Hi all, Thank you for your patience. The issue has been resolved, so we will be announcing the RFC shortly.
Thank you, RFC Editor/sg > On Feb 28, 2025, at 7:28 AM, Sandy Ginoza <sgin...@staff.rfc-editor.org> > wrote: > > Apologies - resending with correct URLs below! > >> On Feb 28, 2025, at 7:26 AM, Sandy Ginoza <sgin...@staff.rfc-editor.org> >> wrote: >> >> Hi John, >> >> Thank you for the quick update! We note that the SVG also has clipped >> descenders, so we are checking whether a fix is forthcoming before >> publishing the RFC (see https://github.com/ietf-tools/xml2rfc/issues/1223). >> Thank you for your patience as we work through these issues. >> >> The current files are available here: > https://www.rfc-editor.org/authors/rfc9678.txt > https://www.rfc-editor.org/authors/rfc9678.pdf > https://www.rfc-editor.org/authors/rfc9678.html > https://www.rfc-editor.org/authors/rfc9678.xml > > >> Thanks, >> RFC Editor/sg >> >>> On Feb 27, 2025, at 12:40 AM, John Mattsson <john.matts...@ericsson.com> >>> wrote: >>> >>> Hi Sandy, >>> >>> Attached is an xml file where the SVG for figure 2 has been corrected. >>> >>> Cheers, >>> John >>> >>> From: Sandy Ginoza <sgin...@staff.rfc-editor.org> >>> Date: Wednesday, 26 February 2025 at 23:44 >>> To: Jari Arkko <jari.ar...@gmail.com> >>> Cc: Madison Church <mchu...@staff.rfc-editor.org>, Karl Norrman >>> <karl.norr...@ericsson.com>, John Mattsson <john.matts...@ericsson.com>, >>> Megan Ferguson <mfergu...@staff.rfc-editor.org>, RFC Editor >>> <rfc-edi...@rfc-editor.org>, emu-...@ietf.org <emu-...@ietf.org>, >>> emu-cha...@ietf.org<emu-cha...@ietf.org>, pe...@akayla.com >>> <pe...@akayla.com>, paul.wout...@aiven.io <paul.wout...@aiven.io>, >>> auth48archive@rfc-editor.org<auth48archive@rfc-editor.org> >>> Subject: Re: AUTH48: RFC-to-be 9678 <draft-ietf-emu-aka-pfs-12> for your >>> review >>> >>> [You don't often get email from sgin...@staff.rfc-editor.org. Learn why >>> this is important at https://aka.ms/LearnAboutSenderIdentification ] >>> >>> Authors, >>> >>> I meant to also ask if it’s possible to update the SVG for figure 2. >>> Currently the PDF and HTML have a circle over the text in one of the upper >>> boxes and the second vertical line in the last box extends into the text >>> box. >>> >>> Please see Figure 2 in these files: >>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.html%23figure-2&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595663557%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Ta2ImhSeLbHTluO%2Breu73NEK%2FXGX1ZaXBaLMW74hiEc%3D&reserved=0 >>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.pdf&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595686044%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=LzKcHIpvS2IZKo6Xzpiz90FsKOWC9Jw75iPRzxWcKRM%3D&reserved=0 >>> >>> Thanks, >>> RFC Editor/sg >>> >>> >>> >>>> On Feb 26, 2025, at 1:05 PM, Sandy Ginoza <sgin...@staff.rfc-editor.org> >>>> wrote: >>>> >>>> Hi all, >>>> >>>> Please note that publication of this document is being delayed while we >>>> try to understand what is causing figure 2 in the PDF to run off the page. >>>> >>>> See >>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.pdf&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595699096%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=QehtvdHsUnFfI0qMxgidZxz%2FqLfg1aTQdh54Nn5y2Ig%3D&reserved=0 >>>> >>>> We can scale it, but we’re looking into it a bit more because it becomes >>>> pretty small. >>>> >>>> See >>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fv3test%2Ftest9678.pdf&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595710208%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=6H4Kb8UjbJOgWSYVU1HhqLbK10QGBjCIXH8K6bMBk%2BQ%3D&reserved=0 >>>> >>>> Thanks, >>>> RFC Editor/sg >>>> >>>> >>>> >>>>> On Feb 16, 2025, at 6:24 AM, Jari Arkko <jari.ar...@gmail.com> wrote: >>>>> >>>>> Hi, >>>>> >>>>> Sorry for the delay, but today I finally had a chance to read the >>>>> document from top to bottom, and I have no issues. I approve publication >>>>> in the current state! >>>>> >>>>> Jari >>>>> >>>>>> Madison Church <mchu...