Re: [tram] [Technical Errata Reported] RFC8489 (6268)

Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 07 September 2020 15:53 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF6AB3A116B for <tram@ietfa.amsl.com>; Mon, 7 Sep 2020 08:53:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fY5JjpPjo4mS for <tram@ietfa.amsl.com>; Mon, 7 Sep 2020 08:53:07 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2066.outbound.protection.outlook.com [40.107.21.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 454E73A1164 for <tram@ietf.org>; Mon, 7 Sep 2020 08:53:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CzBOp6qK0Rp0FvYbT6YePFG5x8Mkh5n5wF1J/7FWG2MkJFWcKyIEShKVV/scsUq0no7MPFAZKfqI2TXKt1QqQJUnSA6q11bUzjn4H3ceL+ppWFLlDHkImPokYdL3u6M2Y4m3qqyDto7En3wU3wVQRep5ht7cR7o15Z/VvVtf5PvPRXrvOZkSQj75lRFbyUjor2KXtHEMDJ6EfMUz0miZ3JlpPF6F8N5IycsNtcW3zaIbzc7BtatvmOIkBw0uA+3Dpq7NGpu0hPWlyuicM0+eQsPAo7LoH9jyMGWmnhst66sX+ykhG34+dkfaluE/M4unv8qKjGy+ApMMopER58t6Lw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eWIOLsnmdVjiYCvh6niDLL1S4fx4uGjQLm70vOJXgk8=; b=Q5KUtpAy1uhaV93bNZ8OSLhIsDL7v9L3UeKedHMwDqP7+uwNf5DGAxQauSp+egGC2YBSFzTcQtURfquJGF11PrJYsvXQnHZ+Ib2brDfntsze7lZtF9ofKUV366Xn7vDDZIcu9gMSYevMTsmRZ6Zo96KQixO0ChqI8lf3O2Eml06yjI/wxFWYTj4wgjzRR/FDGbBhmBJWdDHzcjAl+nyP0lyKhvEOuJwJ+58JTO+luCNBqXwb97pPiyO0cy7yh88sdYCXKkzNnKkg75zWopiwrC1ZM1ZW68p1bMkGFEIzg6etI3DKHOWtjchhncRqpqlP8BwFWXSnFCpC1Wtm+0VkzQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eWIOLsnmdVjiYCvh6niDLL1S4fx4uGjQLm70vOJXgk8=; b=nWWQ8mtSqa7udRk0VCsrLk68kpjAs+Of57/+rrGfAt3+WFlSn6K6ny08yhUaLwgl9OzhrDJMFM8oYARPcNliGnJBKpooImPTBgCMI7vm/JHCRIQvctkA4X+Kh2IztIYkjk19u8vAIYTZZA3bC3p/GUBKT94m59zJx3rL5UddvnA=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0702MB3817.eurprd07.prod.outlook.com (2603:10a6:7:86::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.9; Mon, 7 Sep 2020 15:53:04 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::b56f:9a8e:3399:aaa3]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::b56f:9a8e:3399:aaa3%7]) with mapi id 15.20.3370.015; Mon, 7 Sep 2020 15:53:04 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "renthraysk@gmail.com" <renthraysk@gmail.com>, "marc@petit-huguenin.org" <marc@petit-huguenin.org>
CC: "gsalguei@cisco.com" <gsalguei@cisco.com>, "simon.perreault@logmein.com" <simon.perreault@logmein.com>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "philip_matthews@magma.ca" <philip_matthews@magma.ca>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "jdrosen@jdrosen.net" <jdrosen@jdrosen.net>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "tram@ietf.org" <tram@ietf.org>, "rohan.ietf@gmail.com" <rohan.ietf@gmail.com>
Thread-Topic: [Technical Errata Reported] RFC8489 (6268)
Thread-Index: AQHWfuF5dRZ7aF/vA0OYP087ogZzZKlSU3kAgAAfVoCAAS6igIAJpSSAgAARDgCAAAdO0A==
Date: Mon, 7 Sep 2020 15:53:03 +0000
Message-ID: <HE1PR0702MB3772B91CA985A24D22BBDC4A95280@HE1PR0702MB3772.eurprd07.prod.outlook.com>
References: <20200830152251.37CA9F4076B@rfc-editor.org> <bd82edbe82f83f7c92c6cb21924951d35132768f.camel@ericsson.com> <B09AFC19-A790-46C5-A97B-69572411A229@cisco.com> <7bbe51fd9a5a226752597825f276f6baad70add7.camel@ericsson.com> <f48eb512-5c17-20bd-dfd6-2d368e9fd4b9@petit-huguenin.org> <CABNgG1g3Tx1QroP+eo+WeQXxD2XPvf+n67pekBqRi8+QzgX8_Q@mail.gmail.com>
In-Reply-To: <CABNgG1g3Tx1QroP+eo+WeQXxD2XPvf+n67pekBqRi8+QzgX8_Q@mail.gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [158.174.116.90]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e8b15b70-538e-4108-c923-08d853461b22
x-ms-traffictypediagnostic: HE1PR0702MB3817:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0702MB3817B6ACE17A03697403A1AA95280@HE1PR0702MB3817.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2512;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: P2lnnSUJlknMykxbvJzme/c16+8tO0NvOWqAaZ7OmdjtpW5bdSFAkKMH1LlnPigiIpX+4eC4Lv7hxw3+whZtVW8fzWsfS7SX1YoiBS+IPye59ic2gU7fb4mRoN21kQdhRQQtLU3wxg6hBElDbtY9r0jsDTEHNQeA8+D3Phpzyw5Vssr7BRCcIYnj5lV+01N5kAtBcD74CibnuB3lYrCQea8UzYM6soedSH8wkJai8ilNZyrQqSSK0d13MvetNf9Yj8v/Z5RPUH/nGj7UcdXShLkwAalLvupeR3Uc0d17bZELhH0vMV6dhLmq6KJEzkIqLcgVRcVjqaP5aOzMCSkdMrwvKTghyk0dbLz9Lwqj5kOe1jZsCamX10pYMkX+RZuiAvHMnLr1ylRnX9sZSgYQqA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(39860400002)(366004)(396003)(346002)(53546011)(86362001)(6506007)(7696005)(316002)(4326008)(54906003)(110136005)(7416002)(55016002)(166002)(71200400001)(2906002)(966005)(8936002)(83380400001)(9686003)(66946007)(186003)(76116006)(44832011)(8676002)(99936003)(478600001)(45080400002)(64756008)(52536014)(66616009)(26005)(66556008)(66476007)(33656002)(66446008)(5660300002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: M+VinwSjqtyCZocGsPQIZk375NBanpKEUh9NFubhOgR1CLVe/l7dTMVHcfOzASI8oW7hC2JtuUm4rQxU7IAIJP2eM0dkTES7MkO9cb0qQLdELVAWFLBVvirxNa7ov6EIkfSkyL4hz+LH8eElsjmVzTB06gn9U2g7Uidudc67ajBDzglkD5LB34YJZR8dbIAmQX7/UhwV0bJoydHRhqyGo+m+GNI+qlijAEu0RPfregsZxWOnnkhtZLkbOr+hhT3IcTYMaWjVFmPxwLfNeRXeTyJH/xzqmfhanIHSg7otLq0ZkB/Z4WbGHlM76+bYbLWTKMo/69IbuUkcpG+X3zw2zRjyqX0ZfpamYR2/hQGs3TYMdnPSdcZQY+eWwyFPv/h2y1vli8l1q093CuUQcNiU09TsFQ8rWMqAB9gAa8lOgKFo8UTeBDUeeS9QppDzh52UCaijRgprvGEUw4Uv0U2FFfBrC0lrp4FjeUVUkEWAkoXbMVtFZ1mlRtFjOkMO7jsho+1WXRS7RB/wdTzAsA8KKVBCfyn7jW4JAjTlt6d0bdXH+oW3LVYDWrA3zz9uY9J3gFdVB/9Z8V7GNO9nWom+vwLdpiCusaY1YCAbwl+6Z55WdQnW1eiv8GUDJ43Ci1loOykmR3mGtNhRrogiZNUxcw==
Content-Type: multipart/signed; micalg=SHA1; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_0019_01D6853F.BB2200D0"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e8b15b70-538e-4108-c923-08d853461b22
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2020 15:53:04.0086 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vB4Fnj6MS+PeS+mKCfC0DGTnqYwr27iP3DkdGcIrVyROIzM1MHldkVtGrJif8Rj0a2RObec/rTD9S1hl7q1uWkOLjV1Y4KyAE9lXBP2unMk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3817
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/FSxibeSL-9RKOY-aouOQCxT8T1w>
X-Mailman-Approved-At: Tue, 08 Sep 2020 11:40:59 -0700
Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Sep 2020 15:53:10 -0000

Hi,



Jared thanks for reviewing and checking. I also like to have an answer to your 
question before proceeding.



