Re: [TLS] Working group last call on draft-ietf-tls-extractor-03

[<Pasi.Eronen at nokia.com>]

<not wearing hats>

In general, the document looks good; I have only minor nits:

In Section 4, the context value is shown as "opaque
context<0..2^16-1>" (and Alfred pointed out that it probably should be
"context_value").  Now, if the PRF computation (slightly earlier in
Section 4) uses the normal TLS presentation language notation
(not an unreasonable assumption!), it would mean the length is included 
twice (two uint16). That's probably not the intention (but folks
have been confused about the exact number of length fields before,
and this did cause some interop problems around TLS 1.0 time). My 
suggestion would be just to delete the line "opaque context<0..2^16-1>"; 
it's not really needed, and without it, everything looks umambiguous.

It might be good to explicitly point out that designing a secure
mechanism that uses this extractor is rather difficult, and this
document does not tell how to do it (and IMHO does not need to).
The extractor gives you a key (that's easy), but the difficult part 
is securely agreeing on everything else in the "security assocation" 
or "application context". Although Section 3 gives some ideas on how 
this can be done, it's very far from "here's how you securely use 
this thing" instructions.

Editorial:
- Section 5: "MUST not" -> "MUST NOT" 
- Missing Reference: 'DTLS-SRTP' is mentioned on line 114, but not defined
- Missing Reference: 'RFC2716' is mentioned on line 211, but not defined
- Obsolete undefined reference: RFC 2716 (Obsoleted by RFC 5216)
- Obsolete normative reference: RFC 2434 (Obsoleted by RFC 5226)
- Obsolete normative reference: RFC 4346 (Obsoleted by RFC 5246)

Best regards,
Pasi

> -----Original Message-----
> From: tls-bounces at ietf.org [mailto:tls-bounces at ietf.org] On 
> Behalf Of ext Joseph Salowey (jsalowey)
> Sent: 06 November, 2008 20:16
> To: tls at ietf.org
> Subject: [TLS] Working group last call on draft-ietf-tls-extractor-03
> 
> This is a working group last call for review of the
> draft-ietf-tls-extractor-03.  The last call will last until 
> December 4,
> 2008, but it would be most useful if comments were received before the
> TLS session at the IETF meeting in Minneapolis on November 20, 2008.
> This will allow us to discuss issues in the meeting and 
> resolve them in
> a timely fashion. 
> 
> The document is available here:
> 
> http://tools.ietf.org/html/draft-ietf-tls-extractor-03
> 
> Thanks,
> 
> Joe
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls
> 
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls