Re: [tram] [Technical Errata Reported] RFC8489 (6268)

Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 07 September 2020 16:13 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B3923A0528 for <tram@ietfa.amsl.com>; Mon, 7 Sep 2020 09:13:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fdj3_ClS78Ev for <tram@ietfa.amsl.com>; Mon, 7 Sep 2020 09:13:51 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50066.outbound.protection.outlook.com [40.107.5.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C9F03A048A for <tram@ietf.org>; Mon, 7 Sep 2020 09:13:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nYm1WKidkvW1fTDI2RCMu8sp7bXFk1IzF/398l/wkoT1y1YdT/V15mFvGJc6QuyGMGUVG9QwHN7XGkQ1hQ0fkc0+1wRYuRE/fYn4Gip7rjo1VIjIZrfY4Nlatb51nWKwrd9a52lm11KnbgHdpUy4GPkLVIHS2dJrLdIcCop+oswmn5b7INbJ7M2tqytCrXLhOigSiULaQ43DkItVCGQi4/YuOAVmKPaxrPpsFNYFP2FjOKdrZ8yrHgGJGotpMq7ecQEiC+Czv24JFxfor1VEOJPQmTaYYPbCBqnp/1ljZOMM9rGdz5p/w0Cd46qBXJR9666VjZ1STijykWkOc9e5Pg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eULpX/hCSsReB2rYHEnBz91ODLIBbZnpGetGaymILMo=; b=cgc4miMVqcxnxrScOJEd4hhy3zr51gUHPPeGinKlmlkV4Esqw/5XNlwj2p1MoL+XJMC0eSKGB5pqtjmoSUspcdqhzbus13B93cVj/vrPxhMnux+6Y4rCJDQdsNcQ7f6Y1CXtHoBGE+0X28BIty4Y/bgoX6wWh/b+Rkw2pJ5vl61P4xqJvtiFWKXf/sAKag9aPbPrbiovEdJvBS/4/pVZiB7cfYX2VhIctIOCzygI00JdVdpyoL/h7pWt7PpXDfoYF1oZad0SsOC+MDoRz2roD3VKFMXn5/HBbfRfXVBTwUPwXGPej7MFTireRPCs87B9+w7/0obOjDUvuDXt3vVpgQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eULpX/hCSsReB2rYHEnBz91ODLIBbZnpGetGaymILMo=; b=mrmHoWoBs+hpPQqL6XnjLF6cngFnb/0KAtRMdekxoigJLqkq8CBIFA76DkM60OZLl9ycWZm//98kOegC3NFNUALojCICBx4BnvAQ2ztc2ByK3XDwFfF71jjkZe5eMzLN2vMYZDk1LgvTjirC9lECMMYlo+4Rxn37yW+4hhInwPs=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0701MB2570.eurprd07.prod.outlook.com (2603:10a6:3:96::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.9; Mon, 7 Sep 2020 16:13:47 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::b56f:9a8e:3399:aaa3]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::b56f:9a8e:3399:aaa3%7]) with mapi id 15.20.3370.015; Mon, 7 Sep 2020 16:13:47 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "marc@petit-huguenin.org" <marc@petit-huguenin.org>, "renthraysk@gmail.com" <renthraysk@gmail.com>
CC: "gsalguei@cisco.com" <gsalguei@cisco.com>, "simon.perreault@logmein.com" <simon.perreault@logmein.com>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "philip_matthews@magma.ca" <philip_matthews@magma.ca>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "jdrosen@jdrosen.net" <jdrosen@jdrosen.net>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "tram@ietf.org" <tram@ietf.org>, "rohan.ietf@gmail.com" <rohan.ietf@gmail.com>
Thread-Topic: [Technical Errata Reported] RFC8489 (6268)
Thread-Index: AQHWfuF5dRZ7aF/vA0OYP087ogZzZKlSU3kAgAAfVoCAAS6igIAJpSSAgAARDgCAAA2PgIAAAGWQ
Date: Mon, 7 Sep 2020 16:13:47 +0000
Message-ID: <HE1PR0702MB3772F26F7B3E91B8DC6982D695280@HE1PR0702MB3772.eurprd07.prod.outlook.com>
References: <20200830152251.37CA9F4076B@rfc-editor.org> <bd82edbe82f83f7c92c6cb21924951d35132768f.camel@ericsson.com> <B09AFC19-A790-46C5-A97B-69572411A229@cisco.com> <7bbe51fd9a5a226752597825f276f6baad70add7.camel@ericsson.com> <f48eb512-5c17-20bd-dfd6-2d368e9fd4b9@petit-huguenin.org> <CABNgG1g3Tx1QroP+eo+WeQXxD2XPvf+n67pekBqRi8+QzgX8_Q@mail.gmail.com> <65838ad3-7ee9-3339-1326-8c2d212f6fa6@petit-huguenin.org>