I have updated your Errata with the full message and a slight edit in the 
notes field. Please see:



https://www.rfc-editor.org/errata/eid6268



Please check that this makes sense to you also. And when we have resolved all 
questions about the message then I can verify it.



Cheers



Magnus Westerlund





From: RenThraysk <renthraysk@gmail.com>
Sent: den 7 september 2020 17:23
To: Marc Petit-Huguenin <marc@petit-huguenin.org>
Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>om>; gsalguei@cisco.com; 
simon.perreault@logmein.com; martin.h.duke@gmail.com; 
philip_matthews@magma.ca; Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>om>; 
jdrosen@jdrosen.net; dwing-ietf@fuggles.com; tram@ietf.org; 
rohan.ietf@gmail.com
Subject: Re: [Technical Errata Reported] RFC8489 (6268)



Hi



Why has the Userhash value changed from the original test vector?



Jared



On Mon, Sep 7, 2020 at 3:21 PM Marc Petit-Huguenin <marc@petit-huguenin.org 
<mailto:marc@petit-huguenin.org> > wrote:

Hi Magnus,

Here's the corrected test-vector:

<begins>
      00 01 00 88      Request type and message length
      21 12 a4 42      Magic cookie
      78 ad 34 33   }
      c6 ad 72 c0   }  Transaction ID
      29 da 41 2e   }
      00 1e 00 20      USERHASH attribute header
      63 aa 09 fc   }
      23 81 0a 46   }
      c9 76 e9 59   }
      23 10 ee 1e   }  Userhash value (32 bytes)
      59 b7 06 e1   }
      9d e1 bd 21   }
      a9 f6 f7 40   }
      28 d5 ba 71   }
      00 15 00 29      NONCE attribute header
      6f 62 4d 61   }
      74 4a 6f 73   }
      32 41 41 41   }
      43 66 2f 2f   }
      34 39 39 6b   }  Nonce value and padding (3 bytes)
      39 35 34 64   }
      36 4f 4c 33   }
      34 6f 4c 39   }
      46 53 54 76   }
      79 36 34 73   }
      41 00 00 00   }
      00 14 00 0b      REALM attribute header
      65 78 61 6d   }
      70 6c 65 2e   }  Realm value (11 bytes) and padding (1 byte)
      6f 72 67 00   }
      00 1c 00 20      MESSAGE-INTEGRITY-SHA256 attribute header
      8e 57 3d 97   }
      75 33 21 ae   }
      47 8c b6 a2   }
      7b 8a 6b 3a   }  HMAC-SHA256 value
      89 08 9e e1   }
      5f 62 6b 38   }
      40 9f 48 ed   }
      47 a5 df 57   }
<ends>

Thanks.

