IETF Logo Mail Archive

[Uta] is it time for 7525bis?

Peter Saint-Andre <stpeter@mozilla.com> Tue, 17 April 2018 15:23 UTC

Return-Path: <stpeter@mozilla.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90B4712DA14 for <uta@ietfa.amsl.com>; Tue, 17 Apr 2018 08:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mozilla.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tNPjoyZNuw3m for <uta@ietfa.amsl.com>; Tue, 17 Apr 2018 08:23:00 -0700 (PDT)
Received: from mail-it0-x236.google.com (mail-it0-x236.google.com [IPv6:2607:f8b0:4001:c0b::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 471B512D88D for <UTA@ietf.org>; Tue, 17 Apr 2018 08:22:57 -0700 (PDT)
Received: by mail-it0-x236.google.com with SMTP id q85-v6so16717339itc.0 for <UTA@ietf.org>; Tue, 17 Apr 2018 08:22:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mozilla.com; s=google; h=subject:references:to:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to; bh=5rT/sYwXPePQfgKW04FsfsGJkHBxZcWFeKi1UEI2Kjg=; b=Nr3/IQXpEl6/5YtMUnfWaI+iB4ww4Y+ERZAcyH4TbhDIV784HHTFGcDIC1oFa4EIua Nj5Uw4mI7fxxoh4Mj2I0vo0bGZ/IT4QO0zC6piO2iqFlA/MKEDHP4vPFCrLaUbPaT9G1 KXnnhvvfz/p8gn7psM7xQGZUcYu9fFopuqUoY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to; bh=5rT/sYwXPePQfgKW04FsfsGJkHBxZcWFeKi1UEI2Kjg=; b=DmbpgAkWzo3e52uEPJjFxAYtZKxT4+XF1eKuwMQlPV/0smTWCmLwDS1oe3bG7kE1Qy BmWTVaH5wernpPDgkKTzzfdimZGYIn9r0SDMp994SdPT+Gz95NLVgX9s2qjk1vjd0PbM pxUYBSXkv76kLKvXJAn5ULW/t8ds5g0KDxjYP55eSv21eseXfM6aznVR3uSLHqTqq3Qr pDSjUm7l+LyQT9xGO3zqJs0gKCe3TvBWoKT+UsK5bimXU34OiJxeI7nyV6iGsbaRNJoP lS8CzXDFGXLtjn1ryFqGO59sFwlbaCTU2yULmy7ESLkNsKIytplv/Q7IMY2zdJbskicv 54mg==
X-Gm-Message-State: ALQs6tCCkQWc704sU0h8+Hc39OaOWww1Xd0FRSO5yEOLixERQPZoMPhI JVCdif4e7f3dAAa5d5vMjKWZFZ2igZc=
X-Google-Smtp-Source: AIpwx48q4ePvkCIzokvNBkJlzbFBZLuxq0RA53YenEGpN/PpHq2DJatd0M6S7+feRC593cAZY8ZNXQ==
X-Received: by 2002:a24:7f52:: with SMTP id r79-v6mr1636384itc.109.1523978576501; Tue, 17 Apr 2018 08:22:56 -0700 (PDT)
Received: from dragon.local ([76.25.3.152]) by smtp.gmail.com with ESMTPSA id o207-v6sm5961153itc.6.2018.04.17.08.22.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 17 Apr 2018 08:22:55 -0700 (PDT)
References: <dc547535-b6cf-d39c-6c00-8248da5497f6@mozilla.com>
To: UTA@ietf.org
From: Peter Saint-Andre <stpeter@mozilla.com>
Openpgp: preference=signencrypt
Autocrypt: addr=stpeter@mozilla.com; prefer-encrypt=mutual; keydata= xsFNBFonEf4BEADvZ+RGsJoOyZaw2rKedB9pBb2nNXVGgymNS9+FAL/9SsfcrKaGYSiWEz7P Lvc97hWH3LACFAHvnzoktv+4IWHjItvhdi9kUQ3Gcbahe55OcdZuSXXH3w5cHF0rKz9aYRpN jENqXM5dA8x4zIymJraqYvHlFsuuPB8rcRIV9SKsvcy14w9iRqu770NjXfE/aIsyRwwmTPiU FQ0fOSDPA/x2DLjed/GYHem90C5vF4Er9InMqH5KAMLnjIYZ9DbPx5c5EME4zW/d648HOvPB bm+roZs4JTHBhjlrTtzDDpMcxHq1e8YPvSdDLPvgFXDcTD4+ztkdO5rvDkbc61QFcLlidU8H 3KBiOVMA/5Rgl4lcWZzGfJBnwvSrKVPsxzpuCYDg01Y/7TH4AuVkv5Na6jKymJegjxEuJUNw CBzAhxOb0H9dXROkvxnRdYS9f0slcNDBrq/9h9dIBOqLhoIvhu+Bhz6L/NP5VunQWsEleGaO 3gxGh9PP/LMyjweDjPz74+7pbyOW0b5VnIDFcvCTJKP0sBJjRU/uqmQ25ckozuYrml0kqVGp EfxhSKVqCFoAS4Q7ux99yT4re2X1kmlHh3xntzmOaRpcZsS8mJEnVyhJZBMOhqE280m80ZbS