Re: [tram] [Technical Errata Reported] RFC7635 (5060)

Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 13 January 2021 16:07 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A9AD3A1181 for <tram@ietfa.amsl.com>; Wed, 13 Jan 2021 08:07:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.35
X-Spam-Level:
X-Spam-Status: No, score=-2.35 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0ya1DW3tFhyW for <tram@ietfa.amsl.com>; Wed, 13 Jan 2021 08:06:58 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on0619.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::619]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D9823A1180 for <tram@ietf.org>; Wed, 13 Jan 2021 08:06:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FD3K+IXcpEwuU+CNOVK9CKZpsFBrcmxrp3ZHx7wNWJFgDSJCx9zEoub6pfinKYS+wwhXE0aMIniATspTJIaEQbuvtqe6u+Q9ZbOpNz4CQcFlyl6AnZ8Z/j5uRoDEmygH8/KUXyAOf/n3h/cg8DkXE109Yy8RNDD5lYg8MtwHZB28I198quc+rlAavv1yB/VCSklD0hEs+RN9gARtK2HqlmvKb7SlnljyoinLnlRjhsvl0HVRdN0Vj34Jql5Rnt4tarZCw6PRiixiKm4sM/CTxEGWTjowOV+cMlaWUvG4mju6SRPOpIWHsUEGaHnYYG8p1EUltY+cnfq32H3/Svdbkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RsPg6F0g1rQlJojZKg5+Z/DKGGKOANuBHY0XA96eWzU=; b=eJ6df7ISdBIKPQc3yfL9oPQdQPkRqpI/gzI9vkRd12TVUxgTVsJE72trektohWiI5DN+L9Njb7BkRdVFrgzMlTn5NgSsf/09tKzIuyEp98Jgq5XnhhybreVLUTPyQHwn/SUsvA1FN5gdYMuHLuxEV6B/2QXliijCnCZHhBB2G0dFFmNTsEl1hstg3RlOukyzuAzmzW+wR4VcZXfpioDlBRpcOYAHmutRNwoE2L2vzwQdwWACGsMAphJC8R39GIerLoe8sXbgI5w2bhVvGbLPZd1iVXoiA01Op0ANluGE4jWorbb70+tcsXiUCHDxpkWMOn5tnHIQc5FfOiwd7Ww4LA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RsPg6F0g1rQlJojZKg5+Z/DKGGKOANuBHY0XA96eWzU=; b=Y7oxewiGCEI7UUAGCMyE8QP/bfMEBSBHqW1O+vTbwGOgAwIqaIOK8IDZzQyMnANbloB3qmgrEjXSGDu3tMM7R5R2A/sygQbxbafyjvkJ6jofxZI/uxFtPdoKxcgjagD+dp/zCkWm6vZmJIGdjQQJDKeWvRwOgI4UJ+a0DqAcang=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR07MB3098.eurprd07.prod.outlook.com (2603:10a6:7:38::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.9; Wed, 13 Jan 2021 16:06:41 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace%6]) with mapi id 15.20.3763.009; Wed, 13 Jan 2021 16:06:41 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "justin@uberti.name" <justin@uberti.name>
