Re: [tram] [Technical Errata Reported] RFC8489 (6268)
RenThraysk <renthraysk@gmail.com> Tue, 01 September 2020 11:44 UTC
Return-Path: <renthraysk@gmail.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76E0D3A0F91 for <tram@ietfa.amsl.com>; Tue, 1 Sep 2020 04:44:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gI5qzpLbV05m for <tram@ietfa.amsl.com>; Tue, 1 Sep 2020 04:44:22 -0700 (PDT)
Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43D3D3A0F90 for <tram@ietf.org>; Tue, 1 Sep 2020 04:44:22 -0700 (PDT)
Received: by mail-wr1-x42c.google.com with SMTP id k15so1150368wrn.10 for <tram@ietf.org>; Tue, 01 Sep 2020 04:44:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HNCYbX97Fj2vW2f+8XajffEy7GZBWpOKpf6GSfPkHT0=; b=RykJjRQwOGNZDWrNvK7wBShblY4b8NKmjToDfFj8Dm7j9ycXsAuwKnxMFKzAlbkV8J LZShwRIhkn+3KRhp5Ko+P+Zek2SRBhfRezsbVCUYKfl75FFsIhg5lMSAUwo4cgAA7W2K A/C48an18aJdRCeI1xX1reASIUwpH5ImA907sxBLzY9U4lOYBjpGtqLm28zfHPO9A3As kBEWiL5MY0kAYpBOtojR6RvR6B4KbC9ES+KHPpB0pOIJXr5HOucC6f0GEj+s7GY+/qiB PEBkN/SeG3Zjmy8S9aFesxGy9h+ODuYN1aw7rrXPJFVKmFvfxnVULCVE7Lw0Xx+rHFjO ZLfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HNCYbX97Fj2vW2f+8XajffEy7GZBWpOKpf6GSfPkHT0=; b=ch4HCc88ruKEU9foFrbtE6BRLp+HW5JeWLyA9At1bCYUgyTfTcUfRq5xZFJUJf0hrr 4aCepO2YT9rrE413/vrLGuy0fjpWQl/RwpOzEAYf5kiBclXe4C9MBxIl6Iyq03YnznmS l1pe4mASqog1RUigok5gpRwEpkBaDYrZaHFshsqnivE3CZC6LkAMhAAkGBOhajU0UQWR oQvAOK1hHXIfHmmHju4DUjo11JadAMzeGSAIyXuanDO+anKPHBHLeXnbxvbd9od9BVok qZlzu0ZWw8R1H2cjmzQds1gdQ6FPI3cW6QpOF4VLRPnVIHIPARDsClIYFyjtA23eawfj RzNQ==
X-Gm-Message-State: AOAM533OZDVJANHRF9bVis8L/tiZ4m46gDfbEGmaEy0yDbibV01WbvzA 5Fw/oemF2DrQcgQjAd2exsWulRXZ/Nb9i+YylN4=
X-Google-Smtp-Source: ABdhPJyUSP4NGghwIwNh0YTJm2sfWWIzBre0BNFIPHZ0bjCaE4W66sJdFZiRSo9rKJqsLcv1T4g0tyorkxsgtHs8Gk0=
X-Received: by 2002:adf:f64f:: with SMTP id x15mr1582789wrp.180.1598960660557; Tue, 01 Sep 2020 04:44:20 -0700 (PDT)
MIME-Version: 1.0
References: <20200830152251.37CA9F4076B@rfc-editor.org> <bd82edbe82f83f7c92c6cb21924951d35132768f.camel@ericsson.com> <B09AFC19-A790-46C5-A97B-69572411A229@cisco.com> <7bbe51fd9a5a226752597825f276f6baad70add7.camel@ericsson.com>
In-Reply-To: <7bbe51fd9a5a226752597825f276f6baad70add7.camel@ericsson.com>
From: RenThraysk <renthraysk@gmail.com>
Date: Tue, 01 Sep 2020 12:44:09 +0100
Message-ID: <CABNgG1gLQFKE6fbdNdVhb87e=PEexKt1ZWxgBoC8iuGTKdgu8g@mail.gmail.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Cc: "gsalguei@cisco.com" <gsalguei@cisco.com>, "simon.perreault@logmein.com" <simon.perreault@logmein.com>, "marc@petit-huguenin.org" <marc@petit-huguenin.org>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "philip_matthews@magma.ca" <philip_matthews@magma.ca>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "jdrosen@jdrosen.net" <jdrosen@jdrosen.net>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "tram@ietf.org" <tram@ietf.org>, "rohan.ietf@gmail.com" <rohan.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000002eb40505ae3f0a15"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/TncqOmGxkzVBfI2AxbiKfD-SQeM>
X-Mailman-Approved-At: Tue, 08 Sep 2020 11:40:59 -0700
Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2020 13:17:01 -0000
Hi, I reported this errata, but also think there may be another problem, and wanted to verify. I think the Security Feature bits encoded into the test vector Nonce attribute are incorrect. In the B.1 Test Vector <https://tools.ietf.org/html/rfc8489#appendix-B> this is encoded in base64 digits as AAAC or decoded into decimal 0, 0, 0, 2. In 18.1. STUN Security Features Registry <https://tools.ietf.org/html/rfc8489#section-18.2> A STUN Security Feature set defines 24 bits as flags. IANA has created a new registry containing the STUN Security Features that are protected by the bid-down attack prevention mechanism described in Section 9.2.1. The initial STUN Security Features are: Bit 0: Password algorithms Bit 1: Username anonymity Bit 2-23: Unassigned *Bits are assigned starting from the most significant side of the bit set, so Bit 0 is the leftmost bit and Bit 23 is the rightmost bit.