On 9/1/20 4:04 AM, Magnus Westerlund wrote:
> Hi,
>
> I think it is reasonable that we do an RFC Errata for this error to provide 
> a
> corrected test vector.
>
> I can edit the Errata request to have a different text. So if you authors 
> could
> prepare and review a proposal that fixes this I will edit and approve it.
>
> So if you can provide the text that goes into the three parts:
>
> Original Text: (I assume the full message from B.1 here)
>
> Corrected Text: Full message with corrected message length and recomputed 
> Hash
> value.
>
> Notes: If there are any additional that was already written that you like to
> remark about this error?
>
> Cheers
>
> Magnus
>
> On Mon, 2020-08-31 at 17:00 +0000, Gonzalo Salgueiro (gsalguei) wrote:
>> Hi Magnus -
>>
>> Marc responded earlier so you may have missed it. Below is his response:
>>
>> +++++++++++
>> This errata is correct, and there is nobody to blame for that mistake but 
>> me.
>>
>> Magnus, how to you want to proceed for the recomputed test vector?
>>
>> Thanks.
>> +++++++++++
>>
>> Cheers,
>>
>> Gonzalo
>>
>>
>>> On Aug 31, 2020, at 11:08 AM, Magnus Westerlund <
>>> magnus.westerlund@ericsson.com <mailto:magnus.westerlund@ericsson.com> > 
>>> wrote:
>>>
>>> Hi,
>>>
>>> Author's can you please confirm if this is correct or not?
>>>
>>> Cheers
>>>
>>> Magnus
>>>
>>> On Sun, 2020-08-30 at 08:22 -0700, RFC Errata System wrote:
>>>> The following errata report has been submitted for RFC8489,
>>>> "Session Traversal Utilities for NAT (STUN)".
>>>>
>>>> --------------------------------------
>>>> You may review the report below and at:
>>>>
>>>
>>> https://protect2.fireeye.com/v1/url?k=99260d6d-c786cf2b-99264df6-86fc6812c361-2320f3daa9544fe5 
>>> <https://protect2.fireeye.com/v1/url?k=99260d6d-c786cf2b-99264df6-86fc6812c361-2320f3daa9544fe5&q=1&e=c28eb099-e321-4447-80c3-942509fe0974&u=https%3A%2F%2Fwww.rfc-editor.org%2Ferrata%2Feid6268> 
>>> &q=1&e=c28eb099-e321-4447-80c3-942509fe0974&u=https%3A%2F%2Fwww.rfc-editor.org%2Ferrata%2Feid6268
>>>> --------------------------------------
>>>> Type: Technical
>>>> Reported by: Jared Williams <renthraysk@gmail.com 
>>>> <mailto:renthraysk@gmail.com> >
>>>>
>>>> Section: Appendix B.1
>>>>
>>>> Original Text
>>>> -------------
>>>> 00 01 00 9c      Request type and message length
>>>>
>>>>
>>>> Corrected Text
>>>> --------------
>>>> 00 01 00 88      Request type and message length
>>>>
>>>> Notes
>>>> -----
>>>> The message length in the test vector (9c) is the absolute length of the
>>>> whole
>>>> test vector. However from section 5. STUN Message Structure
>>>>
>>>> "The message length MUST contain the size of the message in bytes, not
>>>>   including the 20-byte STUN header."
>>>>
>>>> So the message length in the header should be 20 less than absolute 
>>>> length
>>>> of
>>>> the whole message.
>>>>
>>>> 0x9C - 20, 0x88.
>>>>
>>>> Also the MESSAGE-INTEGRITY-SHA256 HMAC-SHA256 value of the Test Vector
>>>> will
>>>> need recomputing.
>>>>
>>>> Instructions:
>>>> -------------
>>>> This erratum is currently posted as "Reported". If necessary, please
>>>> use "Reply All" to discuss whether it should be verified or
>>>> rejected. When a decision is reached, the verifying party
>>>> can log in to change the status and edit the report, if necessary.
>>>>
>>>> --------------------------------------
>>>> RFC8489 (draft-ietf-tram-stunbis-21)
>>>> --------------------------------------
>>>> Title               : Session Traversal Utilities for NAT (STUN)
>>>> Publication Date    : February 2020
>>>> Author(s)           : M. Petit-Huguenin, G. Salgueiro, J. Rosenberg, D.
>>>> Wing,
>>>> R. Mahy, P. Matthews
>>>> Category            : PROPOSED STANDARD
>>>> Source              : TURN Revised and Modernized
>>>> Area                : Transport
>>>> Stream              : IETF
>>>> Verifying Party     : IESG
>>>  -- 
>>> Cheers
>>>
>>> Magnus Westerlund
>>>
>>>

-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org <mailto:marc@petit-huguenin.org>
Blog: https://marc.petit-huguenin.org 
<https://protect2.fireeye.com/v1/url?k=109b451b-4e3bff75-109b0580-869a14f4b08c-ba0467b0aa98f50b&q=1&e=ca515129-0cc9-4726-bca2-9dc189cbc59f&u=https%3A%2F%2Fmarc.petit-huguenin.org%2F>
Profile: https://www.linkedin.com/in/petithug