IETF Logo Mail Archive

[Uta] Review draft-ietf-uta-ciphersuites-in-sec-syslog-01

"Fries, Steffen" <steffen.fries@siemens.com> Thu, 04 August 2022 08:18 UTC

Return-Path: <steffen.fries@siemens.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EFC3C15C521 for <uta@ietfa.amsl.com>; Thu, 4 Aug 2022 01:18:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JFq89I5F9b-Z for <uta@ietfa.amsl.com>; Thu, 4 Aug 2022 01:18:13 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130040.outbound.protection.outlook.com [40.107.13.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 487B4C15A738 for <uta@ietf.org>; Thu, 4 Aug 2022 01:18:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DhF/zQzs56yOmDObnRLzzVBBD8ElCMFqk0YBuUhHSB96Td/xwmsF2CwdUUkmomavP37l5CdIRCD4oogpXFNY23rg6OuXg1DTxOUJNVltV2kQQeaDWM7pTPfXZ2Z9Zy0NyslN/AnWAQMNOpY4ZWaLebQLD7YEWxtoj8i9S/oKDFzZzFqp7lR/L2Po3ewE8fQBr8+fd5OYFWioUMZhUd7GOrAg82ObQb1geAh64MO1CNwO/OMJaww1YaOT/pNsQ2299N+k6lcJ2m54Y285SccnZ+oc+QCcRQ9rUO875Wwqa6hQUpXshOpVPPUObjfw2pTPEE9AU88W36fBW4q43DGTww==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TJrG/vfXUIA2yvqK2F5pFXp5vE2JmcjOQ5KdpZzvKPQ=; b=JrN0Gn1bfBACy03r45WOLBgo42FrO9huUjk37nEms5iRNKU8LHFjvORoSwdLlBqIGCRrtZXWe0t++PwUsS+UAj3JgoimEUGDbDdpmHs8G8fCZcTsLWrjQe1MBWaAD1jBrawft6OXo/E9AxrW4fDKCu7I0309K/CzRvg/kI2HmSZcHkOvN8A5fJtW8YT1IUR681Th2awmJsyfcMj7sdoQoiGxpAhnTVvmitE11nQWcItD4LNGH7aJHuXX/8PvDPBwYpy+tR8rlu/sXaOpwoiyEsYI5Bb7s6dwxMR8FURPYqz3mageBJ3ix+riFnkMFdOKfW8kbXq8Oas4WgjSO7Gd5g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TJrG/vfXUIA2yvqK2F5pFXp5vE2JmcjOQ5KdpZzvKPQ=; b=YWjOMBhA8h8kqFhHktYOwoCWu1JTjK8cSvJIMXA43IgV3Z01jiE4/OWRFvA3zWU2E3DqAgMxJLV5sFC6Hc0VSGp8voZbxJsRB/sKrQbxJ/C1Q/fUWK+ZMl00RHQy6TcGUXawD0SFGjQ7/uh0oRrPiaBhU5QdopmcH4oT8f3uW4P5m5g80zA0hrI4WVAzuk7+63tPd40SwiXGhiAqP/OnxqwXv/EUyLyUYq/EiubYYwrshJiBJpO2ve/nZxm3qg47wl+XaSUSxBYr1+146b9HUN2lYXcg8phfIZJrwXiA012hyZLzL7K7lzyNo8XPWCeyFlQ6x3lKKOWmMX0S+SGx+Q==
Received: from DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:348::20) by DB9PR10MB4556.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:225::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.14; Thu, 4 Aug 2022 08:18:08 +0000
Received: from DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM ([fe80::405:762:e31:e99a]) by DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM ([fe80::405:762:e31:e99a%4]) with mapi id 15.20.5482.016; Thu, 4 Aug 2022 08:18:08 +0000
From: "Fries, Steffen" <steffen.fries@siemens.com>
To: "uta@ietf.org" <uta@ietf.org>
Thread-Topic: Review draft-ietf-uta-ciphersuites-in-sec-syslog-01
Thread-Index: Adin1oq8XqUCX0k/Sk2HxeqwtdQQtw==
Date: Thu, 04 Aug 2022 08:18:08 +0000
Message-ID: <DU0PR10MB519676A736A0ABEC4BB2B634F39F9@DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2022-08-04T08:18:07Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=4a5a6aa3-8e2c-45ac-b7b5-e2a0912bf838; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 26ef74fa-b63c-4bbd-da49-08da75f1dd3c