* If bits are counted left to right, I don't see how AAAC is correct. Cheers Jared On Tue, Sep 1, 2020 at 12:04 PM Magnus Westerlund < magnus.westerlund@ericsson.com> wrote: > Hi, > > I think it is reasonable that we do an RFC Errata for this error to > provide a > corrected test vector. > > I can edit the Errata request to have a different text. So if you authors > could > prepare and review a proposal that fixes this I will edit and approve it. > > So if you can provide the text that goes into the three parts: > > Original Text: (I assume the full message from B.1 here) > > Corrected Text: Full message with corrected message length and recomputed > Hash > value. > > Notes: If there are any additional that was already written that you like > to > remark about this error? > > Cheers > > Magnus > > On Mon, 2020-08-31 at 17:00 +0000, Gonzalo Salgueiro (gsalguei) wrote: > > Hi Magnus - > > > > Marc responded earlier so you may have missed it. Below is his response: > > > > +++++++++++ > > This errata is correct, and there is nobody to blame for that mistake > but me. > > > > Magnus, how to you want to proceed for the recomputed test vector? > > > > Thanks. > > +++++++++++ > > > > Cheers, > > > > Gonzalo > > > > > > > On Aug 31, 2020, at 11:08 AM, Magnus Westerlund < > > > magnus.westerlund@ericsson.com> wrote: > > > > > > Hi, > > > > > > Author's can you please confirm if this is correct or not? > > > > > > Cheers > > > > > > Magnus > > > > > > On Sun, 2020-08-30 at 08:22 -0700, RFC Errata System wrote: > > > > The following errata report has been submitted for RFC8489, > > > > "Session Traversal Utilities for NAT (STUN)". > > > > > > > > -------------------------------------- > > > > You may review the report below and at: > > > > > > > > > > > https://protect2.fireeye.com/v1/url?k=99260d6d-c786cf2b-99264df6-86fc6812c361-2320f3daa9544fe5&q=1&e=c28eb099-e321-4447-80c3-942509fe0974&u=https%3A%2F%2Fwww.rfc-editor.org%2Ferrata%2Feid6268 > > > > -------------------------------------- > > > > Type: Technical > > > > Reported by: Jared Williams <renthraysk@gmail.com> > > > > > > > > Section: Appendix B.1 > > > > > > > > Original Text > > > > ------------- > > > > 00 01 00 9c Request type and message length > > > > > > > > > > > > Corrected Text > > > > -------------- > > > > 00 01 00 88 Request type and message length > > > > > > > > Notes > > > > ----- > > > > The message length in the test vector (9c) is the absolute length of > the > > > > whole > > > > test vector. However from section 5. STUN Message Structure > > > > > > > > "The message length MUST contain the size of the message in bytes, > not > > > > including the 20-byte STUN header." > > > > > > > > So the message length in the header should be 20 less than absolute > length > > > > of > > > > the whole message. > > > > > > > > 0x9C - 20, 0x88. > > > > > > > > Also the MESSAGE-INTEGRITY-SHA256 HMAC-SHA256 value of the Test > Vector > > > > will > > > > need recomputing. > > > > > > > > Instructions: > > > > ------------- > > > > This erratum is currently posted as "Reported". If necessary, please > > > > use "Reply All" to discuss whether it should be verified or > > > > rejected. When a decision is reached, the verifying party > > > > can log in to change the status and edit the report, if necessary. > > > > > > > > -------------------------------------- > > > > RFC8489 (draft-ietf-tram-stunbis-21) > > > > -------------------------------------- > > > > Title : Session Traversal Utilities for NAT (STUN) > > > > Publication Date : February 2020 > > > > Author(s) : M. Petit-Huguenin, G. Salgueiro, J. Rosenberg, > D. > > > > Wing, > > > > R. Mahy, P. Matthews > > > > Category : PROPOSED STANDARD > > > > Source : TURN Revised and Modernized > > > > Area : Transport > > > > Stream : IETF > > > > Verifying Party : IESG > > > -- > > > Cheers > > > > > > Magnus Westerlund > > > > > > > > > ---------------------------------------------------------------------- > > > Networks, Ericsson Research > > > ---------------------------------------------------------------------- > > > Ericsson AB | Phone +46 10 7148287 > > > Torshamnsgatan 23 | Mobile +46 73 0949079 > > > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com > > > ---------------------------------------------------------------------- > > > > > -- > Cheers > > Magnus Westerlund > > > ---------------------------------------------------------------------- > Networks, Ericsson Research > ---------------------------------------------------------------------- > Ericsson AB | Phone +46 10 7148287 > Torshamnsgatan 23 | Mobile +46 73 0949079 > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com > ---------------------------------------------------------------------- > > >
- [tram] [Technical Errata Reported] RFC8489 (6268) RFC Errata System
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Gonzalo Salgueiro (gsalguei)
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… RenThraysk
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… RenThraysk
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Rohan Mahy
- Re: [tram] [Technical Errata Reported] RFC8489 (6… RenThraysk
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… RenThraysk
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund
- Re: [tram] [Technical Errata Reported] RFC8489 (6… RenThraysk
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Marc Petit-Huguenin
- Re: [tram] [Technical Errata Reported] RFC8489 (6… Magnus Westerlund