[Drip] Secdir early review of draft-ietf-drip-auth-05
Rich Salz via Datatracker <noreply@ietf.org> Tue, 22 March 2022 15:24 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: tm-rid@ietf.org
Delivered-To: tm-rid@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1])
by ietfa.amsl.com (Postfix) with ESMTP id 416693A1549;
Tue, 22 Mar 2022 08:24:06 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rich Salz via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-drip-auth.all@ietf.org, tm-rid@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.46.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <164796264611.30352.8191375984632777321@ietfa.amsl.com>
Reply-To: Rich Salz <rsalz@akamai.com>
Date: Tue, 22 Mar 2022 08:24:06 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/hKxyfU4epzozvPglpkKZW2XntNo>
Subject: [Drip] Secdir early review of draft-ietf-drip-auth-05
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>,
<mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>,
<mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2022 15:24:06 -0000
Reviewer: Rich Salz Review result: Has Issues I know nothing about DRIP. I skimmed RFC 9153 and the suggested draft. Take thesze comments with appropriate skepticism. ASTM needs to be expanded. Are "pages" basically packets? A confirmation/explanation, perhaps in the definitions section would help. The definitions points to drip-requirements draft, but then documents "aircraft"? Really? :) There are far too many one-paragraph sections. Come up with broader titles and merge things a bit; I think it will read better. I know kthis is not a trivial amount of work. Sec 3.3.1: the bit numbering is opposite of what I'm used to (i.e., 31->0, this is 0->31). This holds for all other ascii-art protocol blocks. Consider breaking up the top byte into two nibbles AH and PH Pad out AuthType into Sec 3.3.2 the constraints/requirements should be first. Sec 4.1.2.1 Put spaces between the logical parts of the bytes: 12 50098960bf8c0504200100100 0a00145aac6b00abba268b7 Is that correct? Why only the last 23? Maybe I am missing some other checksum, or don't know enough about Reed-Solomon. Sec 5, "UNIX timestamp offset by ..." you mean Unix-style timestamp but with an epoch of ... right? Is the "UA signature" defined somewhere? Same question about the signatures in Sec 6, etc. Related question, where are the algorithms for the "Message Hash" and other hashes within the doc defined? Should be a forward reference. Or worse, it's an external reference? Sec 6.3.5.1 "multiplexing" seems out of place. General comment, putting all limitations, constraints, requirements, etc., should be up front. Is Appendix A useful here? I don't see how. The sample messages in C do not seem useful, as they seem to be repeating just the packet layouts. I do not understand what the "Hex" values in C.3 mean and there seems to be no way to re-compute/verify them.
- [Drip] Secdir early review of draft-ietf-drip-aut… Rich Salz via Datatracker
- Re: [Drip] Secdir early review of draft-ietf-drip… mohamed.boucadair
- Re: [Drip] Secdir early review of draft-ietf-drip… Card, Stu
- Re: [Drip] Secdir early review of draft-ietf-drip… Salz, Rich
- Re: [Drip] Secdir early review of draft-ietf-drip… Adam Wiethuechter
- Re: [Drip] Secdir early review of draft-ietf-drip… Salz, Rich
- Re: [Drip] [secdir] Secdir early review of draft-… Donald Eastlake