In-Reply-To: <65838ad3-7ee9-3339-1326-8c2d212f6fa6@petit-huguenin.org>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: petit-huguenin.org; dkim=none (message not signed) header.d=none;petit-huguenin.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [158.174.116.90]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1792e8d2-a85a-46fd-ea92-08d853490036
x-ms-traffictypediagnostic: HE1PR0701MB2570:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0701MB257090273D40254D3511FF3595280@HE1PR0701MB2570.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3044;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +y4x0HRpJc8jiu8WET2pG2TDcJURET94KRMPoPxqFO4Ht7NyoBKBZNGTEq1lPDLGhg0zR9BooG+kv4jsLSd2lsC5YklIg6jfYnfmUHCNwxz/o9rv86I8M8zKddBQrhk0gBjUHHI176ur2efQn2FBHXws09lRWcxwxxUgKrK9Fi4Dcy/r5ya9DCTiQy0cT8v+N6r9oAd+2lTQG1vUyIXtgT1JD0uggvDTd8MxscY8yS6uiSDIxbI3T4Ifj3wfClbgtlwuHrN2bjA7rRIwSiWOX8sJMoDfD942VYjgKqd/vj+Ng/SKl/d1jS09fFmch2Vu0FHMf3qEm2ymkNG2LQzPoFfcTNUKQIFTM4/sYMT1YgxEhm/WFqMmlf+7Osm5+4tNVNfb0gG7YX/XjFPC7f9JRw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(136003)(346002)(366004)(396003)(376002)(5660300002)(83380400001)(66946007)(33656002)(66476007)(52536014)(44832011)(76116006)(64756008)(7696005)(2906002)(99936003)(66446008)(66616009)(66556008)(8676002)(71200400001)(45080400002)(478600001)(54906003)(186003)(8936002)(55016002)(26005)(9686003)(53546011)(7416002)(86362001)(316002)(110136005)(6506007)(4326008)(966005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ZFsqLbLPPGfz7VKk9lHOyd0aa9eUREQDiz8pfd1Nc+08/W+mdqGBDavJXUjNTUFL/lup1/7Csf+UFeVwIejsTlywDwAvjXYSNy/p5Dwf6lbG3ym9NZDaAkIfa6Uo4a391qEmHbHcBfDxe9b7ynBCbifNXnjqpz8X2T/WwkN5u6xUqVM6lD4nYoj5DUsfOTRdn8HRyG5R+I7Fe6GKUXt1G0MohZ9WNjRMhKHQHbPJEkoS2YduQsaa5NtnI6zFYPiBUCKy7cDjvxRtlXUgnQaL1a4bdZAVA0R5xE1AwZH+xA37t7QU9knkRM7DcZ2z0G9jnbJ8zYTxz3NUtHnDipn697n11yVIf5qCKWl44NB3aMYRk/rX1jStDdVlcO4xH9KyxTJzfFE4rDSzSiNgm8euHhCxF0UUqNRQkCLEdY8YYiuXBRUVEw4dXi+niz8rTmZGU23GsB05mSa/DeHvxwK7rWM4HYpw5AlrKlHlTf3UBSnTZME9eHWmfQPLbkHvxMxLh0vlKwKzj3JAmv2YAylqWSljVAo5d+FdTJSpKo0c0RjhIlUeO1iqfYk6ebl5sQdd1IM7zLeUiX30bKRgmIUg3eFeXFzP1f/yeXC31iTSmp6lqmfzVoTWZSm61kZndqfoo7noW95p/LwpP8HKpauC8A==
Content-Type: multipart/signed; micalg=SHA1; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_0020_01D68542.A0223360"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1792e8d2-a85a-46fd-ea92-08d853490036
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2020 16:13:47.3422 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: n9P3MLTtvh+tAyELM06/F2rpQ2aDocFCbR5tuX9LQaFBGHJ/PffM7TGUe1kOyC/kEn2tt17wNNHOI/Z7pMpUikHnWLFF3QdhcBz3E0rpJUU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2570
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/9qr8dNTXlz2goBshovf0zympcYc>
X-Mailman-Approved-At: Tue, 08 Sep 2020 11:40:59 -0700
Subject: Re: [tram] [Technical Errata Reported] RFC8489 (6268)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Sep 2020 16:13:53 -0000

Hi,

I will hold, but please consider if you directly have any text proposal for 
the note part of the errata to explain the changes that are in there and if we 
need to change the text above the message itself to clarify thingS?

