HMAC-SHA-2 Authentication Protocols in the User-based Security Model (USM) for SNMPv3
draft-ietf-opsawg-hmac-sha-2-usm-snmp-06
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2015-10-14
|
06 | (System) | Notify list changed from warren@kumari.net, draft-ietf-opsawg-hmac-sha-2-usm-snmp.ad@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp@ietf.org, opsawg-chairs@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp.shepherd@ietf.org to (None) |
2015-10-12
|
06 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2015-08-14
|
06 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2015-08-10
|
06 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2015-06-29
|
06 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2015-06-29
|
06 | (System) | RFC Editor state changed to EDIT from MISSREF |
2015-06-29
|
06 | (System) | RFC Editor state changed to MISSREF from EDIT |
2015-06-29
|
06 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2015-06-26
|
06 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2015-06-24
|
06 | Cindy Morgan | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2015-06-24
|
06 | (System) | RFC Editor state changed to EDIT |
2015-06-24
|
06 | (System) | Announcement was received by RFC Editor |
2015-06-24
|
06 | (System) | IANA Action state changed to In Progress |
2015-06-24
|
06 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2015-06-24
|
06 | Amy Vezza | IESG has approved the document |
2015-06-24
|
06 | Amy Vezza | Closed "Approve" ballot |
2015-06-24
|
06 | Amy Vezza | Ballot approval text was generated |
2015-06-24
|
06 | Joel Jaeggli | IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed |
2015-05-15
|
06 | Gunter Van de Velde | Closed request for Last Call review by OPSDIR with state 'No Response' |
2015-05-15
|
06 | Tero Kivinen | Closed request for Last Call review by SECDIR with state 'No Response' |
2015-05-14
|
06 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation |
2015-05-14
|
06 | Stephen Farrell | [Ballot comment] I'm a yes on this, but am still holding my nose:-) The yes is because it's a fine thing to make sure that … [Ballot comment] I'm a yes on this, but am still holding my nose:-) The yes is because it's a fine thing to make sure that up-to-date options for securing protocols are available. The nose-holding is because defining multiple options that aren't significantly different in strength (if one assumes that key management is the likely weakest link) is a bad plan. In case it helps, my main logic for not wanting all these options is that it is overwhelmingly more likely that the code to switch between them or react to which you've received or to configure things will (due to bugs etc.) weaken security much much much more than the existence of more than one of these options could ever strengthen security. (Put another way the probability of a security bug due to adding N things here is far far higher than the probability that having N things saves the day when N-1 of them are no longer considered good crypto at some point.) So by defining more of these you are doing worse than if you only defined one of these. (The fact that all sha2 digests have the same internal structure is part of but not all of this argument.) On truncation, I'd argue that if that was a significant benefit then it'd be used everywhere and it is not. In fact I don't believe truncation is used anywhere else when there's no protocol (e.g. PDU/fragmentation) issue that causes us to want shorter MACs. I also believe that even those who for truncation would agree that the benefit of reasonable-length truncation is definitely an insignificant benefit, if any, and would also agree that that's a matter of taste when it comes to sha2 variants of hmac (assuming the protocol can live with full length, as in this case). Bottom line: Discuss is cleared and I'm out of the way, but with a heartfelt plea that you ditch all of these but one. And then ditch truncation too. And so end up with just adding hmac-sha2 as many other protocols have done. |
2015-05-14
|
06 | Stephen Farrell | [Ballot Position Update] Position for Stephen Farrell has been changed to Yes from Discuss |
2015-05-14
|
06 | Stephen Farrell | [Ballot discuss] Thanks for defining these. I do have a thing do briefly discuss before balloting yes. I'll be getting out of your way very … [Ballot discuss] Thanks for defining these. I do have a thing do briefly discuss before balloting yes. I'll be getting out of your way very shortly, but I want to check first to see if you agree with me that this could be simpler and more useful. I note the following: - You're defining a bunch of HMAC options. - Additional options for fun isn't a good idea with crypto. - There may be platforms that do not have good APIs for SHA224 or SHA384. - HMAC-SHA256 without any truncation is considered perfectly fine for this purpose and is widely used elsewhere. - You don't need truncation for protocol reasons. To me, that implies that this would be better if it *only* defined a non-truncated HMAC-SHA256 option and if all of the rest were removed. Do you agree that doing so would achieve just as much of a security improvement, but with less complexity for implementation, test and interop? If so, should we just do that? |
