IETF Logo Mail Archive

Re: [tram] [Technical Errata Reported] RFC7635 (5060)

Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 23 September 2020 14:22 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BD7F3A0FF5 for <tram@ietfa.amsl.com>; Wed, 23 Sep 2020 07:22:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.796
X-Spam-Level:
X-Spam-Status: No, score=-3.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.695, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6iUr4KV6hdxu for <tram@ietfa.amsl.com>; Wed, 23 Sep 2020 07:22:57 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80055.outbound.protection.outlook.com [40.107.8.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 767A43A0FC2 for <tram@ietf.org>; Wed, 23 Sep 2020 07:22:57 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XPV5OW+uXcIJj+xK9hcMZzLklE+CVpMDw4/Y8cJH0HfA3ig9wirc1LiV3NuRMGb2JNl1IJfTf5R8tLmnuPfo1FisPYaM7aXi4eEH6IjlMOCzGlXsqCqidvoovxoK6aYXRwBScZO5NmMYqxjo3UfeqWCt/j9LvQrBDnY5n1hq5AbGkYlvhONtBgXbfJZbQHR3XrTkms65PyjZftoxvjnQC50q/HxBCbwDSDeVYFNW3JsjcnAx6dhLQJ3GoWmghJETZutQTt/s2BV7t8kXx+b4UK0xI9RpfoZK0EpPBbxin0LSwOAVKunnuouTG2ZhlUkdJJc5boC6Pm0W3V4MDUhSew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w8cFlaAzdfmuDy7esbL2VHJILBXQ5iEtjxakHpKRUso=; b=Zmfxw6C4TvMr5mdZOEepWCHrCFHrWXpRgxnO5QmpcCJdPnEbkBmAgL9LQKRSADhPDKu8rbkA1g3rRbVZ20AhRWWd0vcKMKNjiS2BNGyGxXgRlX9KZac3YmQly10ajDOG/tgmJpem2Gdp6+tmrjsCwTtRekRSSikStM7oeIYJ/IecJCWrSEy+YYPUjPOaewgZ1Vm7SDltWeb92bljqyb+850mcwJTE7YBNXetayqkfsymtZ7a8ymUN6t/kQrAvGwv54Nwf4aNmmRpiQSvF9Gxj8XRAW/Y8SsabGdCUOwcSd3ldDw38q0K/kiqjsKUnuDDO1bIGHZgQ+WWfBacOl1HZg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w8cFlaAzdfmuDy7esbL2VHJILBXQ5iEtjxakHpKRUso=; b=aEOSR2sS1FjNm7cAP38hlPmGmQRd550XDTtu6o4GJJxuEUg9+PAORAgE5y7nK5jtKkEo+97z+7oyKeFyHSCKoDzXgHAD/s/ERFHGj+Fz9c37w6Vfp9LWOibHBT6rGT9FA409gNgkUL2FAimM2+V0WAXfTSp/hjhyTlhTJlmi4Yg=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0702MB3627.eurprd07.prod.outlook.com (2603:10a6:7:84::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.10; Wed, 23 Sep 2020 14:22:53 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::c98a:9a0c:1eea:3fdc]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::c98a:9a0c:1eea:3fdc%6]) with mapi id 15.20.3412.021; Wed, 23 Sep 2020 14:22:53 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "justin@uberti.name" <justin@uberti.name>, "sperreault@jive.com" <sperreault@jive.com>, "tireddy@cisco.com" <tireddy@cisco.com>, "praspati@cisco.com" <praspati@cisco.com>, Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>, "rmohanr@cisco.com" <rmohanr@cisco.com>
CC: "tram@ietf.org" <tram@ietf.org>, "deadbeef@google.com" <deadbeef@google.com>
Thread-Topic: [tram] [Technical Errata Reported] RFC7635 (5060)
Thread-Index: AQHS9i9YLmhOJmR48EWZzOd55mC6Nql9faqA
Date: Wed, 23 Sep 2020 14:22:53 +0000
Message-ID: <076210c82130159ac25a2663f331cf29af0cd28d.camel@ericsson.com>
References: <20170705233508.0F530B80DD9@rfc-editor.org>
In-Reply-To: <20170705233508.0F530B80DD9@rfc-editor.org>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: uberti.name; dkim=none (message not signed) header.d=none;uberti.name; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.81]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6c95ad77-081a-408d-9813-08d85fcc28c3
x-ms-traffictypediagnostic: HE1PR0702MB3627:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <HE1PR0702MB3627730D43A173DB16E668D595380@HE1PR0702MB3627.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jyvr4xzc2gs+RDiNm36d249bTnMwz5GJamBGiup0liOYmTH8dkwteKMmDYvgqRooEeYdI4oD5krYrXZoIpy70xmgddOd/xu7Qt3/HoUoS4dyNs0hiY5P5iQ/7+d1Gtu0W6RQvjiUjtdPYfIX6wSAE/85fpGZ91fWFZmvUOKmkN5xKVV58XSpge1mU1o9hU+HCF7OD087e9UquyY4P1oyBvEA5BTJYzABQnRPd5RV4Ig8+Kd79k7a81hjMX69TS+X7zH8BEn+o4oIolJFtbq0ghAqLp1bYZB4JOWu5aqZYfqjfteCDCOBzEGz3xOuLY01tP6O2Zu15XS47LxJjoRqRelAdZt3+NgkQCkZUazk5Zxvy1Tv93NOgOktDJcoV6VLuuCMqhahN0I+5Tlhb+MNb94Qk/x4gXA8gDhsz5htlLIuA/h7VYMVSEFpOZRiyd9pccqfaSKJuwbTb75QFzyBRw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(376002)(346002)(396003)(366004)(39860400002)(8936002)(5660300002)(91956017)(478600001)(186003)(6506007)(26005)(71200400001)(66946007)(66476007)(76116006)(64756008)(66556008)(66446008)(110136005)(86362001)(316002)(8676002)(6486002)(966005)(36756003)(54906003)(2906002)(44832011)(6512007)(4326008)(83380400001)(2616005)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: BPZYYfbiALbBks58d6CVhfsRxtqk6fqaOZL1K6P6O/oFyzVb9K7Izqh/u/27lLge2Ub5k67UPnDG4KsNBlia3hv11C7szX8LYIwj00kQaHUceUSOhFT/oCq9FlHUoV/ssgtDs5Vbsr4flf1jtQJqE6vPJeRlA0JmaqasozafXIMhfRJG2xMJq9GEdKhmSscIRK+1X9UUgv2+Uhu8LjfAXExhAxXz+8tcveVkElr2/KnQcJEY5ZJvjEsOdgJa+9dihBwp6Z3HFnqS6onv55ElUQzdCMdl0D9SdJ3/wcVyOwV3+whGANIINA71yLtCtmGgV4SpyAZGkZilui5cBb5SZiHL51miNkvURKD+nC9FBxdoxNLvgoyN0BcBIivtCp83ULvxMX+bLWWt6R1wchMGTcPiyG/auC461LizCfykOwTORTZm9qIeNXJMlhbIp8Z7E1fLgbnY32eqTghZPUP3K33mcc38p3n11YXbihMbxnsXSJuoVGaIIjy5lL5ko2Zh+gHuIzWfS9ueTRAl40IInnOp+irhfo04+1xPCDjo+twWNco/jqdwrGahI+7OFmkyks1efO/otn5XF0BX5K08y0l/EyT+1kY3ho8U8SF4MOhcqussF6r7PgxyPQKLXWKy0NJ6ICL5IH/zJHFgB+M3dw==
Content-Type: text/plain; charset="utf-8"
Content-ID: <1431005B57C1C3409A20338FCCD52E9F@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6c95ad77-081a-408d-9813-08d85fcc28c3
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Sep 2020 14:22:53.3859 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0Ux9Si82W40nFtSYLE6SMEvy+GmogpQjsExuWrXVtXb306//EdS8ji+Jc0egFmjs1ahJvkUGow9eDEu7zfrplhEQkip0HctK550++FFxCRw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3627
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/ypEATapE8A5FkP2Q0BGZ8ZW6IXw>
Subject: Re: [tram] [Technical Errata Reported] RFC7635 (5060)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2020 14:22:59 -0000

Hi,

I would appreciate some response regarding this Errata. Should it be verified,
held for document update, or rejected? 

