Re: [tram] [Technical Errata Reported] RFC8489 (6268)

Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 19 October 2020 08:24 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6CF53A14CD for <tram@ietfa.amsl.com>; Mon, 19 Oct 2020 01:24:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.202
X-Spam-Level:
X-Spam-Status: No, score=-0.202 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VbzQqIgg-gCN for <tram@ietfa.amsl.com>; Mon, 19 Oct 2020 01:24:24 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20073.outbound.protection.outlook.com [40.107.2.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 609843A151B for <tram@ietf.org>; Mon, 19 Oct 2020 01:24:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K6FnFCesluiH5UdqZPb/CveRTTwAGVN6SOBj8+mGqhaELnRlIuUCFIyWUdzCgR3r9nVnOPrQejjp5CR1rCiGLypt2IMHuDuL82veGjd1/xqVUkfuBnSYDeOoyYj4v4e6Wn5Oo6QY+bjyFpImDJ8LKAtd6WLlCtmQCIPnyHCEhEhA8A0CkdU9GFhzOQY2o5sWLck6mr+7D1Zps4IeSNDRq5f8EU8aCBOdvXJBE8xPwG/n32vSobv/nKuKnr3J/nyJ1Zj/90OnPJUS1Xu+dKHUHR3xAczww+/a1SQiey/ynD5r61KqktOLEMdXFHiu9WpBEs+T0W3lM2cWpg6yMyaGVg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6BG8sG67sfXteiFtUdZ8Hn2lGsBAnkoad2JGZMAd998=; b=ZV6FLna9dotRKeOfhN3kK6W1HVgzlzU7X7L/C+9dX2FdSQbWaW6miPirijw8oIG6PHYQMwTEc8OG7AfMA3yA2neOE3IHotMfEj2vT9pOQwaelDDDNG29KxvNdtpykbhmRd4HU1MwBzqKOTAutBlbvkZM4Er9lXO9L/fB7otAz7g2KEZZLqN4zzseR0qgN0TOqGJ/f1U4POooLOYcV1CoYW+hGvgJJI8Emi1ZJIL8blkVYD9bm6Vqwn/w7dLySRV51bR/yVyrUVleesk/yEesDgrQTqklFNrP6d4efO2QG345+Rn/+loRHgtdSWgV9jFqpT8x4xMEDnhHGKwv16nz9A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6BG8sG67sfXteiFtUdZ8Hn2lGsBAnkoad2JGZMAd998=; b=cBjDTOo16RxAMtv06NFEEgxoIRXdGgitZanHg/J/OV9W14wk9yzevFk99PxKxKjR8Cw9TmZ9WjvRflVbzRXfhQNvs5BIWOf46BUAXGa5ijX/FoAs69jDTYJsr2mQkWoBNohKPy8NgA7JVf+o4Rtz/i51atWtIgldQVuVI++s7js=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0702MB3628.eurprd07.prod.outlook.com (2603:10a6:7:83::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.15; Mon, 19 Oct 2020 08:24:14 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::cd13:5bbc:84b2:cc8d]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::cd13:5bbc:84b2:cc8d%6]) with mapi id 15.20.3499.015; Mon, 19 Oct 2020 08:24:14 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "petithug@acm.org" <petithug@acm.org>, "renthraysk@gmail.com" <renthraysk@gmail.com>
CC: "jdrosen@jdrosen.net" <jdrosen@jdrosen.net>, "tram@ietf.org" <tram@ietf.org>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "philip_matthews@magma.ca" <philip_matthews@magma.ca>, "rohan.ietf@gmail.com" <rohan.ietf@gmail.com>
Thread-Topic: [tram] [Technical Errata Reported] RFC8489 (6268)
Thread-Index: AQHWfuF5dRZ7aF/vA0OYP087ogZzZKlSU3kAgAAfVoCAAS6igIAJpSSAgAARDgCAAA2PgIAAAGWQgAACowCACswlAIAAGeGAgAASQACADgqBAIAALMwAgAKNPoCABN/GAIAARwUAgAAE/ACAArv4gIAIE4oAgBF2axA=
Date: Mon, 19 Oct 2020 08:24:14 +0000
Message-ID: <HE1PR0702MB37728389C3D6FC242FA42934951E0@HE1PR0702MB3772.eurprd07.prod.outlook.com>