x-ms-traffictypediagnostic: DB9PR10MB4556:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qZt4EYm/W7wW5YMU0BEMlFak++pDdKxks93qgYgfUENPFO6vMgav9QgPZQUd2xx1TeE6/ChO5SiJCu1d1OCf7qOgLzts5ohJ0xH9+TqH8Sh7jb2Fnk6Xg44zTavJjLKjyBW8JZusG9X1bjq398jNuV6xOp7r0T1TWkggwavZpJgtDGtE3zX2ss8hQG8M0GAF2sa7IbXQcJd9bmiGY7M/swU6o39UaaF8SUqQAzwTpCPlzILmXRc/4DzQCqJZlRHyyT/hAcUUr29zd5VgEbCRhtOWA6JooYKiIZMEHcb2Wyt4jDcG4pu2GlmLF5KcwKyyJV0uNTVTG3yqQ63lnDPX1ghaSeEBeA8GD+L4/928aLBFOxjOcEY7+YwM9KiEmYxV2+TlHl+KZ6TW10pA/pFMOtHx/tVzMGMkWaayvGU96Yvq8PVNnt96csKdpvQ5qQ/LP5oyCVLBeqIw31qd8omQ3VEb+Tc+UUAtRmFgXHmMEOnaFpyjXF1dpuqzkJ0E1WM3XSBy1j2ZCPqA7U3/jTe1z0iU3TvZms8R/qkFKcv1N4QngB64wdIHfcLbT2JIWXfcn1fbrmuljf/9v4JnubeSOnDZyc0IwHoyDLLAf7Vj1qLJYPq5jn8BqfQXF5jJQort3NcqB3PLmhr/rXs5pclKpkG3AAXP4P8fkJ9lDrzJ9aHtPw/EDxnX+JtpNeNxRYYew1vVkJoLZOCLkjnin/e+IYrOK9dHUZQO0ws/MoWQxXwETRPe99Hf5vJ46T7L6FffSxg6zYLyJRqoOWLhbtpWVwleDoJxfhHaa0wi/ISfvyKVsazWzjXUejNdl0iND4Mn
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(39860400002)(376002)(136003)(396003)(346002)(6916009)(8936002)(26005)(9686003)(316002)(38100700002)(186003)(122000001)(5660300002)(66476007)(64756008)(66446008)(8676002)(71200400001)(76116006)(66556008)(52536014)(7696005)(41300700001)(6506007)(83380400001)(82960400001)(478600001)(55016003)(9326002)(33656002)(86362001)(38070700005)(66946007)(2906002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: KZmpZv/C5r/uUeHFRYNlWP1q3n34jHXobEZVzHM5PPNW/L6eprmLAwHJhTwHCoyFYPXDvwFeYHZ+9YvPE1K1t0Jf5iW3eYEbKpN3W1a1lKo6BAB5gS77uk1IQUGIrAvcilccO589zpfeoF66za5USQ2zLlVrDJS4ddzsc8hevVjW61dvW199C4nszxehtDQFHn/KpAh/DSrgnVjNd6Y2aRC5W9tL+rIDA5ZRP2mOfnhanoIkBgpFuD9HTUjdWujsEp1IKM/LvNPtPRGPrLNfCC2dT0t70xbHdDUOVH9QcQvRG184YT0EoXyCk4R7XxXF1UJ7pC8YcfepSU3cQf9ub/lTE8O3zwr20dYZum+ojPccwbAVaBbd2u2qnnzjgfP7F9mTTw+1eEJfa96n2gqAM8YmdM4hP4oww6fNAYBJMKChXuVrH43hRaHCQGBl6iefzJ13E5IoIxUDV3d3FRRFWmjb89dDL3Aj923Numq7+eRKPdi77cnK97W7uG7wBs/hPyyt5BX2uoBKZgVv6F6KtJeQ8kL/hlnMU0xc7Elt4U3bxFPYaBGubeIy9HjNWCpm78nIE45WRAD+M0Qe/YfTCqJVRsxjAnNpd4ioW2olJAL3GZ8OOD12ER50HqXE9+g82PX2Nnht4le0d7l2i3ZqI3zbYQlruAvDLYbNa7IlMyQaX66pmCUPFL2HL8kIJe5S48TXgbXhRQjgsEPkJ7ApNAWiXLQcPU++kUqDhruATMX1BlStkDg5+HxPuDXlUk/7tWFhYlw/8iORvZPNnkHfahcp3C8YUxMuxkFsfM2oRoVRvOEKqF5kTdblgUNXCkj8J0ve+IH/Yn6tF18ZpDR4CE+DOJ7yu5B4yYRHkmRay8eIccaJIwrK6ytvwJW8kzXkPWxU2dBKxctbgcp/0Y196rY/3Ahgx5oUseoRn8821iC8PU6Z7NysQ964KxmK3zEajDWzH3Eb2EfkTy3ubgcyubPsMHSZjz6wWPFLiqYNJ1FYZzpLX0s6n/uRwS3q0OP/9aF38HHIDf84SH7N2odS5gutfyGcbemdH6HchdaBpt+Zo12BiODK3rB7BT/8brF5ETRbuDSjD6ZTnbx1fQ5Ey0A2pimW8l4UjnnnG8PrizpecL815p3BEpkdHSyWy6T4iOTaWT72aIEWOoPLPEoSuUgBDC3WqsYEx3AtbJuzoTMKqla0pmqpS+DwdJDlzGFcrQKABQD4QLrqCrAER6DWEMFJpvpukEiqHWTl6nQKpsALfTy6pAvjpRFq42HQT2rv2NBU4lkHmAX/E1yuxy3CvGybuc+h0o9xCekSq40OXqVV3QymM/c99av7HcpKqGy8lm5V9Uq69eBvoKCXR1lf1bmReiaPdrIu2sNvWgGGgrgx9Ckie7hOVC4kbo+kkvi29i/du/JcNQlDDvy0dgpIEVeeAHQjysijeWikDTtybCueZ50uh0fKx/D3kLmgi4si3nZ/yoUOjOx70oYs7+x79maUfpC0c0BCVWBURZj9GmrvWBLmyGoCHUmhhQZyFKFY6+OR3c//YARJaY3JGm6t7bvsJlGitkzo5pGLbthuP56suXINwAHn4FRm8m2w3QY6CHpRi90ykgMrX4eAwai4Jw==
Content-Type: multipart/alternative; boundary="_000_DU0PR10MB519676A736A0ABEC4BB2B634F39F9DU0PR10MB5196EURP_"
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB5196.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 26ef74fa-b63c-4bbd-da49-08da75f1dd3c
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Aug 2022 08:18:08.5354 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: y26xdP+Oo6h+4ka15PXElCiw0567iqf+FfHtjjML78YUxNs+yC+GiurQErt+BHNsqIgx4QHlmrSuxzn0t/ShXqKIg4xtAU0AUFRNI0oVkbI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR10MB4556
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/zF2_5zuShaJc-z8b590XTHWY4qM>
Subject: [Uta] Review draft-ietf-uta-ciphersuites-in-sec-syslog-01
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Aug 2022 08:18:18 -0000

