Re: [tram] [Technical Errata Reported] RFC8489 (6268)

Marc Petit-Huguenin <marc@petit-huguenin.org> Mon, 07 September 2020 16:21 UTC

Return-Path: <marc@petit-huguenin.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F01CE3A079F for <tram@ietfa.amsl.com>; Mon, 7 Sep 2020 09:21:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.848
X-Spam-Level:
X-Spam-Status: No, score=-2.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.948, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OMB8jk9o9Pmg for <tram@ietfa.amsl.com>; Mon, 7 Sep 2020 09:21:58 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2001:4b98:dc0:45:216:3eff:fe7f:7abd]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3DFD3A0772 for <tram@ietf.org>; Mon, 7 Sep 2020 09:21:57 -0700 (PDT)
Received: from [IPv6:2601:648:8400:8e7d:4550:9d1e:337b:2cea] (unknown [IPv6:2601:648:8400:8e7d:4550:9d1e:337b:2cea]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id AD17DAE286; Mon, 7 Sep 2020 18:21:53 +0200 (CEST)
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, "renthraysk@gmail.com" <renthraysk@gmail.com>
Cc: "gsalguei@cisco.com" <gsalguei@cisco.com>, "simon.perreault@logmein.com" <simon.perreault@logmein.com>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "philip_matthews@magma.ca" <philip_matthews@magma.ca>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "jdrosen@jdrosen.net" <jdrosen@jdrosen.net>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "tram@ietf.org" <tram@ietf.org>, "rohan.ietf@gmail.com" <rohan.ietf@gmail.com>
References: <20200830152251.37CA9F4076B@rfc-editor.org> <bd82edbe82f83f7c92c6cb21924951d35132768f.camel@ericsson.com> <B09AFC19-A790-46C5-A97B-69572411A229@cisco.com> <7bbe51fd9a5a226752597825f276f6baad70add7.camel@ericsson.com> <f48eb512-5c17-20bd-dfd6-2d368e9fd4b9@petit-huguenin.org> <CABNgG1g3Tx1QroP+eo+WeQXxD2XPvf+n67pekBqRi8+QzgX8_Q@mail.gmail.com> <65838ad3-7ee9-3339-1326-8c2d212f6fa6@petit-huguenin.org> <HE1PR0702MB3772F26F7B3E91B8DC6982D695280@HE1PR0702MB3772.eurprd07.prod.outlook.com>
From: Marc Petit-Huguenin <marc@petit-huguenin.org>