Cheers

Magnus

> -----Original Message-----
> From: Marc Petit-Huguenin <marc@petit-huguenin.org>
> Sent: den 7 september 2020 18:11
> To: RenThraysk <renthraysk@gmail.com>
> Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>om>;
> gsalguei@cisco.com; simon.perreault@logmein.com;
> martin.h.duke@gmail.com; philip_matthews@magma.ca; Gonzalo Camarillo
> <gonzalo.camarillo@ericsson.com>om>; jdrosen@jdrosen.net; dwing-
> ietf@fuggles.com; tram@ietf.org; rohan.ietf@gmail.com
> Subject: Re: [Technical Errata Reported] RFC8489 (6268)
>
> That's a good question.  We changed the username after we discovered that
> the one I used previously was in fact invalid with the new PRECIS rules, but 
> I
> am not sure why the one in the RFC is different.  I'll have to look into my
> archives to find exactly what is what, but that will have to wait until next
> Monday morning.
>
> Meanwhile, Magnus, please hold on the errata modification.
>
> Thanks.
>
>
> On 9/7/20 8:22 AM, RenThraysk wrote:
> > Hi
> >
> > Why has the Userhash value changed from the original test vector?
> >
> > Jared
> >
> > On Mon, Sep 7, 2020 at 3:21 PM Marc Petit-Huguenin
> > <marc@petit-huguenin.org>
> > wrote:
> >
> >> Hi Magnus,
> >>
> >> Here's the corrected test-vector:
> >>
> >> <begins>
> >>       00 01 00 88      Request type and message length
> >>       21 12 a4 42      Magic cookie
> >>       78 ad 34 33   }
> >>       c6 ad 72 c0   }  Transaction ID
> >>       29 da 41 2e   }
> >>       00 1e 00 20      USERHASH attribute header
> >>       63 aa 09 fc   }
> >>       23 81 0a 46   }
> >>       c9 76 e9 59   }
> >>       23 10 ee 1e   }  Userhash value (32 bytes)
> >>       59 b7 06 e1   }
> >>       9d e1 bd 21   }
> >>       a9 f6 f7 40   }
> >>       28 d5 ba 71   }
> >>       00 15 00 29      NONCE attribute header
> >>       6f 62 4d 61   }
> >>       74 4a 6f 73   }
> >>       32 41 41 41   }
> >>       43 66 2f 2f   }
> >>       34 39 39 6b   }  Nonce value and padding (3 bytes)
> >>       39 35 34 64   }
> >>       36 4f 4c 33   }
> >>       34 6f 4c 39   }
> >>       46 53 54 76   }
> >>       79 36 34 73   }
> >>       41 00 00 00   }
> >>       00 14 00 0b      REALM attribute header
> >>       65 78 61 6d   }
> >>       70 6c 65 2e   }  Realm value (11 bytes) and padding (1 byte)
> >>       6f 72 67 00   }
> >>       00 1c 00 20      MESSAGE-INTEGRITY-SHA256 attribute header
> >>       8e 57 3d 97   }
> >>       75 33 21 ae   }
> >>       47 8c b6 a2   }
> >>       7b 8a 6b 3a   }  HMAC-SHA256 value
> >>       89 08 9e e1   }
> >>       5f 62 6b 38   }
> >>       40 9f 48 ed   }
> >>       47 a5 df 57   }
> >> <ends>
> >>
> >> Thanks.
> >>
> >> On 9/1/20 4:04 AM, Magnus Westerlund wrote:
> >>> Hi,
> >>>
> >>> I think it is reasonable that we do an RFC Errata for this error to
> >> provide a
> >>> corrected test vector.
> >>>
> >>> I can edit the Errata request to have a different text. So if you
> >> authors could
> >>> prepare and review a proposal that fixes this I will edit and approve 
> >>> it.
> >>>
> >>> So if you can provide the text that goes into the three parts:
> >>>
> >>> Original Text: (I assume the full message from B.1 here)
> >>>
> >>> Corrected Text: Full message with corrected message length and
> >> recomputed Hash
> >>> value.
> >>>
> >>> Notes: If there are any additional that was already written that you
> >> like to
> >>> remark about this error?
> >>>
> >>> Cheers
> >>>
> >>> Magnus
> >>>
> >>> On Mon, 2020-08-31 at 17:00 +0000, Gonzalo Salgueiro (gsalguei) wrote:
> >>>> Hi Magnus -
> >>>>
> >>>> Marc responded earlier so you may have missed it. Below is his
> response:
> >>>>
> >>>> +++++++++++
> >>>> This errata is correct, and there is nobody to blame for that
> >>>> mistake
> >> but me.
