IETF Logo Mail Archive

Re: [tram] [Technical Errata Reported] RFC8489 (6268)

Marc Petit-Huguenin <marc@petit-huguenin.org> Mon, 14 September 2020 13:15 UTC

Return-Path: <marc@petit-huguenin.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C9753A0977 for <tram@ietfa.amsl.com>; Mon, 14 Sep 2020 06:15:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CvEMg7i02_PR for <tram@ietfa.amsl.com>; Mon, 14 Sep 2020 06:15:16 -0700 (PDT)
Received: from implementers.org (implementers.org [92.243.22.217]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B1E83A096C for <tram@ietf.org>; Mon, 14 Sep 2020 06:15:15 -0700 (PDT)
Received: from [IPv6:2601:648:8400:8e7d:9b98:d534:ce:aff5] (unknown [IPv6:2601:648:8400:8e7d:9b98:d534:ce:aff5]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id AE695AE28A; Mon, 14 Sep 2020 15:15:10 +0200 (CEST)
From: Marc Petit-Huguenin <marc@petit-huguenin.org>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, "renthraysk@gmail.com" <renthraysk@gmail.com>
Cc: "gsalguei@cisco.com" <gsalguei@cisco.com>, "simon.perreault@logmein.com" <simon.perreault@logmein.com>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "philip_matthews@magma.ca" <philip_matthews@magma.ca>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "jdrosen@jdrosen.net" <jdrosen@jdrosen.net>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "tram@ietf.org" <tram@ietf.org>, "rohan.ietf@gmail.com" <rohan.ietf@gmail.com>
References: <20200830152251.37CA9F4076B@rfc-editor.org> <bd82edbe82f83f7c92c6cb21924951d35132768f.camel@ericsson.com> <B09AFC19-A790-46C5-A97B-69572411A229@cisco.com> <7bbe51fd9a5a226752597825f276f6baad70add7.camel@ericsson.com> <f48eb512-5c17-20bd-dfd6-2d368e9fd4b9@petit-huguenin.org> <CABNgG1g3Tx1QroP+eo+WeQXxD2XPvf+n67pekBqRi8+QzgX8_Q@mail.gmail.com> <65838ad3-7ee9-3339-1326-8c2d212f6fa6@petit-huguenin.org> <HE1PR0702MB3772F26F7B3E91B8DC6982D695280@HE1PR0702MB3772.eurprd07.prod.outlook.com> <d0498051-d762-855d-bf74-d65a8bdf88da@petit-huguenin.org>
Autocrypt: addr=marc@petit-huguenin.org; prefer-encrypt=mutual; keydata= mQINBE6Mh9wBEADrUEDZChteJbQtsHwZITZExr7TAqT7pniNwhBX3nFgd+FrV3lsLKJ1rym2 52MAYpubXEJZGzMp6uCCAnROWbtmQbOm8z/jHnjxHhPqfuYCYPpAQqu8K/Sc194Rp37krMwB jz32yr7+gvWLzRgQGKIh9d2mzy8QLMETVWWQWGb6fEfpOxXo0wumN1rc/275kZwOu44JIPGg zbgwZdnEqYOUUa18K9MXeRDoWbwDISP30CvKuZDwD14lbBE3o7tBQrU9uoMhE7eFlTjbsCox qoubI2tZSuOTF8mRXjPmNrRGtf9mYkQnOB7y6qy/QxmOVMq4IRtHzOYIm/EZ6NTodcpZQHOM 2v6B6YK9uKrYrapSpJzn4f9oU7alT31Y3o2hOlxAWDQ16+Dd1MOPYsKQXOwY1/ihm4PTjiJ8 ud8yPzy7c+BSVs5wkBU6QuLNIgZHrrxdn+KxM+F/oAVtfzO7XzVoeOcXyWi3/CHL5pgoBruY enIF/RrRuplpy09pvZjmFPNfqKBYJGnqpQuqsQwO7LsFqDqfY2EuHg+KsGN1XuN+jxXc48/1 gCnKw7ALSPWEb7g25wD6KfiZTAcyRTG8LePNFQKhw61LbIWmkw9EaVLyXvwPTc1iCSc0dDT/ pcT/z+8xrWOyWGZNZAjR584NlDpKollbItcxYtFcYZkvTCmOVwARAQABtC1NYXJjIFBldGl0 LUh1Z3VlbmluIDxtYXJjQHBldGl0LWh1Z3VlbmluLm9yZz6JAjsEEwEIACUCGyMGCwkIBwMC BhUIAgkKCwQWAgMBAh4BAheAAhkBBQJX8tdbAAoJECnERZXWan7EiNkQAIbS72cyalFjxQ1l vEW9S8NjjwIMbb5+NC2XqDakAmZq+Aav/Yfk8aEc+eAWBboVC3NBBjYojMRXK1XEnD7xPQ1X rWd23TDibKajy/2fo/MS9/s6uPFOAINi1ykOMq8ShxMHcIPC/dvVt59a7DV1KPGlnUheNR7N 4rIbkL5KndatD38yTGkyKsFvVKTHJn3y5zqHTGP0BjE1rxsGEBn4h+EzxVCIMVFQUeMVPKPV dlQY9fxdicSGPK2WKo1KL3CVpnYTuNCAVIGA9DPTXPPKvEte+/+xv10I03pj4w87iMUZt7Ca FTO55Gsf8hZvmpuB224yzrAbquA450EUVcQ7KAPcHrph5KAu0d3nwrjrUDn/RWWbyRiVrPtf hmnAAhkSv7oOxzyMdLvqt7XKGKbABhrl1ZRF8QbquOkyu8n3Bz2Osgw7JyFn9N6svlFPmpML UTEi64NewvN6zszKs/zBS6bn7na75gxHNvjSZpSF6uSLYgmKbyG8vkY/i0s0e0njjOHcpNx1 0mNZ+wOoCgHtSCZFyv14ncioJTiSjtZCs+srW9PFlbOg73C1Op42xV5Y+dh/mCC+rweKtB3t yTAy52v8vPG0VjsLS52x6yUsoDjYV33AmTEaWmGzN5t8BX/qh7pgNIEd9TEwrR3B4LjqMmUk XXWSJG5IM8Zr2OE/t2vyuQINBE6Mh9wBEAC/i4Lh4XEgwi/yHr3XLx/+f38ztn5rrk8XRsK2 WUpu5evxw9iK2oelqWtS71XkW57EavJOjvP4t8FWqRKED5jWN741n12iW/EeLx3KoHMcPTfY 4WWvprxiZPfnCIpQ8j8x0QQSA+Hf96BSkAkOGNkiJDuus5z4XwTktn9gFOwLVx4VRMo+lrCy um6BDHI+4/sOWnrNp2WptI4YKM/uA0HpuLpPKLra0ZW6Bp2TewNpAjbst/VHjqewab0PeSCn CQiHkqIibdgOATT0K6KoVtMxp/WPRSfVImfWCHjT2G7HFMcb6w/jlPSb+u4VtL9yn76CCg8F SqTtzFuqPtbXkhrdSgks/grxiQryMXwpO0uSuUgZ3u2TSs+65Bl2CM5cq+2aBIER5qhpnCv7 B00uHuoNqUEK0VEpLKcqi2ZeVM5oO8iOaBgS9Gh082HQ5JDijEV2J5e4rwXjbRnJ4hqpTjSy caW8HnPI+4S0aqVxbnqW7T6l/xnn7ivK3aPqaRKqUSedHCU3oHIU31n0o5+f5htQeDs/Tpzn ARHkyzu9vZ9CvQXk8daZorA+j/38q6mWU6Mw8FRIu1qPQDmqljobk3vC9BZRSJOn3P8jNMM7 w1j+7Da3rxGBylfa3fmHPyY7dvdyeLmsq7egzTJkpAMN55Qat7iuXeeCdBQLAFHLBP1tvwAR AQABiQIfBBgBCAAJAhsMBQJX8tdcAAoJECnERZXWan7EkMgP/isd3lrSsm/8t+U44LY0/x67 cPmiKa9biveywJZ9Y+Zu/pUP44dP670mY7PmEDGC6lRiPKGmhf7vqq6JJFOqX64VWePQ9QZp kkzAUmIJwQ2Kmcmfrs0J5w2Lf5qaNji25fQYbon0eUFy6eN3BNRSIcg0+OsH7HubTWfpZeJu B7V7k8OFt2+HDx7aNdNutDJIu4V25AzGfonARQzJK62cmB0pwYXpcyDO152OwP12XbpXxXA1 xHGYQBRL98pSbMU5xsMw8j9VQHQRS94aT9Qqnz9SrYuISnMV2WGyIE0rAY3GGz3IcN5LVE1N vSP51ih+YJg/qsBYs8obbfEIZelOuznWf120RgV7P+7ZWCSBohmchuyELQzl9D7FXfulkXA3 RapKQcGJMVPIHYgnlvmE0OXfJl1z09nYRQHitoQhWtviHWl7x/KL42aUzHirLR61iVA2kqkO BhU+u+g2w8qrZj+lJfXIxlbVyLOuBVqkfcK28AR9RriB4Q5hvbDeQJMgfZsV2hBt7huBOqkH nnbSCguqfnmwLGkxoM7RVjCQwvC1M57uwdKMlsTVaBP0RreZnrDngLamK+ibXYe7p8pPAWD9 cuHvkkjML7cIfuvbScDYRmGzia3V9+LVzQCm+q/6xUY1SZvrDz7OaJOy3Xb1d+aPhYaNC0TQ 7IqA1dx8rZYQ
Message-ID: <b3cae3bd-2b7f-d8c5-fcb4-55be9f11a3ce@petit-huguenin.org>
Date: Mon, 14 Sep 2020 06:15:08 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <d0498051-d762-855d-bf74-d65a8bdf88da@petit-huguenin.org>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/acJLerFCIKwCKcsUJshyGnbADWk>
X-Mailman-Approved-At: Mon, 14 Sep 2020 06:18:55 -0700
Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Sep 2020 13:15:19 -0000

