)

Division: Digital Systems
Department: Computer Science
Unit: Cybersecurity

https://www.ri.se

v2.23.0 | Report a Bug | By Email