CC: "deadbeef@google.com" <deadbeef@google.com>, "tram@ietf.org" <tram@ietf.org>, "sperreault@jive.com" <sperreault@jive.com>, "tireddy@cisco.com" <tireddy@cisco.com>, "praspati@cisco.com" <praspati@cisco.com>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "rmohanr@cisco.com" <rmohanr@cisco.com>
Thread-Topic: [tram] [Technical Errata Reported] RFC7635 (5060)
Thread-Index: AQHS9i9YLmhOJmR48EWZzOd55mC6Nql9faqAgAGq94CArncmgA==
Date: Wed, 13 Jan 2021 16:06:41 +0000
Message-ID: <28a67fc2d953e7bcd7db16aefd3bb237af2f2b1a.camel@ericsson.com>
References: <20170705233508.0F530B80DD9@rfc-editor.org> <076210c82130159ac25a2663f331cf29af0cd28d.camel@ericsson.com> <CALe60zAwEdcuncKwN5b8BoeutyqPbkSP1PjuYo1-2ArLiD_GMw@mail.gmail.com>
In-Reply-To: <CALe60zAwEdcuncKwN5b8BoeutyqPbkSP1PjuYo1-2ArLiD_GMw@mail.gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: uberti.name; dkim=none (message not signed) header.d=none;uberti.name; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.80]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 93b0bd65-2c23-42a1-faad-08d8b7dd3719
x-ms-traffictypediagnostic: HE1PR07MB3098:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR07MB3098642149A510EA0656559595A90@HE1PR07MB3098.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2512;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6HtCcjVopl20iqM4Hv5Ih/lkQWjQFoT8V6JYQirKVP2bZ2ibEuD5HFnuN7tVHzd1jyd4o9aLDEXbKfMA+P4+h2x/O5A/Zg/Vp/fqArwAaKKhWA8/f93StSp9s/U1OUtMdrB86cFzf18UDSuyElp7hTvTryr2Nw1T5FZnmeErz8qpQ5NG5grrt6XmAxEMGQ9OkulB57W4U13vuqe9x+N3v+O7EufMmeXrts092e+kjZyduy00vV6x4vy90+Ycq81OLfbRJi8tcXgPGobFEiIyYRU7D5UsZW0+0QeMQvF/xi2vsUPu2Z7MKVC6j3V1ahxLEdLFZfE7mD4Y3jm8+IlDiC5ECPs4ezNAK9QeDOxzsFVHJksKoLgFaxBHYWVkYmOvWybVbolqVjTgt1RsjCfEPK1zDPQqojRhww6Ix6gs+v60Znnfn0ycxoOH/zx16ARHmzM1OZeeZBDpUSxYAF9vrIMHSu3ud+a/poYF8tuD8yaJlXweHecXnaUIlhMloNKnonsCNDl9rftxKonRQ9n4SQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(2906002)(71200400001)(4326008)(186003)(6916009)(66616009)(44832011)(53546011)(6506007)(966005)(8936002)(6486002)(36756003)(26005)(66946007)(66446008)(2616005)(83380400001)(64756008)(66476007)(66556008)(6512007)(498600001)(5660300002)(54906003)(86362001)(99936003)(76116006)(8676002)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?VksxQ0prdVduQ0g2dk9FODErdTJraDNPRE5seFBqMmhQTC9EZ3ZCSDVNNy9J?= =?utf-8?B?WEdoaFJkSDhQWmdPbkJEM0JOWTFjMnBGMDRtYUUyWGcwaFdjaE45SWZEY0RC?= =?utf-8?B?d29EQ3gwOWVVWGFQbW4yREh2QU44RlpQWHk4MWU4Q3F4QW13UW53dG55d3Fr?= =?utf-8?B?WHFwY0RHUGRMOXpGSGZzWndvSnFNandIUnA1UUtrNVNwQ01YdWdHWFdqdTRF?= =?utf-8?B?RDFvd0FzQ0lkY1BYVzJZeEovcmRMN05ReWo0K3QxZkdzVEhaU1pJQS8wTFQy?= =?utf-8?B?alMxVjh1emZja0ZjZTZFQ096ampQUjBYaUdxT1hZRi9LVHhIRzRscXEvVXZm?= =?utf-8?B?cU8zeGlGVkZ6SDVBYjhhNTZGQWJhRkVYV3ZhcHRpNCtaTmNFU3lTL0sxenJ6?= =?utf-8?B?NWhRL0VzU3N4QU9LUUVWQTNLelpnamJBY2dRNjlUcUI2WE15QklGV1UzbnZp?= =?utf-8?B?Tm5vNUtXRXpQa1pPdzFSYkZCRElNSlJMK1FjQlNMOS9jbWN4ejgrenBIVG5D?= =?utf-8?B?RCtaNWd5NTJaTXI2N2ptNEhUV0NEQUdzNDgzYXdQVGQ0d0pzY0pCaklPT3la?= =?utf-8?B?aWJieWFRbmhMdDlvdnA3NktSRFNoa25XRitQbGM3SzlocnA3N0xJRGNodGo1?= =?utf-8?B?SElJNHM3c3lFY2twSHVTL01YSXpXazVXR3JNL0tPRVBmYTU4Vzl3UWZKZ0pj?= =?utf-8?B?K01hTWVpa2swbnErY1Z5elFuSjVTdG5IU2NQRE5LN3pNK2hrakZvb0pSbnBH?= =?utf-8?B?WS9DQUNvbWx1ck8zSXVqZmFrZi82TDJnZ3lYZUtSOGVjMmFWcE9jMExsZTF1?= =?utf-8?B?SEhQdmR6b0I4UUxzODRVOFBDb0FlZFAwRTVHSU9tN2xBNFBGNVdNc2hqSHdn?= =?utf-8?B?T3lMdUFlcWd3K3I0aVc4ejR5Tzc5WEtnN2ZUUzVyYWZUNmU2dytjM2FWYk1X?= =?utf-8?B?NjgxZW5maHBwZlZYbk0wSjJnY0JsZm0xdFJydXJhZnI2T3hJRVhxUmd6MWZS?= =?utf-8?B?T0x2QTZLbmRPVVUzQ1B2aXUvQnViSkIrbU9mY2pabWRXaW5TVjd1dUF4Tm9R?= =?utf-8?B?aVBnNmJTaUQ0ZFJnbjkyRU1mNDhBTk1qQlBuRDZGQ0pib1BFbU9hVEdvUVpm?= =?utf-8?B?U3E0azNHMmVDVjZpRThQNnJZUTFWQUFBcjlPLzhTa2E4Mk9aMHI2KzRDVGZJ?= =?utf-8?B?ZUpzMjJLLzhLbDB1Mkh4TWtiT2F4bHd0dnNZMld0bGc5NUtBelVNcFZJZE9v?= =?utf-8?B?a3I5eGZ2aUExdTN2MVM4eFpNYlkwWkRKaVJIOGd3ckFlN2RTSFRBNnJIQ1pj?= =?utf-8?Q?vReiGUtnB8QErCijtfNaEfRYf/XPW6IVXs?=
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-Fz0mV2n2rWibDCSvLNk/"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 93b0bd65-2c23-42a1-faad-08d8b7dd3719
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2021 16:06:41.1450 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ADQ0Yksp1qNYkOmEZTgqvPttiBCf5Q4sGaFmjs4RLjHeFg5T631A4fWpzBAkHBziOHCGhLOES6g9izfZ5+DTrvaYTjbO8b6BvsBSmvLUfjA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3098
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/2dYWA3ndb60GPx3tSQbfW9uUyJM>
Subject: Re: [tram] [Technical Errata Reported] RFC7635 (5060)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2021 16:07:01 -0000