Autocrypt: addr=marc@petit-huguenin.org; prefer-encrypt=mutual; keydata= mQINBE6Mh9wBEADrUEDZChteJbQtsHwZITZExr7TAqT7pniNwhBX3nFgd+FrV3lsLKJ1rym2 52MAYpubXEJZGzMp6uCCAnROWbtmQbOm8z/jHnjxHhPqfuYCYPpAQqu8K/Sc194Rp37krMwB jz32yr7+gvWLzRgQGKIh9d2mzy8QLMETVWWQWGb6fEfpOxXo0wumN1rc/275kZwOu44JIPGg zbgwZdnEqYOUUa18K9MXeRDoWbwDISP30CvKuZDwD14lbBE3o7tBQrU9uoMhE7eFlTjbsCox qoubI2tZSuOTF8mRXjPmNrRGtf9mYkQnOB7y6qy/QxmOVMq4IRtHzOYIm/EZ6NTodcpZQHOM 2v6B6YK9uKrYrapSpJzn4f9oU7alT31Y3o2hOlxAWDQ16+Dd1MOPYsKQXOwY1/ihm4PTjiJ8 ud8yPzy7c+BSVs5wkBU6QuLNIgZHrrxdn+KxM+F/oAVtfzO7XzVoeOcXyWi3/CHL5pgoBruY enIF/RrRuplpy09pvZjmFPNfqKBYJGnqpQuqsQwO7LsFqDqfY2EuHg+KsGN1XuN+jxXc48/1 gCnKw7ALSPWEb7g25wD6KfiZTAcyRTG8LePNFQKhw61LbIWmkw9EaVLyXvwPTc1iCSc0dDT/ pcT/z+8xrWOyWGZNZAjR584NlDpKollbItcxYtFcYZkvTCmOVwARAQABtC1NYXJjIFBldGl0 LUh1Z3VlbmluIDxtYXJjQHBldGl0LWh1Z3VlbmluLm9yZz6JAjsEEwEIACUCGyMGCwkIBwMC BhUIAgkKCwQWAgMBAh4BAheAAhkBBQJX8tdbAAoJECnERZXWan7EiNkQAIbS72cyalFjxQ1l vEW9S8NjjwIMbb5+NC2XqDakAmZq+Aav/Yfk8aEc+eAWBboVC3NBBjYojMRXK1XEnD7xPQ1X rWd23TDibKajy/2fo/MS9/s6uPFOAINi1ykOMq8ShxMHcIPC/dvVt59a7DV1KPGlnUheNR7N 4rIbkL5KndatD38yTGkyKsFvVKTHJn3y5zqHTGP0BjE1rxsGEBn4h+EzxVCIMVFQUeMVPKPV dlQY9fxdicSGPK2WKo1KL3CVpnYTuNCAVIGA9DPTXPPKvEte+/+xv10I03pj4w87iMUZt7Ca FTO55Gsf8hZvmpuB224yzrAbquA450EUVcQ7KAPcHrph5KAu0d3nwrjrUDn/RWWbyRiVrPtf hmnAAhkSv7oOxzyMdLvqt7XKGKbABhrl1ZRF8QbquOkyu8n3Bz2Osgw7JyFn9N6svlFPmpML UTEi64NewvN6zszKs/zBS6bn7na75gxHNvjSZpSF6uSLYgmKbyG8vkY/i0s0e0njjOHcpNx1 0mNZ+wOoCgHtSCZFyv14ncioJTiSjtZCs+srW9PFlbOg73C1Op42xV5Y+dh/mCC+rweKtB3t yTAy52v8vPG0VjsLS52x6yUsoDjYV33AmTEaWmGzN5t8BX/qh7pgNIEd9TEwrR3B4LjqMmUk XXWSJG5IM8Zr2OE/t2vyuQINBE6Mh9wBEAC/i4Lh4XEgwi/yHr3XLx/+f38ztn5rrk8XRsK2 WUpu5evxw9iK2oelqWtS71XkW57EavJOjvP4t8FWqRKED5jWN741n12iW/EeLx3KoHMcPTfY 4WWvprxiZPfnCIpQ8j8x0QQSA+Hf96BSkAkOGNkiJDuus5z4XwTktn9gFOwLVx4VRMo+lrCy um6BDHI+4/sOWnrNp2WptI4YKM/uA0HpuLpPKLra0ZW6Bp2TewNpAjbst/VHjqewab0PeSCn CQiHkqIibdgOATT0K6KoVtMxp/WPRSfVImfWCHjT2G7HFMcb6w/jlPSb+u4VtL9yn76CCg8F SqTtzFuqPtbXkhrdSgks/grxiQryMXwpO0uSuUgZ3u2TSs+65Bl2CM5cq+2aBIER5qhpnCv7 B00uHuoNqUEK0VEpLKcqi2ZeVM5oO8iOaBgS9Gh082HQ5JDijEV2J5e4rwXjbRnJ4hqpTjSy caW8HnPI+4S0aqVxbnqW7T6l/xnn7ivK3aPqaRKqUSedHCU3oHIU31n0o5+f5htQeDs/Tpzn ARHkyzu9vZ9CvQXk8daZorA+j/38q6mWU6Mw8FRIu1qPQDmqljobk3vC9BZRSJOn3P8jNMM7 w1j+7Da3rxGBylfa3fmHPyY7dvdyeLmsq7egzTJkpAMN55Qat7iuXeeCdBQLAFHLBP1tvwAR AQABiQIfBBgBCAAJAhsMBQJX8tdcAAoJECnERZXWan7EkMgP/isd3lrSsm/8t+U44LY0/x67 cPmiKa9biveywJZ9Y+Zu/pUP44dP670mY7PmEDGC6lRiPKGmhf7vqq6JJFOqX64VWePQ9QZp kkzAUmIJwQ2Kmcmfrs0J5w2Lf5qaNji25fQYbon0eUFy6eN3BNRSIcg0+OsH7HubTWfpZeJu B7V7k8OFt2+HDx7aNdNutDJIu4V25AzGfonARQzJK62cmB0pwYXpcyDO152OwP12XbpXxXA1 