@staff.rfc-editor.org> kirjoitti 10.2.2025 kello >>>>>> 19.24: >>>>>> >>>>>> Hi Jari, >>>>>> >>>>>> This is a friendly weekly reminder that this document awaits your >>>>>> approval. Please see the thread below for links to the current version >>>>>> and let us know if we can be of assistance as you complete your AUTH48 >>>>>> review. Once we receive your approval, we will move this document >>>>>> forward in the publication process. >>>>>> >>>>>> Thank you! >>>>>> >>>>>> RFC Editor/mc >>>>>> >>>>>>> On Feb 3, 2025, at 4:14 PM, Megan Ferguson >>>>>>> <mfergu...@staff.rfc-editor.org> wrote: >>>>>>> >>>>>>> Hi Jari, >>>>>>> >>>>>>> Just a friendly reminder that this document awaits your approval. >>>>>>> Please see the mail below for links to the current version and let us >>>>>>> know if we can be of assistance as you complete your AUTH48 review. >>>>>>> >>>>>>> Thank you. >>>>>>> >>>>>>> RFC Editor/mf >>>>>>> >>>>>>> >>>>>>>> On Jan 22, 2025, at 12:15 PM, Megan Ferguson >>>>>>>> <mfergu...@staff.rfc-editor.org> wrote: >>>>>>>> >>>>>>>> Hi John, >>>>>>>> >>>>>>>> Thanks for sending this along. >>>>>>>> >>>>>>>> We have adopted this version in our links below. Note that these >>>>>>>> changes are not viewable in diffs of the text files from the previous >>>>>>>> version to this one as they are “behind the scenes”, so we have >>>>>>>> created diffs between the xml files to capture them below. Please >>>>>>>> review the xml version and ensure it looks as expected and let us know >>>>>>>> if any further changes are necessary. >>>>>>>> >>>>>>>> We believe once we hear approval from Jari that this document will be >>>>>>>> ready to move forward in the publication process. >>>>>>>> >>>>>>>> The files have been posted here (please refresh): >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.txt&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595720900%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=KS4DIuYss870QQqieE3goVuhcDAM%2BY7rzWkxujXk4Vg%3D&reserved=0 >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.pdf&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595731941%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=qWTTbjhgXW%2BTzmVJ6WJN7C%2BkHQHyIN6kk%2B7p7EMUaT8%3D&reserved=0 >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595742654%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=x6d0c5Ji31x5W9nTKgGVhSsvdjBMs8opBaN8MhJKq0M%3D&reserved=0 >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.xml&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595753139%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=X0m5%2BpDJ15DMlmRuVY5Q7bgFig7mqU5%2BqD93FwjPdFE%3D&reserved=0 >>>>>>>> >>>>>>>> The diff files have been posted here (please refresh): >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-diff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595763779%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=CMiLvvH4r1TJg6WuH92sCT3slCC11WGOjAEftegj0YE%3D&reserved=0 >>>>>>>> (cumulative) >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-rfcdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595774396%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=ohtoyrYzFqJqSQ4jOiEK979Eyd63Ur4gwgTfi%2BBEX3A%3D&reserved=0 >>>>>>>> (side by side) >>>>>>>> >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-auth48diff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595785331%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=m9cltydCseys474M6zfy5%2BPstdIqBmWUId18ZZwsJEw%3D&reserved=0 >>>>>>>> (AUTH48 changes only) >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-auth48rfcdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595795993%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=GsiYwdTSXQSxkFRqQznyoLmS5g0rWKuCbkqwqKdAMDs%3D&reserved=0 >>>>>>>> (side by side) >>>>>>>> >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-lastdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595806876%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=nKmrBG4h2Ks6dLCB81TwjOJqxPRLk4Pia9v87mWV%2Fbc%3D&reserved=0 >>>>>>>> (changes last version to this) >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-lastrfcdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595817520%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=n%2BiiN7K1rEnTDwBhuaaSjPMoQTsdgOom8dMyfbbBjrY%3D&reserved=0 >>>>>>>> (side by side) >>>>>>>> >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-xmldiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595828129%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=EkIZ2fp3S7A1YukMSsbEryYwXwWz1L4%2BZFOKH9sXGSU%3D&reserved=0 >>>>>>>> (xml files last to this) >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-xmlrfcdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595841612%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Cch4co2CsdgEK1RnfB4ZZLwxuFL8tUiRPZBJLeBQntE%3D&reserved=0 >>>>>>>> (side by side) >>>>>>>> >>>>>>>> The AUTH48 status page for this document is available here: >>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauth48%2Frfc9678&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595854979%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=14LdWfy2ikPUG8cDemqtRhJ0ddwb7e9Mw6oz32FHYY4%3D&reserved=0 >>>>>>>> >>>>>>>> Thank you. >>>>>>>> >>>>>>>> RFC Editor/mf >>>>>>>> >>>>>>>> >>>>>>>>> On Jan 18, 2025, at 3:49 AM, John Mattsson >>>>>>>>> <john.matts...@ericsson.com> wrote: >>>>>>>>> >>>>>>>>> Thanks Megan, >>>>>>>>> >>>>>>>>> Attached is an updated xml file with SVG artwork updated to match the >>>>>>>>> updated ASCII artwork. The only changes are in <artwork type="svg" >>>>>>>>> >>>>>>>>> Cheers, >>>>>>>>> John >>>>>>>>> >>>>>>>>> From: Megan Ferguson <mfergu...@staff.rfc-editor.org> >>>>>>>>> Date: Thursday, 9 January 2025 at 17:36 >>>>>>>>> To: Karl Norrman <karl.norr...@ericsson.com>, John Mattsson >>>>>>>>> <john.matts...@ericsson.com>, jari.ar...@gmail.com >>>>>>>>> <jari.ar...@gmail.com> >>>>>>>>> Cc: rfc-edi...@rfc-editor.org <rfc-edi...@rfc-editor.org>, >>>>>>>>> emu-...@ietf.org <emu-...@ietf.org>, emu-cha...@ietf.org >>>>>>>>> <emu-cha...@ietf.org>, pe...@akayla.com <pe...@akayla.com>, >>>>>>>>> paul.wout...@aiven.io <paul.wout...@aiven.io>, >>>>>>>>> auth48archive@rfc-editor.org<auth48archive@rfc-editor.org>,jari.ar...@piuha.net >>>>>>>>> <jari.ar...@piuha.net> >>>>>>>>> Subject: Re: AUTH48: RFC-to-be 9678 <draft-ietf-emu-aka-pfs-12> for >>>>>>>>> your review >>>>>>>>> >>>>>>>>> [You don't often get email from mfergu...@staff.rfc-editor.org. Learn >>>>>>>>> why this is important athttps://aka.ms/LearnAboutSenderIdentification >>>>>>>>> ] >>>>>>>>> >>>>>>>>> Hi Karl and John, >>>>>>>>> >>>>>>>>> Thank you for your replies. We have updated your status to >>>>>>>>> “Approved” at the AUTH48 status page >>>>>>>>> (seehttps://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauth48%2Frfc9678&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595872328%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=BnIVeYAQTEEaZ4jGM6lPSk5h%2B8cj7E3wD%2BtQgxy3LgU%3D&reserved=0). >>>>>>>>> We will await approval from Jari as well as any necessary >>>>>>>>> re-rendering of the SVG prior to moving forward in the publication >>>>>>>>> process. >>>>>>>>> >>>>>>>>> Please note that we will assume your assent to any further changes >>>>>>>>> submitted by your coauthors unless we hear objection at that time. >>>>>>>>> >>>>>>>>> Thank you. >>>>>>>>> >>>>>>>>> RFC Editor/mf >>>>>>>>> >>>>>>>>> >>>>>>>>>> On Jan 9, 2025, at 3:48 AM, Karl Norrman <karl.norr...@ericsson.com> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> Hi! >>>>>>>>>> >>>>>>>>>> I approve publication. >>>>>>>>>> >>>>>>>>>> BR Karl >>>>>>>>>> >>>>>>>>>> From: John Mattsson <john.matts...@ericsson.com> >>>>>>>>>> Sent: Thursday, January 9, 2025 11:00 AM >>>>>>>>>> To: Megan Ferguson <mfergu...@staff.rfc-editor.org> >>>>>>>>>> Cc: Jari Arkko <jari.ar...@gmail.com>; Karl Norrman >>>>>>>>>> <karl.norr...@ericsson.com>; rfc-edi...@rfc-editor.org; >>>>>>>>>> emu-...@ietf.org; emu-cha...@ietf.org; Peter Yee <pe...@akayla.com>; >>>>>>>>>> Paul Wouters <paul.wout...@aiven.io>; auth48archive@rfc-editor.org; >>>>>>>>>> Jari Arkko <jari.ar...@piuha.net> >>>>>>>>>> Subject: Re: AUTH48: RFC-to-be 9678 <draft-ietf-emu-aka-pfs-12> for >>>>>>>>>> your review >>>>>>>>>> >>>>>>>>>> Mi Megan, >>>>>>>>>> >>>>>>>>>> I approve publication. >>>>>>>>>> >>>>>>>>>> Cheers, >>>>>>>>>> John >>>>>>>>>> >>>>>>>>>> From: Megan Ferguson <mfergu...@staff.rfc-editor.org> >>>>>>>>>> Date: Wednesday, 8 January 2025 at 19:37 >>>>>>>>>> To: John Mattsson <john.matts...@ericsson.com> >>>>>>>>>> Cc: Jari Arkko <jari.ar...@gmail.com>, Karl Norrman >>>>>>>>>> <karl.norr...@ericsson.com>, rfc-edi...@rfc-editor.org >>>>>>>>>> <rfc-edi...@rfc-editor.org>, emu-...@ietf.org <emu-...@ietf.org>, >>>>>>>>>> emu-cha...@ietf.org <emu-cha...@ietf.org>, Peter Yee >>>>>>>>>> <pe...@akayla.com>, Paul Wouters <paul.wout...@aiven.io>, >>>>>>>>>> auth48archive@rfc-editor.org <auth48archive@rfc-editor.org>, Jari >>>>>>>>>> Arkko <jari.ar...@piuha.net> >>>>>>>>>> Subject: Re: AUTH48: RFC-to-be 9678 <draft-ietf-emu-aka-pfs-12> for >>>>>>>>>> your review >>>>>>>>>> >>>>>>>>>> [You don't often get email from mfergu...@staff.rfc-editor.org. >>>>>>>>>> Learn why this is important >>>>>>>>>> athttps://aka.ms/LearnAboutSenderIdentification ] >>>>>>>>>> >>>>>>>>>> Hi John, >>>>>>>>>> >>>>>>>>>> [Note that this email is coming to you from a new email address on >>>>>>>>>> our end.] >>>>>>>>>> >>>>>>>>>> Thanks for reviewing and sending along these changes. We have >>>>>>>>>> updated as requested*. >>>>>>>>>> >>>>>>>>>> *Note that we made one further change to your suggestion for Section >>>>>>>>>> 4.1: we made “goal” singular into “goals” plural. >>>>>>>>>> >>>>>>>>>> Please review the files carefully as we do not make changes after >>>>>>>>>> publication. >>>>>>>>>> >>>>>>>>>> The files have been posted here (please refresh): >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.txt&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595889415%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=rReTBwtTBbmc1fBCXQN4OUQoGV8M9AdjGkj7KzruCt0%3D&reserved=0 >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.pdf&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595907136%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=nGuiX7aGD4ZEzdjYGDyhKz%2BwZUs7IcSqcFXSZhbBs2o%3D&reserved=0 >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595923071%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=jEfROKDgokiG%2F1qVHBzR8lEDu2czqGXGp36G687muSM%3D&reserved=0 >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.xml&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595940162%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=sgMaJ6y%2FKSUVX7XRgIUaJ0rw7wbWpAUPweOo7tQkw10%3D&reserved=0 >>>>>>>>>> >>>>>>>>>> The relevant diff files have been posted here (please refresh): >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-diff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595953583%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Hy%2BRFdubj34tM4JCoFbXmWzltz7KNrfObDpH1HvgwWw%3D&reserved=0 >>>>>>>>>> (comprehensive diff) >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-auth48diff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595964289%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=L7BP%2BTmUciwi0WetZOkGRWbw%2FAgZ2zVoYdac0tz15Hk%3D&reserved=0 >>>>>>>>>> (AUTH48 changes only) >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-lastdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595975301%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Wd4YhVmtR3hMeQms1hp0GADeq1POagdMIV6f8nI%2BFWs%3D&reserved=0 >>>>>>>>>> (last version to this) >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-lastrfcdiff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066595986249%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=gAMhmecELTVFcVUkqoAb%2BsylVpAQP%2BSB8F%2FjrscUI%2FM%3D&reserved=0 >>>>>>>>>> (ditto but rfcdiff) >>>>>>>>>> >>>>>>>>>> Please contact us with any further updates/questions/comments you >>>>>>>>>> may have. >>>>>>>>>> >>>>>>>>>> We will await approvals from each of the parties listed on the >>>>>>>>>> AUTH48 status page prior to moving forward to publication. >>>>>>>>>> >>>>>>>>>> The AUTH48 status page for this document is available here: >>>>>>>>>> >>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauth48%2Frfc9678&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596001070%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=G05Wcjm8h4m8XrKV47%2BOABKP5MFWNOj8Bv0T0o7A1ks%3D&reserved=0 >>>>>>>>>> >>>>>>>>>> Thank you. >>>>>>>>>> >>>>>>>>>> RFC Editor/mf >>>>>>>>>> >>>>>>>>>>> On Dec 28, 2024, at 3:42 AM, John Mattsson >>>>>>>>>>> <john.matts...