References: <20200830152251.37CA9F4076B@rfc-editor.org> <f48eb512-5c17-20bd-dfd6-2d368e9fd4b9@petit-huguenin.org> <CABNgG1g3Tx1QroP+eo+WeQXxD2XPvf+n67pekBqRi8+QzgX8_Q@mail.gmail.com> <65838ad3-7ee9-3339-1326-8c2d212f6fa6@petit-huguenin.org> <HE1PR0702MB3772F26F7B3E91B8DC6982D695280@HE1PR0702MB3772.eurprd07.prod.outlook.com> <d0498051-d762-855d-bf74-d65a8bdf88da@petit-huguenin.org> <b3cae3bd-2b7f-d8c5-fcb4-55be9f11a3ce@petit-huguenin.org> <CABNgG1hzNyM-qqCpprXBUJ4y-X7OOMZHK72wpPL_rJ+TLXrz-g@mail.gmail.com> <4803aae689ab3839beb9f2a65762001495bc31f8.camel@ericsson.com> <4fb78f8080c69a727fb392d1c4462ffa63fe45c2.camel@ericsson.com> <CABNgG1gXeekROCX4_aHo4RYX8fZg6b967AZEPRRhxTH9PxQdGA@mail.gmail.com> <78fdd4cae92837f303b13e5d9412467fdecca870.camel@ericsson.com> <1b3ee8eb-1d0b-4991-e6c1-f65dd2d4154a@acm.org> <404d19bd2192de644dbc61c64e82605c96446450.camel@ericsson.com> <8786ffe9-d8aa-d112-05fb-b39ac92e27dd@acm.org> <917e9acb845dde2468c7201a846e70c67f527952.camel@ericsson.com> <a1d6cf11-f12c-04ce-a11c-5922668fa75c@acm.org>
In-Reply-To: <a1d6cf11-f12c-04ce-a11c-5922668fa75c@acm.org>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: acm.org; dkim=none (message not signed) header.d=none;acm.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [158.174.104.194]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0a7ca77e-f56a-4d5f-778e-08d874085d42
x-ms-traffictypediagnostic: HE1PR0702MB3628:
x-microsoft-antispam-prvs: <HE1PR0702MB36286EE9AD601236EA9469AB951E0@HE1PR0702MB3628.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hUOdE1A4r3s9z5OmnEGGZEl+KHHy/AGTT9x/9z8DTekcgTQBPN6pJJ9nvWGuVkOuQMklkc99JxWbskpBR7ylF635nppLYEd0Y2otLfm9pP4BuD+1NR+u77wmXNbhTjvWjQIFmoW81MZN9r8bGt/KwT0dycYmVTh+nLV19ZoaPKoAhv0senwnmbW44DAhc748nHbn/A3BmcKbluA6LFAduQ0nLq+5QulSDESzR2/LNbq++GPcA9iX3Y+Bu0EEZOoWqdfcZlF8XWHZAz1/HDI3/uwsIV47QFVJCmG4HNZBTE4nmIzWIKNMwpNrDHBXGgLeqjqPh6493bnRw8s733ptwno6drThFU9QGIYedGCgUARFmHqIvA5Vrb5s25g36RInoDP7otYcJnrrZ9s54xiLDg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(376002)(136003)(396003)(346002)(39860400002)(316002)(9686003)(8676002)(2906002)(99936003)(86362001)(55016002)(18074004)(5660300002)(26005)(33656002)(71200400001)(110136005)(66446008)(186003)(4326008)(52536014)(966005)(44832011)(7696005)(64756008)(83380400001)(478600001)(6506007)(8936002)(53546011)(66616009)(66476007)(66556008)(76116006)(66946007)(54906003)(45080400002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 5rhmbRnfr0UhusEqct5wR4sd0a0gHfmxZ7YIIIy6DSp+hOub83hoJwdoCWH5X7SMMG/2c/NdI1s96scxg/GwqGbMrGkpU/TvN3j0cKyOuPfBzbJuClpiCzF/rvnA6QaYr656h4eILGZGhX7uJY86MTKzLa3iJS1vx6klE0/YuZ2mlKjVgosl3IzkOM4e99ElB65cYXxBDK9rabHfkYK6F/EYBjMfc2nzGnrHj0XK/g26loYLXgUyqjKywZhd4EB6zbjcKaRqrTJO3MmWrhAdnYmWjTGvVH542K82djhen/Q+N0XczyGhebxSJHZ2rj0Shu1XPSmgcWBqgXJ+rl0T5/huPja8ZX28ZqLEXd5PJcsccSKl+FjS1H2RX1fWYK+0FNm8NVvIiBz/13sMa+B2edO8Rg+c/gIOlZVmoturPkzZhoMu1T29JNY9qrxXTR5qVJk8MVZKBxl/Xuzz70Cei4nWHp68u96ftypuAEWQ9XamT2ircNRNsWPcanxya7JkxRlzEJDVzSMgij+QJNW6Cg8zqykpblEk71Jg/mbHVtlCYSazfTmzh3qr2tovEa1PbTqvXw3g2xxsvFUAzJ1+1CYj6HdlLPO8X7q2qboSa1LVoYJiYTiLVWn+VwPMPhL/pVkjlML/dpAjld/CVWCb6g==
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0163_01D6A601.FB55F160"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0a7ca77e-f56a-4d5f-778e-08d874085d42
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Oct 2020 08:24:14.4753 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: B+AQ+MkncW679pXOfEDsfN1SHVYI1cSAlJd435O0lQjj3TwO8p5wsTLAcgp57jhgYcHclyltNYayMLKWXjIfqGYbL0eh7avUO5DgCf2vSm0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3628
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/1OXL5v3p58yiLfh0UW6k-9VL5EM>
Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2020 08:24:27 -0000