xHGYQBRL98pSbMU5xsMw8j9VQHQRS94aT9Qqnz9SrYuISnMV2WGyIE0rAY3GGz3IcN5LVE1N vSP51ih+YJg/qsBYs8obbfEIZelOuznWf120RgV7P+7ZWCSBohmchuyELQzl9D7FXfulkXA3 RapKQcGJMVPIHYgnlvmE0OXfJl1z09nYRQHitoQhWtviHWl7x/KL42aUzHirLR61iVA2kqkO BhU+u+g2w8qrZj+lJfXIxlbVyLOuBVqkfcK28AR9RriB4Q5hvbDeQJMgfZsV2hBt7huBOqkH nnbSCguqfnmwLGkxoM7RVjCQwvC1M57uwdKMlsTVaBP0RreZnrDngLamK+ibXYe7p8pPAWD9 cuHvkkjML7cIfuvbScDYRmGzia3V9+LVzQCm+q/6xUY1SZvrDz7OaJOy3Xb1d+aPhYaNC0TQ 7IqA1dx8rZYQ
Message-ID: <d0498051-d762-855d-bf74-d65a8bdf88da@petit-huguenin.org>
Date: Mon, 7 Sep 2020 09:21:52 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <HE1PR0702MB3772F26F7B3E91B8DC6982D695280@HE1PR0702MB3772.eurprd07.prod.outlook.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/ok-ZG5gh79vgLl2efAty-dKpIc0>
X-Mailman-Approved-At: Tue, 08 Sep 2020 11:40:59 -0700
Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Sep 2020 16:22:00 -0000

Yes, I will provide text.

On 9/7/20 9:13 AM, Magnus Westerlund wrote:
> Hi,
> 
> I will hold, but please consider if you directly have any text proposal for 
> the note part of the errata to explain the changes that are in there and if we 
> need to change the text above the message itself to clarify thingS?
> 
> Cheers
> 
> Magnus
> 
>> -----Original Message-----
>> From: Marc Petit-Huguenin <marc@petit-huguenin.org>
>> Sent: den 7 september 2020 18:11
>> To: RenThraysk <renthraysk@gmail.com>
>> Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>om>;
>> gsalguei@cisco.com; simon.perreault@logmein.com;
>> martin.h.duke@gmail.com; philip_matthews@magma.ca; Gonzalo Camarillo
>> <gonzalo.camarillo@ericsson.com>om>; jdrosen@jdrosen.net; dwing-
>> ietf@fuggles.com; tram@ietf.org; rohan.ietf@gmail.com
>> Subject: Re: [Technical Errata Reported] RFC8489 (6268)
>>
>> That's a good question.  We changed the username after we discovered that
>> the one I used previously was in fact invalid with the new PRECIS rules, but 
>> I
>> am not sure why the one in the RFC is different.  I'll have to look into my
>> archives to find exactly what is what, but that will have to wait until next
>> Monday morning.
>>
>> Meanwhile, Magnus, please hold on the errata modification.
>>
>> Thanks.
>>
>>
>> On 9/7/20 8:22 AM, RenThraysk wrote:
>>> Hi
>>>
>>> Why has the Userhash value changed from the original test vector?
>>>
>>> Jared
>>>
>>> On Mon, Sep 7, 2020 at 3:21 PM Marc Petit-Huguenin
>>> <marc@petit-huguenin.org>
>>> wrote:
>>>
>>>> Hi Magnus,
>>>>
>>>> Here's the corrected test-vector:
>>>>
>>>> <begins>
>>>>       00 01 00 88      Request type and message length
>>>>       21 12 a4 42      Magic cookie
>>>>       78 ad 34 33   }
>>>>       c6 ad 72 c0   }  Transaction ID
>>>>       29 da 41 2e   }
>>>>       00 1e 00 20      USERHASH attribute header
>>>>       63 aa 09 fc   }
>>>>       23 81 0a 46   }
>>>>       c9 76 e9 59   }
>>>>       23 10 ee 1e   }  Userhash value (32 bytes)
>>>>       59 b7 06 e1   }
>>>>       9d e1 bd 21   }
>>>>       a9 f6 f7 40   }
>>>>       28 d5 ba 71   }
>>>>       00 15 00 29      NONCE attribute header
>>>>       6f 62 4d 61   }
>>>>       74 4a 6f 73   }
>>>>       32 41 41 41   }
>>>>       43 66 2f 2f   }
>>>>       34 39 39 6b   }  Nonce value and padding (3 bytes)
>>>>       39 35 34 64   }
>>>>       36 4f 4c 33   }
>>>>       34 6f 4c 39   }
>>>>       46 53 54 76   }
>>>>       79 36 34 73   }
>>>>       41 00 00 00   }
>>>>       00 14 00 0b      REALM attribute header
>>>>       65 78 61 6d   }
>>>>       70 6c 65 2e   }  Realm value (11 bytes) and padding (1 byte)
>>>>       6f 72 67 00   }
>>>>       00 1c 00 20      MESSAGE-INTEGRITY-SHA256 attribute header
>>>>       8e 57 3d 97   }
>>>>       75 33 21 ae   }
>>>>       47 8c b6 a2   }
>>>>       7b 8a 6b 3a   }  HMAC-SHA256 value
>>>>       89 08 9e e1   }
>>>>       5f 62 6b 38   }
>>>>       40 9f 48 ed   }
>>>>       47 a5 df 57   }
>>>> <ends>
>>>>
>>>> Thanks.
>>>>
>>>> On 9/1/20 4:04 AM, Magnus Westerlund wrote:
>>>>> Hi,
>>>>>
>>>>> I think it is reasonable that we do an RFC Errata for this error to
>>>> provide a
>>>>> corrected test vector.
>>>>>
>>>>> I can edit the Errata request to have a different text. So if you
>>>> authors could
>>>>> prepare and review a proposal that fixes this I will edit and approve 
>>>>> it.
>>>>>
>>>>> So if you can provide the text that goes into the three parts:
>>>>>
>>>>> Original Text: (I assume the full message from B.1 here)
>>>>>
>>>>> Corrected Text: Full message with corrected message length and
>>>> recomputed Hash
>>>>> value.
>>>>>
>>>>> Notes: If there are any additional that was already written that you
>>>> like to
>>>>> remark about this error?
>>>>>
>>>>> Cheers
>>>>>
>>>>> Magnus
>>>>>
>>>>> On Mon, 2020-08-31 at 17:00 +0000, Gonzalo Salgueiro (gsalguei) wrote:
>>>>>> Hi Magnus -
>>>>>>
>>>>>> Marc responded earlier so you may have missed it. Below is his
>> response:
>>>>>>
>>>>>> +++++++++++
>>>>>> This errata is correct, and there is nobody to blame for that
>>>>>> mistake
>>>> but me.
>>>>>>
>>>>>> Magnus, how to you want to proceed for the recomputed test vector?
>>>>>>
>>>>>> Thanks.
>>>>>> +++++++++++
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> Gonzalo
>>>>>>
>>>>>>
>>>>>>> On Aug 31, 2020, at 11:08 AM, Magnus Westerlund <
>>>>>>> magnus.westerlund@ericsson.com> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Author's can you please confirm if this is correct or not?