> >>>>
> >>>> Magnus, how to you want to proceed for the recomputed test vector?
> >>>>
> >>>> Thanks.
> >>>> +++++++++++
> >>>>
> >>>> Cheers,
> >>>>
> >>>> Gonzalo
> >>>>
> >>>>
> >>>>> On Aug 31, 2020, at 11:08 AM, Magnus Westerlund <
> >>>>> magnus.westerlund@ericsson.com> wrote:
> >>>>>
> >>>>> Hi,
> >>>>>
> >>>>> Author's can you please confirm if this is correct or not?
> >>>>>
> >>>>> Cheers
> >>>>>
> >>>>> Magnus
> >>>>>
> >>>>> On Sun, 2020-08-30 at 08:22 -0700, RFC Errata System wrote:
> >>>>>> The following errata report has been submitted for RFC8489,
> >>>>>> "Session Traversal Utilities for NAT (STUN)".
> >>>>>>
> >>>>>> --------------------------------------
> >>>>>> You may review the report below and at:
> >>>>>>
> >>>>>
> >>>>>
> >> https://protect2.fireeye.com/v1/url?k=99260d6d-c786cf2b-99264df6-86fc
> >> 6812c361-2320f3daa9544fe5&q=1&e=c28eb099-e321-4447-80c3-
> 942509fe0974&
> >> u=https%3A%2F%2Fwww.rfc-editor.org%2Ferrata%2Feid6268
> >>>>>> --------------------------------------
> >>>>>> Type: Technical
> >>>>>> Reported by: Jared Williams <renthraysk@gmail.com>
> >>>>>>
> >>>>>> Section: Appendix B.1
> >>>>>>
> >>>>>> Original Text
> >>>>>> -------------
> >>>>>> 00 01 00 9c      Request type and message length
> >>>>>>
> >>>>>>
> >>>>>> Corrected Text
> >>>>>> --------------
> >>>>>> 00 01 00 88      Request type and message length
> >>>>>>
> >>>>>> Notes
> >>>>>> -----
> >>>>>> The message length in the test vector (9c) is the absolute length
> >>>>>> of
> >> the
> >>>>>> whole
> >>>>>> test vector. However from section 5. STUN Message Structure
> >>>>>>
> >>>>>> "The message length MUST contain the size of the message in bytes,
> not
> >>>>>>   including the 20-byte STUN header."
> >>>>>>
> >>>>>> So the message length in the header should be 20 less than
> >>>>>> absolute
> >> length
> >>>>>> of
> >>>>>> the whole message.
> >>>>>>
> >>>>>> 0x9C - 20, 0x88.
> >>>>>>
> >>>>>> Also the MESSAGE-INTEGRITY-SHA256 HMAC-SHA256 value of the
> Test
> >>>>>> Vector will need recomputing.
> >>>>>>
> >>>>>> Instructions:
> >>>>>> -------------
> >>>>>> This erratum is currently posted as "Reported". If necessary,
> >>>>>> please use "Reply All" to discuss whether it should be verified
> >>>>>> or rejected. When a decision is reached, the verifying party can
> >>>>>> log in to change the status and edit the report, if necessary.
> >>>>>>
> >>>>>> --------------------------------------
> >>>>>> RFC8489 (draft-ietf-tram-stunbis-21)
> >>>>>> --------------------------------------
> >>>>>> Title               : Session Traversal Utilities for NAT (STUN)
> >>>>>> Publication Date    : February 2020
> >>>>>> Author(s)           : M. Petit-Huguenin, G. Salgueiro, J. Rosenberg,
> >> D.
> >>>>>> Wing,
> >>>>>> R. Mahy, P. Matthews
> >>>>>> Category            : PROPOSED STANDARD
> >>>>>> Source              : TURN Revised and Modernized
> >>>>>> Area                : Transport
> >>>>>> Stream              : IETF
> >>>>>> Verifying Party     : IESG
> >>>>>  --
> >>>>> Cheers
> >>>>>
> >>>>> Magnus Westerlund
> >>>>>
> >>>>>
> >>
>
>
>
> --
> Marc Petit-Huguenin
> Email: marc@petit-huguenin.org
> Blog: https://protect2.fireeye.com/v1/url?k=af38cfe0-f198612d-af388f7b-
> 866132fe445e-0b14f7daf450fdde&q=1&e=3ebbb482-ad3f-42f8-a6b4-
> 338854359aa4&u=https%3A%2F%2Fmarc.petit-huguenin.org%2F
> Profile: https://www.linkedin.com/in/petithug