After looking at the emails exchanged at that time, the reason the userhash was different was because we tentatively changed the username during AUTH48, then decided to use the original one, but my code got stuck with the new username.  I updated the code and the test-vector is now:

      00 01 00 88      Request type and message length
      21 12 a4 42      Magic cookie
      78 ad 34 33   }
      c6 ad 72 c0   }  Transaction ID
      29 da 41 2e   }
      00 1e 00 20      USERHASH attribute header
      4a 3c f3 8f   }
      ef 69 92 bd   }
      a9 52 c6 78   }
      04 17 da 0f   }  Userhash value (32 bytes)
      24 81 94 15   }
      56 9e 60 b2   }
      05 c4 6e 41   }
      40 7f 17 04   }
      00 15 00 29      NONCE attribute header
      6f 62 4d 61   }
      74 4a 6f 73   }
      32 41 41 41   }
      43 66 2f 2f   }
      34 39 39 6b   }  Nonce value and padding (3 bytes)
      39 35 34 64   }
      36 4f 4c 33   }
      34 6f 4c 39   }
      46 53 54 76   }
      79 36 34 73   }
      41 00 00 00   }
      00 14 00 0b      REALM attribute header
      65 78 61 6d   }
      70 6c 65 2e   }  Realm value (11 bytes) and padding (1 byte)
      6f 72 67 00   }
      00 1c 00 20      MESSAGE-INTEGRITY-SHA256 attribute header
      23 41 12 fb   }
      d4 e2 7f 98   }
      3e b4 03 28   }
      36 f9 98 21   }  HMAC-SHA256 value
      6f 5b 23 f8   }
      d9 27 75 3f   }
      bc 4f 88 2b   }
      fb df 0d ec   }


I think that the note in the errata is fine (after updating the test-vector).

Let's open a separate errata for the other issue.

Thanks.