CYghd2K0EIuRbexd+lfdjZ+t8ROMMdW5L51CJVigF0anyYTcAwARAQABzSdQZXRlciBTYWlu dC1BbmRyZSA8c3RwZXRlckBtb3ppbGxhLmNvbT7CwZQEEwEIAD4WIQQ1VSPTuPTvyWCdvvRl YYwYf2gUqQUCWicR/gIbIwUJCWYBgAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBlYYwY f2gUqdaREAChG8qU1853mP0sv2Mersns8TLG1ztgoKHvMXFlMUpNz6Oi6CjjaMNFhP7eUY4T D43+yQs7f4qCkOAPWuuqO8FbNWQ+yUoVkqF8NUrrVkZUlZ1VZBMQHNlaEwwu1CGoHsLoRohP SiZ0hpmGTWB3V6cDDK4KN6nl610WJbzE9LeKY1AxtePdJi2KM281U0Fz8ntij1jWu0gF2xU4 Sez46JDogHLWKgd0srauhcCVzZjAhiWrXp1+ryzSWYaZO8Kh8SnF1f4o6jtYikMqkxUaI5nX wvD3kNX4AMSkCAZfG7Jcfj/SLDojTcREgO87g7B9bcOOsHN4lj3lHoFV0aXpgPmjfIvAjJHu fHkXZAQAH8w0u9bgJqRn703+A4NPfLopnjegyhlNi7fQ3cMQV1H7Oj7WrB/pCcprx+1u/6Uq oTtDwWh1U5uVthVAI0QojpNWR08zABDX19TlGtVoeygaQV3CAEolxTiYQtCfVavUzUplCZ/t 3v4YiRov+NylflJd+1akyOs1IAgARf444BnoH1fotkpfXNOpp9wUXXwsQcFRdP7vpMkSCkc0 sxPNTVX3ei0QImp4NsrFdaep7LV3zEb3wkAp6KE5Qno4hVVEypULbvB0G6twNZbeRfcs2Rjp jnPb2fofvg2WhAKB20dnRfIfK8OKTD/P+JDcauJANjmekM7BTQRaJxH+ARAApPwkbOTChAQu jMvteb/xcwuL5JZElmLxIqvJhqybV7JknM+3ATyN0CTYQFvPTgIrhpk4zSn0A6pEePdK8mKK 5/aHyd7pr7rLEi1sI/X3UE8ld/E83MExksKrYbs0UX1wSQwYXU6g64KicnuP2Abqg+8wrQ18 1nPcZci9jJI75XVPnTdUpZD5aaQWGp7IJ06NTbiOk30I50ORfulgKoe4m3UfsMALFxIx3pJk oy76xC2tjxYGf+4Uq1M0iK3Wy655GrcwXq/5ieODNUcAZzvK5hsUVRodBq0Lq3g1ivQF4ba7 RQayDzlW6XgoeU49xnCr9XdZYnTnj4iaPmr2NtY6AacBwRz+bJsyugeSyGgHsnVGyUSMk8YN wZHvUykMjH21LLzIUX5NFlcumLUXDOECELCJwewui4W81sI5Sq/WDJet+iJwwylUX22TSulG VwDS+j66TLZpk1hEwPanGLwFBSosafqSNBMDVWegKWvZZVyoNHIaaQbrTIoAwuAGvdVncSQz ttC6KkaFlAtlZt3+eUFWlMUOQ9jxQKTWymyliWKrx+S6O1cr4hwVRbg7RQkpfA8E2Loa13oO vRSQy/M2YBRZzRecTKY6nslJo6FWTftpGO7cNcvbmQ6I++5cBG1B1eNy2RFGJUzGh1vlYo51 pdfSg0U1oPHBPCHNvPYCJ7UAEQEAAcLBfAQYAQgAJhYhBDVVI9O49O/JYJ2+9GVhjBh/aBSp BQJaJxH+AhsMBQkJZgGAAAoJEGVhjBh/aBSpAw0P/1tEcEaZUO1uLenNtqysi3mQ6qAHYALR Df3p2z/RBKRVx0DJlzDfDvJ2R/GRwoo+vyCviecuG2RNKmJbf1vSm/QTtbQMUjwut9mx6KCY CyKwniqdhaMBmjCfV2DB2MxxZLYMtDfx/2mY7vzAci7AkjC+RkSUByMEOkyscUydKC/ETdf9 tvI8GhTY/8Q7JSylS3lQA5pMUHiIf+KpSmqKZeBPkGc7nSKM1w1UKUvFAsyyVsiG6A/hWrTr 7tTQAl7YfjtOGE8n4IKGktvrT99bbh9wdWKZ5FdHUN9hx2Q8VP8+0lR1CH2laVFbEwCOv1vM W4cgQDLxwwpo1iOTdHBVtQDxlQ9hPMKVlB1KP9KjchxuiLc24wLmCjP3pDMml4LQxOYB34Eq cgPZ3uHvJZG309sb2wTMTWaXobWNI++ZrsRD5GTmuzF3kkx3krtrq6HI5NSaemxK6MTDTjDN Rj/OwTl0yU35eJXuuryB20GFOSUsxiw00I2hMGQ1Cy9L/+IW6Dvotd8O3LmKh2tFArzXaKLx /rZyGNurS/Go5YjHp8wdJOs7Ka2p1U31js24PMWO6hf6hIiY2WRUsnE6xZNhvBTgKOY6u0KT V6hTevFqEw7OAZDCWUoE2Ob2/oHGZCCMW5SLAMgp7eihF0kGf2S2CmpIFYXGb61hAD8SqSY7 Fn7V
X-Forwarded-Message-Id: <dc547535-b6cf-d39c-6c00-8248da5497f6@mozilla.com>
Message-ID: <941a1270-bdbc-5f65-d546-2dd84666e101@mozilla.com>
Date: Tue, 17 Apr 2018 09:22:54 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <dc547535-b6cf-d39c-6c00-8248da5497f6@mozilla.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="snBUVPUCQmSCHt60vtO2oHF3tQcGNvgRL"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/1uuOLXWmUuwtlKym2Etlrk2XQM8>
Subject: [Uta] is it time for 7525bis?
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Apr 2018 15:23:04 -0000

