Re: [tram] [Technical Errata Reported] RFC7635 (5059)

Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 13 January 2021 15:43 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C9183A1162 for <tram@ietfa.amsl.com>; Wed, 13 Jan 2021 07:43:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.351
X-Spam-Level:
X-Spam-Status: No, score=-2.351 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9yHzQkKUJSmH for <tram@ietfa.amsl.com>; Wed, 13 Jan 2021 07:43:09 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80058.outbound.protection.outlook.com [40.107.8.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 764183A1160 for <tram@ietf.org>; Wed, 13 Jan 2021 07:43:09 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fqzyeYSTnVCPhxeo53rzMSc2DEQi5u8vxq2/yYWi4PyJplIJ6zVmL/vfGwbwzof1oSfUmC1C/tFMI+ACGqaQl78tk3wLRvEoq9SesVB8eySMGtWBHY3TI601ij9WmfT391UJyqe8OBbvMoViYEh7fIWerW1+8Vij3U4pAilJE8C/gzXcSczOQBeN4kNfH+CBNeIOYq50DjjlOd7tPNnI0627l6BfXMcxEXQJHoNpZpmZQW1FzKxRqQpO9h3VD3pv2bVH5lriYfXiZ7Kq78RZyHqLObzraW9WseHvCCIPEvQAQQwFSlqnen93oCZJfRQlFBrckWto3ymmb9EM58JYuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F5aDfsnI3Kf1sLrbH9LJQyhyuYGzGUzAp1UYOyYt3Ew=; b=LoEbYzgqF+tu4/ADq/hRNMhxPvdtBn2bdg6MSWhiphSTAispGQMAbnhj190HOaR0PExJOuXCNpxcXlJyYPXIiaxmwWXmVtjkpgYhxfgRCshG3NkJQqefh9CeWsOMXGaaCtUKh3eJBIMRBADh/FHWyJuL1zn8ui6uxO1N5ENwBc4s0W3CwGzFTB2OoVireT1AXZT02R3FJWo2DGHrINr30Hnr2/B+nJ69fRk+WfMyurXr3XgyvMFxG/emw8UCdZxbB3zQx7V1G5jtJSbugKph8+LDzeMhLXUwBndwI6QfJkavqBWwhl3tDlEI3Vy0XVHQkR64T+i4SQFYQx5SmGJ51Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F5aDfsnI3Kf1sLrbH9LJQyhyuYGzGUzAp1UYOyYt3Ew=; b=OPZcYGjlMmQAnVy9huS5i7fbgr5JXLGXJALI4y5zBh3w4s4cOtv+YDdGO+k34+Tl4ES2zelsWqyqHFi0TFVjQVU5B+EH2UW1/wBEo9CKCU3tgG0cUjojQlUmHT630h83zHpIDse5EJ1zJMmV6HJ/abvnByw8U6+QNLDQuup2L6A=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0702MB3706.eurprd07.prod.outlook.com (2603:10a6:7:8d::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.7; Wed, 13 Jan 2021 15:43:06 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace%6]) with mapi id 15.20.3763.009; Wed, 13 Jan 2021 15:43:05 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "justin@uberti.name" <justin@uberti.name>
CC: "deadbeef@google.com" <deadbeef@google.com>, "tram@ietf.org" <tram@ietf.org>, "sperreault@jive.com" <sperreault@jive.com>, "tireddy@cisco.com" <tireddy@cisco.com>, "praspati@cisco.com" <praspati@cisco.com>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "rmohanr@cisco.com" <rmohanr@cisco.com>
Thread-Topic: [tram] [Technical Errata Reported] RFC7635 (5059)
Thread-Index: AQHS9i9Y0HUi33cifkeKgW+G6emAKql9fXuAgAGrDICArnCqAA==
Date: Wed, 13 Jan 2021 15:43:05 +0000
Message-ID: <2e7b5e427f582c2884390b84553640a27e502a58.camel@ericsson.com>
References: <20170705232644.C7CE5B80D80@rfc-editor.org> <7d6bcb0becf3790f00cc478af9eeacdc07180e32.camel@ericsson.com> <CALe60zAorkXz-2jLt2TU=kb=oMGVGT21rJEji97z0+MTse-RTA@mail.gmail.com>
In-Reply-To: <CALe60zAorkXz-2jLt2TU=kb=oMGVGT21rJEji97z0+MTse-RTA@mail.gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: uberti.name; dkim=none (message not signed) header.d=none;uberti.name; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.80]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6f9d8548-2f5f-4642-66b7-08d8b7d9eb80
