Re: [tram] Artart telechat review of draft-ietf-tram-stunbis-16

Marc Petit-Huguenin <petithug@acm.org> Tue, 17 April 2018 10:02 UTC

Return-Path: <petithug@acm.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E48512D969; Tue, 17 Apr 2018 03:02:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.441
X-Spam-Level:
X-Spam-Status: No, score=-0.441 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sYc7UUAa7YRA; Tue, 17 Apr 2018 03:02:41 -0700 (PDT)
Received: from implementers.org (unknown [92.243.22.217]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5870012D779; Tue, 17 Apr 2018 03:02:41 -0700 (PDT)
Received: from [IPv6:2601:648:8301:730f:f993:3fc0:2548:9f56] (unknown [IPv6:2601:648:8301:730f:f993:3fc0:2548:9f56]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id DE1EBAE8D8; Tue, 17 Apr 2018 12:02:38 +0200 (CEST)
To: Eric Rescorla <ekr@rtfm.com>, Peter Saint-Andre <stpeter@mozilla.com>
Cc: art@ietf.org, draft-ietf-tram-stunbis.all@ietf.org, IETF discussion list <ietf@ietf.org>, tram@ietf.org
References: <152270998513.17947.16209089088681034529@ietfa.amsl.com> <ec1d7013-4886-6f96-21a2-3c758fc633cf@petit-huguenin.org> <c6df754b-8aea-637c-a8bf-7ccadc0d8704@mozilla.com> <CABcZeBOT50o5OYXEaTf=EONbP1eXGnBv-430JY2OxckUwUTWvw@mail.gmail.com>
From: Marc Petit-Huguenin <petithug@acm.org>
Message-ID: <cc77d9ee-66a3-5085-cd94-409be14bcde3@acm.org>
Date: Tue, 17 Apr 2018 03:02:37 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <CABcZeBOT50o5OYXEaTf=EONbP1eXGnBv-430JY2OxckUwUTWvw@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="m94vs86lfj5OjTdRIFDz8QZiMGYdMacl9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/z4g29_fC_39Pb_ZwLSz_xaCC9aU>
Subject: Re: [tram] Artart telechat review of draft-ietf-tram-stunbis-16
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Apr 2018 10:02:43 -0000

On 04/16/2018 08:12 PM, Eric Rescorla wrote:
> On Mon, Apr 16, 2018 at 5:22 PM, Peter Saint-Andre <stpeter@mozilla.com>
> wrote:
> 
>> Hi Marc, a few further comments inline.
>>
>> On 4/16/18 5:43 PM, Marc Petit-Huguenin wrote:
>>> Hi Peter,
>>>
>>> Thanks for the review and sorry for the delay in responding, I was
>> traveling for the last 4 weeks.
>>>
>>> See my responses inline.
>>>
>>> On 04/02/2018 03:59 PM, Peter Saint-Andre wrote:
>>>> Reviewer: Peter Saint-Andre
>>>> Review result: Ready with Nits
>>>>
>>
>> <snip/>
>>
>>>> The first paragaraph of Section 6.2.3 restates recommendations from RFC
>>>> 7525; why not simply reference that specification?
>>>
>>> The original text in RFC5389 said this:
>>>
>>> " When STUN is run by itself over TLS-over-TCP, the
>>>   TLS_RSA_WITH_AES_128_CBC_SHA ciphersuite MUST be implemented at a
>>>   minimum. [...]"
>>>
>>> The new text is an attempt at updating it in the same spirit of giving
>> minimal instructions and complementing them with a reference to RFC 7525 -
>> which was the reason for the reference to RFC 7525 there.
>>>
>>> So I kept the text there, followed by the following paragraph, in
>> addition of moving the original last paragraph in the Security
>> Consideration section:
>>>
>>> " These recommendations are just a part of the the recommendations in
>>>   [RFC7525] that implementations and deployments of a STUN usage using
>>>   TLS or DTLS SHOULD follow."
>>
>> I would instead suggest that we do something like Section 2 of RFC 7590
>> for XMPP:
>>
>>    The best current practices documented in the "Recommendations for
>>    Secure Use of TLS and DTLS" [RFC7525] are included here by reference.
>>    Instead of repeating those recommendations here, this document mostly
>>    provides supplementary information regarding secure implementation
>>    and deployment of XMPP technologies.
>>
>> Here's the rationale: RFC 7525 is likely to be updated/replaced more
>> quickly than STUNbis. If STUNbis recommends a particular cipher suite
>> that 7525bis stops recommending, in the absence of STUNter will STUN
>> implementations keep following STUNbis or will they upgrade to whatever
>> 7525bis recommends? I suggest it will be the former, which is not what
>> we want.
>>
> 
> I forgot about this in my review, but you should also profile ciphers for
> TLS 1.3.
> 
> -Ekr
> 

Do you have any suggestion for these, or a pointer to a document that I can use to find these?

Thanks.

-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://marc.petit-huguenin.org
Profile: https://www.linkedin.com/in/petithug