Skip to main content

Mutual Authentication Protocol for HTTP: Cryptographic Algorithms Based on the Key Agreement Mechanism 3 (KAM3)
draft-ietf-httpauth-mutual-algo-07

Yes

(Kathleen Moriarty)
(Stephen Farrell)

No Objection

Alvaro Retana
(Alexey Melnikov)
(Alia Atlas)
(Alissa Cooper)
(Deborah Brungard)
(Jari Arkko)
(Joel Jaeggli)
(Spencer Dawkins)
(Suresh Krishnan)
(Terry Manderson)

Note: This ballot was opened for revision 06 and is now closed.

Alvaro Retana
No Objection
Kathleen Moriarty Former IESG member
Yes
Yes (for -06)

                            
Stephen Farrell Former IESG member
Yes
Yes (for -06)

                            
Alexey Melnikov Former IESG member
No Objection
No Objection (for -06)

                            
Alia Atlas Former IESG member
No Objection
No Objection (for -06)

                            
Alissa Cooper Former IESG member
No Objection
No Objection (for -06)

                            
Ben Campbell Former IESG member
No Objection
No Objection (2016-11-02 for -06)
I agree with Mirja that the IPR section in this draft seems misplaced, and applies more to the mutual-auth mechanism draft. If it needs to stay in this draft, please see my comment about the similar section in the mutual-auth draft.
Benoît Claise Former IESG member
No Objection
No Objection (2016-11-01 for -06)
Some editorial comments from our OPS-DIR reviewer, Qin Wu.

This document defines four HTTP Mutual authentication algorithms which use with Mutual authentication protocol for HTTP, two for Discrete Logarithm settings, two for elliptic curve settings. In addition, the security of this algorithm is well analyzed.

There is no major issue. I believe this document is ready for publication. Here are a few editorial comments I like to ask authors to consider:

Minor issues:

1.       Section 1.1 said:

“

When a natural

   number output is required, the notation INT(H(s)) is used.

 

”

I will see INT(H(s)) as a formula to convert H(s) into natural number

2.       Section 2, 1st paragraph:

What is DL-based notations? Can you expand DL? Is it Description Logic or something else?

You can consider to add acronym and abbreviation section.

3.Section 2, 2nd paragraph and the figure that describe protocol exchange for four value

Where you define the first two messages in this draft? Are you referred to the first messages that contain ID, K_c1 and K_s1 respectively in the figure? I don’t see you specify message format or give a message name? I don’t see you related text with the message shown in the figure?

 

In addition, where the last two message defined in [I-D.ietf-httpauth-mutual]? Can you provide section number?

By reading [[I-D.ietf-httpauth-mutual], I see K_c1, K_s1, VK_c,VK_s has already been defined in [[I-D.ietf-httpauth-mutual], I feel confused and am wondering if this draft really defines the first two messages? Or four message shown in the figure are all defined in the [[I-D.ietf-httpauth-mutual].

 

4.Section 3.1, 3rd paragraph said:

“

The functions named octet(), OCTETS(), and INT() are those defined in

the core specification [I-D.ietf-httpauth-mutual].

“

Is the core specification [I-D.ietf-httpauth-mutual]the core document mentioned in section 3? If yes, please make them consistent.

 

5.Section 3.3, symbol “G”

g: for "the generator" associated with the group.

How the symobol “G” is different from symbol “g”in the section 3.2? Does G stand for the generator associated with the defined group? What do you mean “the defined point”? Would be great to clarify the difference between G and g.

 

6.Section 5.2 said:

“

In the EC setting, r has to be

prime.  Defining a variation of this algorithm using a different

domain parameter SHOULD be attentive to these conditions.

“

What is EC setting? Please expand EC? Elliptic Curve? Please make this clear or add this abbreviation into abbreviation section.

 

Nites:

1.Section 1,1st paragraph

s/ use withMutual authentication protocol/ use with Mutual authentication protocol

2.Section 5.2

s/ mixing values from from two/ mixing values from two

 

-Qin
Deborah Brungard Former IESG member
No Objection
No Objection (for -06)

                            
Jari Arkko Former IESG member
No Objection
No Objection (for -06)

                            
Joel Jaeggli Former IESG member
No Objection
No Objection (for -06)

                            
Mirja Kühlewind Former IESG member
No Objection
No Objection (2016-11-01 for -06)
In relation to Alvaro's comment on draft-ietf-httpauth-mutual, the first part of the Intellectual Properties Notice does not seem to apply here and the note is probably not needed at all.
Spencer Dawkins Former IESG member
No Objection
No Objection (for -06)

                            
Suresh Krishnan Former IESG member
No Objection
No Objection (for -06)

                            
Terry Manderson Former IESG member
No Objection
No Objection (for -06)