x-ms-traffictypediagnostic: HE1PR0702MB3706:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0702MB37062A4BD83BD1F6F43EA03695A90@HE1PR0702MB3706.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:962;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: pvflg63YtLOeaivDowX2cNee3Ia+RflLP74kIQV7nFD2SUshqnRrnq/aOAHj5O5g6h0KIw7WsWgOnwpMqeuLq826ACil3HADVxZ9N8Vt/HsKktBCz30gNvRZKCyyV60ED2QjZv7lrR9jslW9mm0S3m7vdGcvAT3Rp7RkRTj9tAklBEuxjYa/l7yLgwA0w9rlvQopb7erJJqZkbi1BPQMlDX8vzIpdArYTl0efJViokImmc/TSBVXdqkb1DaC2HvQs9wb8al6D7Ox/P2oB/WWz/F7DwNGaM4IypXJGhdJUWj3JCdG9PZkig/YjBQuPkWqHkUaeYJY4x67jcUASET1Z6f7zXhwCh8BfP2qzaBV7n9GseQQhCp2FXnk/nTzeoo1JbyMip5KwxafUVTWzkC8elL+cWrAcAYPWtP9yEeD4htNKqgz4IqytS9KxZqEITkcUZhptd/9wQQogHMPULrzTAsfrOT/rLG+2eVQ+r834e4A0Uh2YEGUw2nGifUj8KiUu3thqiRZ/d6J2pkA+w37Rw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(376002)(346002)(136003)(366004)(39860400002)(8676002)(66616009)(186003)(36756003)(26005)(66446008)(6486002)(66476007)(2616005)(66556008)(71200400001)(4326008)(66946007)(64756008)(8936002)(44832011)(86362001)(6916009)(6506007)(316002)(53546011)(966005)(5660300002)(2906002)(6512007)(54906003)(83380400001)(478600001)(76116006)(99936003)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?ZmlkWllmYUZIVThhc1R2M0t6RjhFMmVWdndOOU4ycGlJRXZOcHZNM1BRYlJk?= =?utf-8?B?ZHptalpwalVUL0NqSGFUM1hzZTF6UjRxaFVGVE5wbW9iVkt0T1VKc1Nna1JG?= =?utf-8?B?YWtzVzE0cUFaWTEvTU5Rai84MzZFS2llZlAxampHS0FsSVowMkF2emxydVhq?= =?utf-8?B?N3AyV1VCK2VIKzNySjdkWngvTGRSQjljZVRXbG5ITnRUdnYvKytTQ1ZGd3Rm?= =?utf-8?B?NWp6MURiRXk1Ynp5Ti9UelRmWVdyT2hwNGdWY0RBRUJndFNtOW42c1AwcjA1?= =?utf-8?B?RnEyQkVSdFlQTWhWZi9xNFIreGRSa2thSUNRc0VZWDVPUmIwRkhQbW5PR2FS?= =?utf-8?B?aktCL2FCQmt3aHRUNTVHRHdvMDFmOXFMK1p3K2c0b245RUFTN0hvV3V1K29r?= =?utf-8?B?RmlwUDlOeWdyR2J3bDUxZ0tvUER6RjJEUmc2NmNSSVNsbk1vb1RaY3R1Mk5U?= =?utf-8?B?OTRNcnVJd1o0aVk4Nk9idmFyZWYyZ1pnOS9CS3dENXJ4aVlnQjVQSzlxczl2?= =?utf-8?B?YW9tQldaNlF1ZFVoUzJMaEdkREd6ZVRIYnlzZnVybHJPL1h5T294NUdkQUtx?= =?utf-8?B?Smg1QkxWaUFQUU1meitNRk5oWEZXWjJZQ1Z2WkRxc1Flc3RaVGdERTYvTnVV?= =?utf-8?B?UEVsakk0aTZ1WnVjbURrUDhpTWZrbTBVZjBkR2IxcURQbmF2MGpIN05UZmI2?= =?utf-8?B?LzQxVk1wbUJqNEU1aWtXN1NWYTgwc21yZmNndldHNHZwUHhRNjBLcFl5eUdw?= =?utf-8?B?RkVpaXlRYUlUQ1Q0YjduQ2wzNTRNdnVXTzNCb0kvTGE4aWlISVZkMGxyNkM5?= =?utf-8?B?cmZSTFd2UE01ZzB0MnRGZTc3RmZOWVFIbVZWdnZFQUNzN3phWExhaWtpdzIy?= =?utf-8?B?R3RxRE5WdGNHeUdCNjhoUklxRGxDL2JaNDlTZVpFN0hXUWVOaFRPMU1mWG5B?= =?utf-8?B?d1dNZENqRzJtdy8vVUpTbWYzQU0ybnRBWWY5Y2YzSFJEQ2lCb1NtUCtCOUx1?= =?utf-8?B?Nks3a3NqbldBKzkxaCtzRDRwWmZWZHdGVHB1a1FJV1VKb1phdndzS2NBUm9V?= =?utf-8?B?SUdqcVh6cFRheThVbUhuaFE5eXpoVmJoT01HNUw2T1pUWUFuQlVzM1pDMEhy?= =?utf-8?B?M2FFNG1BN0EyN2pncjU2cmJLQTc5bEdKUUhNWWVpVW94TUhDUGdBU3pDV0Nm?= =?utf-8?B?SWV6TTFpaWt6dWJ1Y0pqMFd5U3Y0K3hnOEdKeElNckJGTk1Cekh0dlU2NGdG?= =?utf-8?B?em9KZnFyZUFyT2dZdXNqVnVNa2Z2dVlRL0tRbHdMV3ZFejR3RWNPNzR4dFpF?= =?utf-8?Q?DwNE8rhahCAbfLYVelis7MKpml0iVtF4a+?=
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-ZLw2sua0TSP64/Lk82Ua"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6f9d8548-2f5f-4642-66b7-08d8b7d9eb80
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2021 15:43:05.8742 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ATxy5yANrDeLib5rnggEtNfGQM4nyp7bGhyqgpN3pS7G4SxkKr1jD0hgmBmgkUKr0vD6YGMgfPTCx6rSdcmM1vx+PU3UaPNFwNzKm3+1cBI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3706
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/GwPaYs59qwGRrnJXz3qMjW1vLE8>
Subject: Re: [tram] [Technical Errata Reported] RFC7635 (5059)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2021 15:43:13 -0000