During ART-ART and IESG review of draft-ietf-tram-stunbis, we realized
that just pointing to RFC 7525 might not be enough anymore, now that the
TLS 1.3 spec has been approved for publication. 7525bis, anyone?

Peter

-------- Forwarded Message --------
Subject: Re: Artart telechat review of draft-ietf-tram-stunbis-16
Date: Tue, 17 Apr 2018 09:11:28 -0600
From: Peter Saint-Andre <stpeter@mozilla.com>
To: Marc Petit-Huguenin <petithug@acm.org>, Eric Rescorla <ekr@rtfm.com>
CC: art@ietf.org, draft-ietf-tram-stunbis.all@ietf.org, IETF discussion
list <ietf@ietf.org>, tram@ietf.org

On 4/17/18 4:02 AM, Marc Petit-Huguenin wrote:
> 
> On 04/16/2018 08:12 PM, Eric Rescorla wrote:
>> On Mon, Apr 16, 2018 at 5:22 PM, Peter Saint-Andre <stpeter@mozilla.com>
>> wrote:
>>
>>> Hi Marc, a few further comments inline.
>>>
>>> On 4/16/18 5:43 PM, Marc Petit-Huguenin wrote:
>>>> Hi Peter,
>>>>
>>>> Thanks for the review and sorry for the delay in responding, I was
>>> traveling for the last 4 weeks.
>>>>
>>>> See my responses inline.
>>>>
>>>> On 04/02/2018 03:59 PM, Peter Saint-Andre wrote:
>>>>> Reviewer: Peter Saint-Andre
>>>>> Review result: Ready with Nits
>>>>>
>>>
>>> <snip/>
>>>
>>>>> The first paragaraph of Section 6.2.3 restates recommendations from RFC
>>>>> 7525; why not simply reference that specification?
>>>>
>>>> The original text in RFC5389 said this:
>>>>
>>>> " When STUN is run by itself over TLS-over-TCP, the
>>>>   TLS_RSA_WITH_AES_128_CBC_SHA ciphersuite MUST be implemented at a
>>>>   minimum. [...]"
>>>>
>>>> The new text is an attempt at updating it in the same spirit of giving
>>> minimal instructions and complementing them with a reference to RFC 7525 -
>>> which was the reason for the reference to RFC 7525 there.
>>>>
>>>> So I kept the text there, followed by the following paragraph, in
>>> addition of moving the original last paragraph in the Security
>>> Consideration section:
>>>>
>>>> " These recommendations are just a part of the the recommendations in
>>>>   [RFC7525] that implementations and deployments of a STUN usage using
>>>>   TLS or DTLS SHOULD follow."
>>>
>>> I would instead suggest that we do something like Section 2 of RFC 7590
>>> for XMPP:
>>>
>>>    The best current practices documented in the "Recommendations for
>>>    Secure Use of TLS and DTLS" [RFC7525] are included here by reference.
>>>    Instead of repeating those recommendations here, this document mostly
>>>    provides supplementary information regarding secure implementation
>>>    and deployment of XMPP technologies.
>>>
>>> Here's the rationale: RFC 7525 is likely to be updated/replaced more
>>> quickly than STUNbis. If STUNbis recommends a particular cipher suite
>>> that 7525bis stops recommending, in the absence of STUNter will STUN
>>> implementations keep following STUNbis or will they upgrade to whatever
>>> 7525bis recommends? I suggest it will be the former, which is not what
>>> we want.
>>>
>>
>> I forgot about this in my review, but you should also profile ciphers for
>> TLS 1.3.
>>
>> -Ekr
>>
> 
> Do you have any suggestion for these, or a pointer to a document that I can use to find these?

Off-topic: it sounds like we might need to start work on 7525bis...

Peter

v2.23.0 | Report a Bug | By Email