>>>>>>>
>>>>>>> Cheers
>>>>>>>
>>>>>>> Magnus
>>>>>>>
>>>>>>> On Sun, 2020-08-30 at 08:22 -0700, RFC Errata System wrote:
>>>>>>>> The following errata report has been submitted for RFC8489,
>>>>>>>> "Session Traversal Utilities for NAT (STUN)".
>>>>>>>>
>>>>>>>> --------------------------------------
>>>>>>>> You may review the report below and at:
>>>>>>>>
>>>>>>>
>>>>>>>
>>>> https://protect2.fireeye.com/v1/url?k=99260d6d-c786cf2b-99264df6-86fc
>>>> 6812c361-2320f3daa9544fe5&q=1&e=c28eb099-e321-4447-80c3-
>> 942509fe0974&
>>>> u=https%3A%2F%2Fwww.rfc-editor.org%2Ferrata%2Feid6268
>>>>>>>> --------------------------------------
>>>>>>>> Type: Technical
>>>>>>>> Reported by: Jared Williams <renthraysk@gmail.com>
>>>>>>>>
>>>>>>>> Section: Appendix B.1
>>>>>>>>
>>>>>>>> Original Text
>>>>>>>> -------------
>>>>>>>> 00 01 00 9c      Request type and message length
>>>>>>>>
>>>>>>>>
>>>>>>>> Corrected Text
>>>>>>>> --------------
>>>>>>>> 00 01 00 88      Request type and message length
>>>>>>>>
>>>>>>>> Notes
>>>>>>>> -----
>>>>>>>> The message length in the test vector (9c) is the absolute length
>>>>>>>> of
>>>> the
>>>>>>>> whole
>>>>>>>> test vector. However from section 5. STUN Message Structure
>>>>>>>>
>>>>>>>> "The message length MUST contain the size of the message in bytes,
>> not
>>>>>>>>   including the 20-byte STUN header."
>>>>>>>>
>>>>>>>> So the message length in the header should be 20 less than
>>>>>>>> absolute
>>>> length
>>>>>>>> of
>>>>>>>> the whole message.
>>>>>>>>
>>>>>>>> 0x9C - 20, 0x88.
>>>>>>>>
>>>>>>>> Also the MESSAGE-INTEGRITY-SHA256 HMAC-SHA256 value of the
>> Test
>>>>>>>> Vector will need recomputing.
>>>>>>>>
>>>>>>>> Instructions:
>>>>>>>> -------------
>>>>>>>> This erratum is currently posted as "Reported". If necessary,
>>>>>>>> please use "Reply All" to discuss whether it should be verified
>>>>>>>> or rejected. When a decision is reached, the verifying party can
>>>>>>>> log in to change the status and edit the report, if necessary.
>>>>>>>>
>>>>>>>> --------------------------------------
>>>>>>>> RFC8489 (draft-ietf-tram-stunbis-21)
>>>>>>>> --------------------------------------
>>>>>>>> Title               : Session Traversal Utilities for NAT (STUN)
>>>>>>>> Publication Date    : February 2020
>>>>>>>> Author(s)           : M. Petit-Huguenin, G. Salgueiro, J. Rosenberg,
>>>> D.
>>>>>>>> Wing,
>>>>>>>> R. Mahy, P. Matthews
>>>>>>>> Category            : PROPOSED STANDARD
>>>>>>>> Source              : TURN Revised and Modernized
>>>>>>>> Area                : Transport
>>>>>>>> Stream              : IETF
>>>>>>>> Verifying Party     : IESG
>>>>>>>  --
>>>>>>> Cheers
>>>>>>>
>>>>>>> Magnus Westerlund
>>>>>>>
>>>>>>>
>>>>
>>


-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://marc.petit-huguenin.org
Profile: https://www.linkedin.com/in/petithug