2015-05-14
|
06 | Stephen Farrell | [Ballot Position Update] New position, Discuss, has been recorded for Stephen Farrell |
2015-05-13
|
06 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2015-05-13
|
06 | Cindy Morgan | Changed consensus to Yes from Unknown |
2015-05-13
|
06 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2015-05-13
|
06 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2015-05-13
|
06 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-05-12
|
06 | Benoît Claise | Notification list changed to warren@kumari.net, draft-ietf-opsawg-hmac-sha-2-usm-snmp.ad@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp@ietf.org, opsawg-chairs@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp.shepherd@ietf.org from opsawg-chairs@ietf.org, "Warren Kumari" <warren@kumari.net> |
2015-05-12
|
06 | Benoît Claise | [Ballot comment] Editorial: - OLD: ORGANIZATION "SNMPv3 Working Group" NEW: ORGANIZATION "OPSAWG Working Group" - The copyright within the … [Ballot comment] Editorial: - OLD: ORGANIZATION "SNMPv3 Working Group" NEW: ORGANIZATION "OPSAWG Working Group" - The copyright within the MIB should be 2015 |
2015-05-12
|
06 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2015-05-12
|
06 | Kathleen Moriarty | [Ballot comment] Thanks for your work on this draft! It's great to see the improvements in security. This is just a comment and not critical … [Ballot comment] Thanks for your work on this draft! It's great to see the improvements in security. This is just a comment and not critical at all… I found this sentence at the bottom of the second bullet of 4.1 a little odd: as opposed to the truncation to 12 octets in HMAC-MD5-96 and HMAC- SHA-96. Since the guideline is to truncate the size in half and have 80 or more bits for a HMAC, you are covered and already cite the appropriate RFCs. Is this there just for history of previous solutions? Or would it be better to just state the guidance so folks understand why you chose the truncation size? You can do nothing with my comment, it's just a question as the text had me curious. And I see that you have included the HMAC truncation guidance in the security considerations section already. |
2015-05-12
|
06 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2015-05-12
|
06 | Christer Holmberg | Request for Telechat review by GENART Completed: Ready. Reviewer: Christer Holmberg. |
2015-05-12
|
06 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2015-05-11
|
06 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-05-09
|
06 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2015-05-09
|
06 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2015-05-07
|
06 | Jean Mahoney | Request for Telechat review by GENART is assigned to Christer Holmberg |
2015-05-07
|
06 | Jean Mahoney | Request for Telechat review by GENART is assigned to Christer Holmberg |
2015-05-06
|
06 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2015-04-30
|
06 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2015-04-29
|
06 | Joel Jaeggli | Placed on agenda for telechat - 2015-05-14 |
2015-04-29
|
06 | Joel Jaeggli | IESG state changed to IESG Evaluation from Waiting for Writeup |
2015-04-29
|
06 | Joel Jaeggli | Ballot has been issued |
2015-04-29
|
06 | Joel Jaeggli | [Ballot Position Update] New position, Yes, has been recorded for Joel Jaeggli |
2015-04-29
|
06 | Joel Jaeggli | Created "Approve" ballot |
2015-04-29
|
06 | Joel Jaeggli | Ballot writeup was changed |
2015-04-21
|
06 | Johannes Merkle | IANA Review state changed to Version Changed - Review Needed from IANA - Not OK |
2015-04-21
|
06 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-06.txt |
2015-04-20
|
05 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2015-04-17
|
05 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
2015-04-17
|