Cheers

Magnus Westerlund

On Wed, 2017-07-05 at 16:35 -0700, RFC Errata System wrote:
> The following errata report has been submitted for RFC7635,
> "Session Traversal Utilities for NAT (STUN) Extension for Third-Party
> Authorization".
> 
> --------------------------------------
> You may review the report below and at:
> http://www.rfc-editor.org/errata/eid5060
> 
> --------------------------------------
> Type: Technical
> Reported by: Taylor Brandstetter <deadbeef@google.com>
> 
> Section: Appendix B
> 
> Original Text
> -------------
>    [STUN] supports hash agility and accomplishes this agility by
>    computing message integrity using both HMAC-SHA-1 and
>    HMAC-SHA-256-128.  The client signals the algorithm supported by it
>    to the authorization server in the 'alg' parameter defined in
>    [POP-KEY-DIST].  The authorization server determines the length of
>    the mac_key based on the HMAC algorithm conveyed by the client.  If
>    the client supports both HMAC-SHA-1 and HMAC-SHA-256-128, then it
>    signals HMAC-SHA-256-128 to the authorization server, gets a 256-bit
>    key from the authorization server, and calculates a 160-bit key for
>    HMAC-SHA-1 using SHA1 and taking the 256-bit key as input.
> 
> Corrected Text
> --------------
>    [STUN] supports hash agility and accomplishes this agility by
>    computing message integrity using both HMAC-SHA-1 and
>    HMAC-SHA-256-128.  The client signals the algorithm supported by it
>    to the authorization server in the 'alg' parameter defined in
>    [POP-KEY-DIST].  The authorization server determines the length of
>    the mac_key based on the HMAC algorithm conveyed by the client.  If
>    the client supports both HMAC-SHA-1 and HMAC-SHA-256-128, then it
>    signals HMAC-SHA-256-128 to the authorization server, and gets a
>    256-bit key from the authorization server, which can be used to
>    compute both the HMAC-SHA-1 and HMAC-SHA-256-128 hashes. If the
>    client only supports HMAC-SHA-1, the authorization server could
>    return a 160-bit key, as keys longer than the HMAC-SHA-1 output
>    size of 160-bits would not significantly increase the function's
>    strength.
> 
> Notes
> -----
> The SHA-1 block size is 512 bits, so a 256-bit key does not need to be
> shortened to compute a HMAC-SHA-1 hash.
> 
> Also added an example for "if the client only supports HMAC-SHA-1", to make
> the hash agility logic more clear.
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party  
> can log in to change the status and edit the report, if necessary. 
> 
> --------------------------------------
> RFC7635 (draft-ietf-tram-turn-third-party-authz-16)
> --------------------------------------
> Title               : Session Traversal Utilities for NAT (STUN) Extension for
> Third-Party Authorization
> Publication Date    : August 2015
> Author(s)           : T. Reddy, P. Patil, R. Ravindranath, J. Uberti
> Category            : PROPOSED STANDARD
> Source              : TURN Revised and Modernized
> Area                : Transport
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> tram mailing list
> tram@ietf.org
> https://www.ietf.org/mailman/listinfo/tram
-- 
Cheers

Magnus Westerlund 


----------------------------------------------------------------------
Networks, Ericsson Research
----------------------------------------------------------------------
Ericsson AB                 | Mobile +46 73 0949079
Torshamnsgatan 23           |
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email