Hi,

I would like to conclude on this. Can I verify it?

Cheers

Magnus 

On Thu, 2020-09-24 at 08:50 -0700, Justin Uberti wrote:
> This looks correct to me at first glance. Will re-read in context and give a
> definitive answer.
> 
> On Wed, Sep 23, 2020 at 7:22 AM Magnus Westerlund <
> magnus.westerlund@ericsson.com> wrote:
> > Hi,
> > 
> > I would appreciate some response regarding this Errata. Should it be
> > verified,
> > held for document update, or rejected? 
> > 
> > Cheers
> > 
> > Magnus Westerlund
> > 
> > On Wed, 2017-07-05 at 16:26 -0700, RFC Errata System wrote:
> > > The following errata report has been submitted for RFC7635,
> > > "Session Traversal Utilities for NAT (STUN) Extension for Third-Party
> > > Authorization".
> > > 
> > > --------------------------------------
> > > You may review the report below and at:
> > > http://www.rfc-editor.org/errata/eid5059
> > > 
> > > --------------------------------------
> > > Type: Technical
> > > Reported by: Taylor Brandstetter <deadbeef@google.com>
> > > 
> > > Section: 6.2
> > > 
> > > Original Text
> > > -------------
> > >    key_length:  Length of the session key in octets.  The key length of
> > >       160 bits MUST be supported (i.e., only the 160-bit key is used by
> > >       HMAC-SHA-1 for message integrity of STUN messages).  The key
> > >       length facilitates the hash agility plan discussed in Section 16.3
> > >       of [RFC5389].
> > > 
> > > 
> > > Corrected Text
> > > --------------
> > >    key_length:  Length of the session key in octets.
> > > 
> > > Notes
> > > -----
> > > RFC2104 section 2 states:
> > > 
> > >    The authentication key K can be of any length up to B, the
> > >    block length of the hash function.  Applications that use keys longer
> > >    than B bytes will first hash the key using H and then use the
> > >    resultant L byte string as the actual key to HMAC.
> > > 
> > > Meaning any key length is allowed. The fact that the hash output is 20
> > bytes
> > > doesn't mean the key needs to be 20 bytes as well.
> > > 
> > > Instructions:
> > > -------------
> > > This erratum is currently posted as "Reported". If necessary, please
> > > use "Reply All" to discuss whether it should be verified or
> > > rejected. When a decision is reached, the verifying party  
> > > can log in to change the status and edit the report, if necessary. 
> > > 
> > > --------------------------------------
> > > RFC7635 (draft-ietf-tram-turn-third-party-authz-16)
> > > --------------------------------------
> > > Title               : Session Traversal Utilities for NAT (STUN) Extension
> > for
> > > Third-Party Authorization
> > > Publication Date    : August 2015
> > > Author(s)           : T. Reddy, P. Patil, R. Ravindranath, J. Uberti
> > > Category            : PROPOSED STANDARD
> > > Source              : TURN Revised and Modernized
> > > Area                : Transport
> > > Stream              : IETF
> > > Verifying Party     : IESG
> > > 
> > > _______________________________________________
> > > tram mailing list
> > > tram@ietf.org
> > > https://www.ietf.org/mailman/listinfo/tram