05 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed [draft-enter-here]. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon … IESG/Authors/WG Chairs: IANA has reviewed [draft-enter-here]. Authors should review the comments and/or questions below. Please report any inaccuracies and respond to any questions as soon as possible. We received the following comments/questions from the IANA's reviewer: IANA has a question about one of the actions requested in the IANA Considerations section of this document. Upon approval of this document, IANA understands that there are two actions which must be completed. First, in the SMI Network Management MGMT Codes Internet-standard MIBsubregistry of the Network Management Parameters registry located at: http://www.iana.org/assignments/smi-numbers a new MIB will be registered as follows: IANA Question --> What is the description for the registration below? Decimal: [ TBD by IANA at time of registration ] Name: snmpUsmHmacSha2MIB Description: [ TBD-based-on-question-above ] References: [ RFC-to-be ] Second, in the SnmpAuthProtocols subregistry of the Simple Network Management Protocol (SNMP) Number Spaces registry located at: http://www.iana.org/assignments/snmp-number-spaces/ four new registrations will be made as follows: Value: Description: Reference: ------------------------------------------------------------------- [ TBD-at-regisitration ] usmHMAC128SHA224AuthProtocol [ RFC-to-be ] [ TBD-at-regisitration ] usmHMAC192SHA256AuthProtocol [ RFC-to-be ] [ TBD-at-regisitration ] usmHMAC256SHA384AuthProtocol [ RFC-to-be ] [ TBD-at-regisitration ] usmHMAC384SHA512AuthProtocol [ RFC-to-be ] IANA understands that these two actions are the only ones required upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed. Please note that IANA cannot reserve specific values. However, early allocation is available for some types of registrations. For more information, please see RFC 7120. |
2015-04-11
|
05 | Christer Holmberg | Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: Christer Holmberg. |
2015-04-09
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Mahalingam Mani |
2015-04-09
|
05 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Mahalingam Mani |
2015-04-09
|
05 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2015-04-09
|
05 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2015-04-09
|
05 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to David Waltermire |
2015-04-09
|
05 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to David Waltermire |
2015-04-06
|
05 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2015-04-06
|
05 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (HMAC-SHA-2 Authentication Protocols in USM … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (HMAC-SHA-2 Authentication Protocols in USM for SNMP) to Proposed Standard The IESG has received a request from the Operations and Management Area Working Group WG (opsawg) to consider the following document: - 'HMAC-SHA-2 Authentication Protocols in USM for SNMP' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-04-20. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This memo specifies new HMAC-SHA-2 authentication protocols for the User-based Security Model (USM) for SNMPv3 defined in RFC 3414. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-opsawg-hmac-sha-2-usm-snmp/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-opsawg-hmac-sha-2-usm-snmp/ballot/ No IPR declarations have been submitted directly on this I-D. |
2015-04-06
|
05 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested |
2015-04-06
|
05 | Cindy Morgan | Last call announcement was generated |
2015-04-05
|
05 | Joel Jaeggli | Last call was requested |
2015-04-05
|
05 | Joel Jaeggli | Last call announcement was generated |
2015-04-05
|
05 | Joel Jaeggli | Ballot approval text was generated |
2015-04-05
|
05 | Joel Jaeggli | Ballot writeup was generated |
2015-04-05
|
05 | Joel Jaeggli | IESG state changed to Last Call Requested from AD Evaluation |
2015-03-24
|
05 | Joel Jaeggli | IESG state changed to AD Evaluation from Publication Requested |
2015-03-24
|
05 | Warren Kumari | (1) What type of RFC is being requested: Standards Track - this document request an assignment from the SnmpAuthProtocols registry (http://www.iana.org/assignments/snmp-number-spaces/snmp-number-spaces.xhtml#snmp-number-spaces-5) which requires … (1) What type of RFC is being requested: Standards Track - this document request an assignment from the SnmpAuthProtocols registry (http://www.iana.org/assignments/snmp-number-spaces/snmp-number-spaces.xhtml#snmp-number-spaces-5) which requires a Standards Track document. (2) Technical Summary: This memo specifies new HMAC-SHA-2 authentication protocols for USM using an HMAC based on the SHA-2 family of hash functions. They are straightforward adaptations of the authentication protocols HMAC-MD5-96 and HMAC-SHA-96 to the SHA-2 based HMAC. Working Group Summary: During the adoption call we discovered that there was another document (https://datatracker.ietf.org/doc/draft-hartman-snmp-sha2/) which did something very similar. This document had been written earlier, but neither the document authors, nor most of the OpsAWG WG was aware of it. The CfA stalled for a long time while we asked the WG to decide which option they proffered, and to see if there was a clean way to combine the two documents. In the end, the authors of hartman-snmp-sha2 agreed that this document (hmac-sha-2-usm-snmp) should progress. Document Quality: The document is well written and clear. David Reid (at least) has implemented this ("We have also implemented it (using private OIDs for now).") Personnel: Warren Kumari will be the document shepherd. Joel Jaeggli will be the AD. (3) The DS is also the chair of the WG. He followed the document during its lifetime. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? Nope. The right set of people reviewed the document. We got sufficient review during the WGLC, but also got lots of review during the CfA. What the document is an important maintenance activity, not new protocol design. (5) Do portions of the document need review from a particular or from broader perspective: Nope. (6) Describe any specific concerns or issues: None (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. Yes. (8) Has an IPR disclosure been filed that references this document? Nope. (9) How solid is the WG consensus behind this document? Good consensus. See Answer 4. (10) Has anyone threatened an appeal? Nope. (11) Identify any ID nits the Document Shepherd has found in this document. None! (12) Describe how the document meets any required formal review criteria: The document shepherd extracted the MIB and then ran (online) MIB tests, at maximum strictness levels. After making some fixups (e.g: replacing 'aa' (to be assigned by IANA) with numbers) it linted fine. Michael MacFaden also checked it and found it clean. (13) Have all references within this document been identified as either normative or informative? Yes. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? No. (15) Are there downward normative references references (see RFC 3967)? ** YES ** Normative reference to an Informational RFC 2104 Non-RFC normative reference 'SHA' Normative reference to an Informational RFC 6234 RFC 2104 and RFC 6234 are in the downregreg (which is currently throwing 500 Errors) SHA references: National Institute of Standards and Technology, "Secure Hash Standard (SHS)", FIPS PUB 180-4, March 2012. Note that RFC2014 and RFC6234 also reference versions of this document. (16) Will publication of this document change the status of any existing RFCs? Nope. (17) Describe the review of the IANA considerations section. The IANA registry section is clear, and matches up with the requests in the document. (18) Any new IANA registries? None. (19) Describe reviews and automated checks performed by the Document Shepherd. Shepherd ran online MIB checker at max strictness. Michael MacFaden and Juergen Schoenwaelder also checked. The MIB checker threw some errors, but these were all for things like '{ snmpAuthProtocols dd } -- dd to be assigned by IANA'. Replacing these with numbers made things happy. |
2015-03-24
|
05 | Warren Kumari | Responsible AD changed to Joel Jaeggli |
2015-03-24
|
05 | Warren Kumari | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2015-03-24
|
05 | Warren Kumari | IESG state changed to Publication Requested |
2015-03-24
|
05 | Warren Kumari | IESG process started in state Publication Requested |
2015-03-24
|
05 | Warren Kumari | Tag Revised I-D Needed - Issue raised by WGLC cleared. |
2015-03-24
|
05 | Warren Kumari | Intended Status changed to Proposed Standard from None |
2015-03-24
|
05 | Warren Kumari | Changed document writeup |
2015-03-23
|
05 | Warren Kumari | Changed document writeup |
2015-03-23
|
05 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-05.txt |
2015-03-23
|
04 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-04.txt |
2015-03-06
|
03 | Warren Kumari | Notification list changed to opsawg@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp.all@ietf.org, opsawg-chairs@ietf.org, "Warren Kumari" <warren@kumari.net> from opsawg@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp.all@ietf.org, opsawg-chairs@ietf.org |
2015-03-06
|
03 | Warren Kumari | Document shepherd changed to Warren Kumari |
2015-03-06
|
03 | Warren Kumari | Minor changes / nits raised. |
2015-03-06
|
03 | Warren Kumari | Tag Revised I-D Needed - Issue raised by WGLC set. |
2015-03-06
|
03 | Warren Kumari | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2015-02-23
|
03 | Warren Kumari | IETF WG state changed to In WG Last Call from WG Document |
2015-02-18
|
03 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-03.txt |
2015-02-17
|
02 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-02.txt |
2015-01-19
|
01 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-01.txt |
2014-12-19
|
00 | Benoît Claise | Notification list changed to opsawg@ietf.org, draft-ietf-opsawg-hmac-sha-2-usm-snmp.all@tools.ietf.org, opsawg-chairs@tools.ietf.org |
2014-12-12
|
00 | Johannes Merkle | New version available: draft-ietf-opsawg-hmac-sha-2-usm-snmp-00.txt |