On 9/7/20 9:21 AM, Marc Petit-Huguenin wrote:
> Yes, I will provide text.
> 
> On 9/7/20 9:13 AM, Magnus Westerlund wrote:
>> Hi,
>>
>> I will hold, but please consider if you directly have any text proposal for 
>> the note part of the errata to explain the changes that are in there and if we 
>> need to change the text above the message itself to clarify thingS?
>>
>> Cheers
>>
>> Magnus
>>
>>> -----Original Message-----
>>> From: Marc Petit-Huguenin <marc@petit-huguenin.org>
>>> Sent: den 7 september 2020 18:11
>>> To: RenThraysk <renthraysk@gmail.com>
>>> Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>;
>>> gsalguei@cisco.com; simon.perreault@logmein.com;
>>> martin.h.duke@gmail.com; philip_matthews@magma.ca; Gonzalo Camarillo
>>> <gonzalo.camarillo@ericsson.com>; jdrosen@jdrosen.net; dwing-
>>> ietf@fuggles.com; tram@ietf.org; rohan.ietf@gmail.com
>>> Subject: Re: [Technical Errata Reported] RFC8489 (6268)
>>>
>>> That's a good question.  We changed the username after we discovered that
>>> the one I used previously was in fact invalid with the new PRECIS rules, but 
>>> I
>>> am not sure why the one in the RFC is different.  I'll have to look into my
>>> archives to find exactly what is what, but that will have to wait until next
>>> Monday morning.
>>>
>>> Meanwhile, Magnus, please hold on the errata modification.
>>>
>>> Thanks.
>>>
>>>
>>> On 9/7/20 8:22 AM, RenThraysk wrote:
>>>> Hi
>>>>
>>>> Why has the Userhash value changed from the original test vector?
>>>>
>>>> Jared
>>>>
>>>> On Mon, Sep 7, 2020 at 3:21 PM Marc Petit-Huguenin
>>>> <marc@petit-huguenin.org>
>>>> wrote:
>>>>
>>>>> Hi Magnus,
>>>>>
>>>>> Here's the corrected test-vector:
>>>>>
>>>>> <begins>
>>>>>       00 01 00 88      Request type and message length
>>>>>       21 12 a4 42      Magic cookie
>>>>>       78 ad 34 33   }
>>>>>       c6 ad 72 c0   }  Transaction ID
>>>>>       29 da 41 2e   }
>>>>>       00 1e 00 20      USERHASH attribute header
>>>>>       63 aa 09 fc   }
>>>>>       23 81 0a 46   }
>>>>>       c9 76 e9 59   }
>>>>>       23 10 ee 1e   }  Userhash value (32 bytes)
>>>>>       59 b7 06 e1   }
>>>>>       9d e1 bd 21   }
>>>>>       a9 f6 f7 40   }
>>>>>       28 d5 ba 71   }
>>>>>       00 15 00 29      NONCE attribute header
>>>>>       6f 62 4d 61   }
>>>>>       74 4a 6f 73   }
>>>>>       32 41 41 41   }
>>>>>       43 66 2f 2f   }
>>>>>       34 39 39 6b   }  Nonce value and padding (3 bytes)
>>>>>       39 35 34 64   }
>>>>>       36 4f 4c 33   }
>>>>>       34 6f 4c 39   }
>>>>>       46 53 54 76   }
>>>>>       79 36 34 73   }
>>>>>       41 00 00 00   }
>>>>>       00 14 00 0b      REALM attribute header
>>>>>       65 78 61 6d   }
>>>>>       70 6c 65 2e   }  Realm value (11 bytes) and padding (1 byte)
>>>>>       6f 72 67 00   }
>>>>>       00 1c 00 20      MESSAGE-INTEGRITY-SHA256 attribute header
>>>>>       8e 57 3d 97   }
>>>>>       75 33 21 ae   }
>>>>>       47 8c b6 a2   }
>>>>>       7b 8a 6b 3a   }  HMAC-SHA256 value
>>>>>       89 08 9e e1   }
>>>>>       5f 62 6b 38   }
>>>>>       40 9f 48 ed   }
>>>>>       47 a5 df 57   }
>>>>> <ends>
>>>>>
>>>>> Thanks.
>>>>>
>>>>> On 9/1/20 4:04 AM, Magnus Westerlund wrote:
>>>>>> Hi,
>>>>>>
>>>>>> I think it is reasonable that we do an RFC Errata for this error to
>>>>> provide a
>>>>>> corrected test vector.
>>>>>>
>>>>>> I can edit the Errata request to have a different text. So if you
>>>>> authors could
>>>>>> prepare and review a proposal that fixes this I will edit and approve 
>>>>>> it.
>>>>>>
>>>>>> So if you can provide the text that goes into the three parts:
>>>>>>
>>>>>> Original Text: (I assume the full message from B.1 here)
>>>>>>
>>>>>> Corrected Text: Full message with corrected message length and
>>>>> recomputed Hash
>>>>>> value.
>>>>>>
>>>>>> Notes: If there are any additional that was already written that you
>>>>> like to
>>>>>> remark about this error?
>>>>>>
>>>>>> Cheers
>>>>>>
>>>>>> Magnus
>>>>>>
>>>>>> On Mon, 2020-08-31 at 17:00 +0000, Gonzalo Salgueiro (gsalguei) wrote:
>>>>>>> Hi Magnus -
>>>>>>>
>>>>>>> Marc responded earlier so you may have missed it. Below is his
>>> response:
>>>>>>>
>>>>>>> +++++++++++
>>>>>>> This errata is correct, and there is nobody to blame for that
>>>>>>> mistake
>>>>> but me.
>>>>>>>
>>>>>>> Magnus, how to you want to proceed for the recomputed test vector?
>>>>>>>
>>>>>>> Thanks.
>>>>>>> +++++++++++
>>>>>>>
>>>>>>> Cheers,
>>>>>>>
>>>>>>> Gonzalo
>>>>>>>
>>>>>>>
>>>>>>>> On Aug 31, 2020, at 11:08 AM, Magnus Westerlund <
>>>>>>>> magnus.westerlund@ericsson.com> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Author's can you please confirm if this is correct or not?
>>>>>>>>
>>>>>>>> Cheers
>>>>>>>>
>>>>>>>> Magnus
>>>>>>>>
>>>>>>>> On Sun, 2020-08-30 at 08:22 -0700, RFC Errata System wrote:
>>>>>>>>> The following errata report has been submitted for RFC8489,
>>>>>>>>> "Session Traversal Utilities for NAT (STUN)".
>>>>>>>>>
>>>>>>>>> --------------------------------------
>>>>>>>>> You may review the report below and at:
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>> https://protect2.fireeye.com/v1/url?k=99260d6d-c786cf2b-99264df6-86fc
>>>>> 6812c361-2320f3daa9544fe5&q=1&e=c28eb099-e321-4447-80c3-
>>> 942509fe0974&
>>>>> u=https%3A%2F%2Fwww.rfc-editor.org%2Ferrata%2Feid6268
>>>>>>>>> --------------------------------------
>>>>>>>>> Type: Technical
>>>>>>>>> Reported by: Jared Williams <renthraysk@gmail.com>
>>>>>>>>>
>>>>>>>>> Section: Appendix B.1
>>>>>>>>>
>>>>>>>>> Original Text
>>>>>>>>> -------------
>>>>>>>>> 00 01 00 9c      Request type and message length
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Corrected Text
>>>>>>>>> --------------
>>>>>>>>> 00 01 00 88      Request type and message length
>>>>>>>>>
>>>>>>>>> Notes
>>>>>>>>> -----
>>>>>>>>> The message length in the test vector (9c) is the absolute length
>>>>>>>>> of
>>>>> the
>>>>>>>>> whole
>>>>>>>>> test vector. However from section 5. STUN Message Structure
>>>>>>>>>
>>>>>>>>> "The message length MUST contain the size of the message in bytes,
>>> not
>>>>>>>>>   including the 20-byte STUN header."
>>>>>>>>>
>>>>>>>>> So the message length in the header should be 20 less than
>>>>>>>>> absolute
>>>>> length
>>>>>>>>> of
>>>>>>>>> the whole message.
>>>>>>>>>
>>>>>>>>> 0x9C - 20, 0x88.
>>>>>>>>>
>>>>>>>>> Also the MESSAGE-INTEGRITY-SHA256 HMAC-SHA256 value of the
>>> Test
>>>>>>>>> Vector will need recomputing.
>>>>>>>>>
>>>>>>>>> Instructions:
>>>>>>>>> -------------
>>>>>>>>> This erratum is currently posted as "Reported". If necessary,
>>>>>>>>> please use "Reply All" to discuss whether it should be verified
>>>>>>>>> or rejected. When a decision is reached, the verifying party can
>>>>>>>>> log in to change the status and edit the report, if necessary.
>>>>>>>>>
>>>>>>>>> --------------------------------------
>>>>>>>>> RFC8489 (draft-ietf-tram-stunbis-21)
>>>>>>>>> --------------------------------------
>>>>>>>>> Title               : Session Traversal Utilities for NAT (STUN)
>>>>>>>>> Publication Date    : February 2020
>>>>>>>>> Author(s)           : M. Petit-Huguenin, G. Salgueiro, J. Rosenberg,
>>>>> D.
>>>>>>>>> Wing,
>>>>>>>>> R. Mahy, P. Matthews
>>>>>>>>> Category            : PROPOSED STANDARD
>>>>>>>>> Source              : TURN Revised and Modernized
>>>>>>>>> Area                : Transport
>>>>>>>>> Stream              : IETF
>>>>>>>>> Verifying Party     : IESG
>>>>>>>>  --
>>>>>>>> Cheers
>>>>>>>>
>>>>>>>> Magnus Westerlund
>>>>>>>>
>>>>>>>>
>>>>>
>>>
> 
> 


-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://marc.petit-huguenin.org
Profile: https://www.linkedin.com/in/petithug

v2.23.0 | Report a Bug | By Email