Hi,

Per discussion for Errata 5059 I think there is an interoperability issue here
due to the change from an implied truncation to using a longer than 160-bits
input that will produce different hashing results. 

I will also note that Appendix B is further suspect as the referenced format has
not yet been published and appears to have made no progress since 2019. 

Thus, I am leaning towards Hold for document update for this one. 

Cheers

Magnus

On Thu, 2020-09-24 at 08:51 -0700, Justin Uberti wrote:
> This looks correct to me at first glance. Will re-read in context and give a
> definitive answer.
> 
> On Wed, Sep 23, 2020 at 7:22 AM Magnus Westerlund <
> magnus.westerlund@ericsson.com> wrote:
> > Hi,
> > 
> > I would appreciate some response regarding this Errata. Should it be
> > verified,
> > held for document update, or rejected? 
> > 
> > Cheers
> > 
> > Magnus Westerlund
> > 
> > On Wed, 2017-07-05 at 16:35 -0700, RFC Errata System wrote:
> > > The following errata report has been submitted for RFC7635,
> > > "Session Traversal Utilities for NAT (STUN) Extension for Third-Party
> > > Authorization".
> > > 
> > > --------------------------------------
> > > You may review the report below and at:
> > > http://www.rfc-editor.org/errata/eid5060
> > > 
> > > --------------------------------------
> > > Type: Technical
> > > Reported by: Taylor Brandstetter <deadbeef@google.com>
> > > 
> > > Section: Appendix B
> > > 
> > > Original Text
> > > -------------
> > >    [STUN] supports hash agility and accomplishes this agility by
> > >    computing message integrity using both HMAC-SHA-1 and
> > >    HMAC-SHA-256-128.  The client signals the algorithm supported by it
> > >    to the authorization server in the 'alg' parameter defined in
> > >    [POP-KEY-DIST].  The authorization server determines the length of
> > >    the mac_key based on the HMAC algorithm conveyed by the client.  If
> > >    the client supports both HMAC-SHA-1 and HMAC-SHA-256-128, then it
> > >    signals HMAC-SHA-256-128 to the authorization server, gets a 256-bit
> > >    key from the authorization server, and calculates a 160-bit key for
> > >    HMAC-SHA-1 using SHA1 and taking the 256-bit key as input.
> > > 
> > > Corrected Text
> > > --------------
> > >    [STUN] supports hash agility and accomplishes this agility by
> > >    computing message integrity using both HMAC-SHA-1 and
> > >    HMAC-SHA-256-128.  The client signals the algorithm supported by it
> > >    to the authorization server in the 'alg' parameter defined in
> > >    [POP-KEY-DIST].  The authorization server determines the length of
> > >    the mac_key based on the HMAC algorithm conveyed by the client.  If
> > >    the client supports both HMAC-SHA-1 and HMAC-SHA-256-128, then it
> > >    signals HMAC-SHA-256-128 to the authorization server, and gets a
> > >    256-bit key from the authorization server, which can be used to
> > >    compute both the HMAC-SHA-1 and HMAC-SHA-256-128 hashes. If the
> > >    client only supports HMAC-SHA-1, the authorization server could
> > >    return a 160-bit key, as keys longer than the HMAC-SHA-1 output
> > >    size of 160-bits would not significantly increase the function's
> > >    strength.
> > > 
> > > Notes
> > > -----
> > > The SHA-1 block size is 512 bits, so a 256-bit key does not need to be
> > > shortened to compute a HMAC-SHA-1 hash.
> > > 
> > > Also added an example for "if the client only supports HMAC-SHA-1", to
> > make
> > > the hash agility logic more clear.
> > > 
> > > Instructions:
> > > -------------
> > > This erratum is currently posted as "Reported". If necessary, please
> > > use "Reply All" to discuss whether it should be verified or
> > > rejected. When a decision is reached, the verifying party  
> > > can log in to change the status and edit the report, if necessary. 
> > > 
> > > --------------------------------------
> > > RFC7635 (draft-ietf-tram-turn-third-party-authz-16)
> > > --------------------------------------
> > > Title               : Session Traversal Utilities for NAT (STUN) Extension
> > for
> > > Third-Party Authorization
> > > Publication Date    : August 2015
> > > Author(s)           : T. Reddy, P. Patil, R. Ravindranath, J. Uberti
> > > Category            : PROPOSED STANDARD
> > > Source              : TURN Revised and Modernized
> > > Area                : Transport
> > > Stream              : IETF
> > > Verifying Party     : IESG
> > > 
> > > _______________________________________________
> > > tram mailing list
> > > tram@ietf.org
> > > https://www.ietf.org/mailman/listinfo/tram