Hi,

During the UTA WG meeting I volunteered to review the latest draft  draft-ietf-uta-ciphersuites-in-sec-syslog-01. Thank you again to the Chris, Sean, and Jo for the update to syslog security as it is directly used / referenced in IEC TC57 WG15 documents.

I just found some nits in the draft:

  *   Section 3
     *   The reference to I-D.salowey-tls-rfc8447bis is outdated and should refer to draft-ietf-tls-rfc8447bis instead
     *   Reference to I-D.saviram-tls-deprecate-obsolete-kex is outdated and should be replaced by draft-ietf-tls-deprecate-obsolete-kex


  *   Section 5
     *   Reference to I-D.ietf-tls-dtls13 should refer to RFC 9147
     *   The Editors not may be deleted as section 6 specifies that early data must not be used.
  *   Section 7
     *   The text that will be reflected in the IEC 62351 document handling security events utilizing syslog (IEC 62351-14) needs to be updated. The ciphersuite selected in draft-ietf-uta-ciphersuites-in-sec-syslog-01 is also part of IEC 62351-3 on one hand. On the other hand, draft-ietf-uta-ciphersuites-in-sec-syslog-01 may likely become an RFC earlier than IEC 62351-14 becomes a standard. Therefore, the text for IEC 62351-14 can be shortened by simply referencing the new RFC. As the text in this draft will be removed prior to publication, I don't see a need to update it.

Best regards
Steffen

v2.23.0 | Report a Bug | By Email