[tram] draft-ietf-tram-stunbis
Noriyuki Torii <torii0573@gmail.com> Wed, 07 March 2018 12:10 UTC
Return-Path: <torii0573@gmail.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A0AE12D86C; Wed, 7 Mar 2018 04:10:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.642
X-Spam-Level:
X-Spam-Status: No, score=-0.642 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, LOCALPART_IN_SUBJECT=1.107, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8bI62kgWULBb; Wed, 7 Mar 2018 04:10:42 -0800 (PST)
Received: from mail-ot0-x241.google.com (mail-ot0-x241.google.com [IPv6:2607:f8b0:4003:c0f::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D62E12D7FC; Wed, 7 Mar 2018 04:10:42 -0800 (PST)
Received: by mail-ot0-x241.google.com with SMTP id y11so1828988otg.0; Wed, 07 Mar 2018 04:10:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=XBIbAuNxRbd82fy2Ek+10bP1jc4JuzUT31cUQFyHCDw=; b=cdSXP1o/yMyKvhc4/7ZDiIz/HCUdL+auPSPRPQMdV477G2UCzqqLu5BjvT1QEl14N7 siNn57Wuo4arHCtGmDsbL2Q+j9X4EnMkehFzWPAhplQAbCgjkjknZ685P+refOg6s21e yq4rotDrlOGJ191/czmO5c4NQzxsRpZnWh/EQq01egIlYnBE/CkwsQDMJRfVPOAEOvo8 r5BzVzkmTz1EHDtOsiqGk+Dmgf0zRC7J68IXKeFeFkQc5epT6Ee0bPabljUWCzToD7un qMJqelC445XMJcPzX9qKU1MVVeTPvaRiGKdBfGEqyV+fUVFXyUaeycKMlviJ20o+19IA jPAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=XBIbAuNxRbd82fy2Ek+10bP1jc4JuzUT31cUQFyHCDw=; b=pkh4uAvb6UZo8BUfaSfarHPRw8t1Wp83SW67vUP1TQPApbihHtk3g55PBxdFdKv1F2 /ek7eKcaxv/cYAFxs2wDJaC36SdrFsVVqQcHKCVmG655DJLVVXqUljwvWT/DTlKshNSZ Z2xKXInf0bTffPdz1RNUei5IPK62JdFI2tMAyBU9KnkMwlHAZ+LgGXUzhHn9aUxZuxBD x/xnzy7/pUYh/fO8YnxCf0+gwasPEzUEOvdQ0nS8gN0MGlQLr0phxYHUooFRzw49Ew4k V90doTw0TGIvGLPrK5SHohwAxoj2daVHbzbdgowuO4r8eSCUBtJv7Qdrnz8oMI/rlAXy rEDQ==
X-Gm-Message-State: AElRT7FafIsoOlzrfxUpVQ+N/gJDbEMS3Hjh+wpUoY7mj4rwqJTtSxfe wblj7w6H1+m23qz5qJsHMfXTaJnrEUAopLnYj/cxFLR0
X-Google-Smtp-Source: AG47ELt5AiIg0E+Amaq0TLvJcJQEvI3QFrax8Q6g9JKt4ed14rjQrkDO/5Pxl1aZvpEUS5JvEvMTtngbN9eMxQ8Rf6E=
X-Received: by 10.157.83.201 with SMTP id i9mr15010255oth.401.1520424641318; Wed, 07 Mar 2018 04:10:41 -0800 (PST)
MIME-Version: 1.0
Received: by 10.201.12.84 with HTTP; Wed, 7 Mar 2018 04:10:40 -0800 (PST)
From: Noriyuki Torii <torii0573@gmail.com>
Date: Wed, 07 Mar 2018 21:10:40 +0900
Message-ID: <CABEjbRJjU2LVb0iDkBavpSxtw-+PowvsyDdg9hhvwX+Gi9Awzw@mail.gmail.com>
To: draft-ietf-tram-stunbis@ietf.org
Cc: tram@ietf.org
Content-Type: multipart/alternative; boundary="f403043e4f78a756a30566d172ca"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/Tt8EyxUHYk3zGFf6bLY9hwltIHM>
X-Mailman-Approved-At: Thu, 15 Mar 2018 00:41:32 -0700
Subject: [tram] draft-ietf-tram-stunbis
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 12:10:43 -0000
To whom it may concern.
I'm Noriyuki Torii. I have red the updated I-D of STUNbis-16 and found
some issues would like to be shared.
Hope this may help for improvement.
- Section 9.1.1 and 9.2.2 defines the HMAC key calculation based on some
elements such that the password, username and realm.
Sections say those elements should be proccessed using OpaqueString
profile
defined in RFC8265.
On the other hand, RFC8265 says in its "Changes from RFC 7613" that
"Removed UTF-8 as a mandatory encoding, because that is a matter
for the application."
So, the specification of applied encoding for those elements on
calculating
HMAC key is up to STUNbis document.
Please note that username and realm have the applied encoding
specification
as UTF-8 in its corresponding STUN attribute description.
(please see section 14.3 and 14.9)
But the password doesn't have such a description, therefore some care need
to be taken.
- Section 14.6 mentions to the HMAC truncation, but as far as I read, I
couldn't precisely find out the minimum byte of length of the HMAC.
From my understandings, minimum length
maybe 16 because
> The HMAC MUST NOT be truncated below a minimum size of 16 bytes.
OR
maybe 8 because
> The value (snip) MUST be a positive multiple of 4 bytes
AND
> STUN Usages may specify a minimum length longer than 4 bytes.
Here above I conceived "longer than (but not equal to) 4 bytes".
IMHO, some clarification will be preferable.
- There are some occurence such like
> a UTF-8 [RFC3629] encoded
> sequence of less than 128 characters (which can be as long as 509
> bytes when encoding them or 763 bytes when decoding them).
The sentence inside parenthesis have off-by-one error.
To be exact,
(which can be less than 509 bytes when encoding them or 763 bytes
when decoding them)
or alternatively
(which can be as long as 508 bytes when encoding them or 762 bytes
when decoding them)
- In Section 9.2.4, there are some typoes.
Unnecessary extra white space such that "PASSWORD- ALGORITHM".
- At page 40, bizzare (perhaps unintended) page break occurs.
Best regards,
Noriyuki Torii
- [tram] draft-ietf-tram-stunbis Noriyuki Torii