Hi Marc,

Your opinion is noted. However, I think a test vector and its description that 
do not contain all information necessary to test is flawed. And as the 
PASSWORD-ALGORITHM attribute is required when the non default algorithm is 
used, I think including it in the message was the right choice. If it hadn't 
been required, I think adding it just in the description text would have been 
sufficient.

I have edited and verified the errata. Thanks for your and Jared's work on 
this one.

Cheers

Magnus

> -----Original Message-----
> From: Marc Petit-Huguenin <petithug@acm.org>
> Sent: den 5 oktober 2020 14:00
> To: Magnus Westerlund <magnus.westerlund@ericsson.com>om>;
> renthraysk@gmail.com
> Cc: jdrosen@jdrosen.net; tram@ietf.org; martin.h.duke@gmail.com; dwing-
> ietf@fuggles.com; philip_matthews@magma.ca; rohan.ietf@gmail.com
> Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
>
> Hi Magnus,
>
> I still think that this errata misrepresents the purpose of the test-vector. 
> But
> anyway Ren Thraysk provided an updated test vector, so you have
> everything you need to update the errata.
>
> Thanks.
>
> On 9/30/20 1:45 AM, Magnus Westerlund wrote:
> > On Mon, 2020-09-28 at 07:54 -0700, Marc Petit-Huguenin wrote:
> >> On 9/28/20 7:36 AM, Magnus Westerlund wrote:
> >>> Hi,
> >>>
> >>> A question here. Is the key used in the MESSAGE-INTEGRITY-SHA256 the
> >>> MD5 derived one, or one derived using SHA256? If it is the former,
> >>> then fine the lets just add a sentence of clarification as the
> >>> option exist. But, Jared's previous comments appear to indicate the
> >>> the key for the HMAC-SHA256 used in the intergrity was derived using
> >>> SHA256. If it is the later, then I don't see any option than to
> >>> include the password algorithm attribute and its algorithm indicator
> >>> as it is a necessary component to correctly derive the key and thus
> >>> being able to verify the MESSAGE-INTEGRITY.
> >>
> >> SHA256.
> >
> > So in this case then the PASSWORD-ALGORITM attribute is required
> > unless I missinterpret the RFC. I understand that there is some work
> > in preparing the message and calculate the integrity. However, in this
> > case it is necessary information and a mandated value so can you
> > please prepare a new message with the attribute include indicating the
> correct value?
> >
> >
> > Cheers
> >
> > Magnus Westerlund
> >
>
> --
> Marc Petit-Huguenin
> Email: marc@petit-huguenin.org
> Blog: https://protect2.fireeye.com/v1/url?k=0253d662-5cf31424-025396f9-
> 86fc6812c361-cd3793f947751b4e&q=1&e=dd8e5a14-0502-4bdd-8bfa-
> 1a8054092e68&u=https%3A%2F%2Fmarc.petit-huguenin.org%2F
> Profile: https://www.linkedin.com/in/petithug