@ericsson.com> wrote: >>>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>>> *General Note*: Please note that any updates made to figures with >>>>>>>>>>>> SVG have been made in the <artwork> only. The >>>>>>>>>>>> authors will need to re-render the SVG to match the desired >>>>>>>>>>>> output. We recommend doing this once AUTH48 >>>>>>>>>>>> changes are complete and all author approvals have been received >>>>>>>>>>>> so that many iterations can be avoided. >>>>>>>>>>> I will re-render the SVG once AUTH48 changes are complete. >>>>>>>>>>> >>>>>>>>>>> I have reviewed the current version of the document and approve >>>>>>>>>>> publication. See minor suggestions below: >>>>>>>>>>> >>>>>>>>>>> Cheers, >>>>>>>>>>> John >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> This prevents an attacker who has >>>>>>>>>>> gained access to the long-term key from obtaining session keys >>>>>>>>>>> established in the past, assuming these have been properly deleted. >>>>>>>>>>> NEW: >>>>>>>>>>> This prevents an attacker who has >>>>>>>>>>> gained access to the long-term key from obtaining session keys >>>>>>>>>>> established in the past. >>>>>>>>>>> >>>>>>>>>>> John: To align with introduction. Deletion of keys is discussed in >>>>>>>>>>> several sections. >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: when a system is running. >>>>>>>>>>> NEW: when the system is running. >>>>>>>>>>> >>>>>>>>>>> John: To align with the bullets above >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> The goal of AKA is to mutually authenticate the USIM and the so- >>>>>>>>>>> called home environment, which is the authentication Server in the >>>>>>>>>>> subscriber's home operator's network. >>>>>>>>>>> >>>>>>>>>>> NEW: >>>>>>>>>>> The goal of AKA is to mutually authenticate the USIM and the so- >>>>>>>>>>> called home environment, which is the authentication Server in the >>>>>>>>>>> subscriber's home operator's network, and to establish key material >>>>>>>>>>> between the two. >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> AT_PUB_ECDHE: >>>>>>>>>>> This is set to 152 by IANA. >>>>>>>>>>> >>>>>>>>>>> NEW: >>>>>>>>>>> AT_PUB_ECDHE: >>>>>>>>>>> This is set to 152. >>>>>>>>>>> >>>>>>>>>>> John: The "by IANA" is just confusing >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> AT_KDF_FS: >>>>>>>>>>> This is set to 153 by IANA. >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> AT_KDF_FS: >>>>>>>>>>> This is set to 153. >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> Public key validation requirements are defined in Section 5 of >>>>>>>>>>> [SP-800-56A]. >>>>>>>>>>> >>>>>>>>>>> NEW: >>>>>>>>>>> Requirements are defined in Section 5 of [SP-800-56A], in >>>>>>>>>>> particular Sections 5.6.2.3.4, 5.6.3.1, and >>>>>>>>>>> and 5.6.3.3. >>>>>>>>>>> >>>>>>>>>>> John: Section 5 is long. I think it is good to help the reader a >>>>>>>>>>> bit. >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> 6.5.9. EAP-Response/AKA'-Client-Error >>>>>>>>>>> >>>>>>>>>>> changes, except that the AT_KDF_FS or AT_PUB_ECDHE attributes MUST >>>>>>>>>>> >>>>>>>>>>> NEW: >>>>>>>>>>> 6.5.9. EAP-Response/AKA'-Client-Error >>>>>>>>>>> >>>>>>>>>>> There are no changes for the EAP-Response/AKA'-Client-Error, except >>>>>>>>>>> that the AT_KDF_FS or AT_PUB_ECDHE attributes MUST >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> 6.5.11. EAP-Response/AKA'-Notification >>>>>>>>>>> >>>>>>>>>>> There are no changes for the EAP-Request/AKA'-Notification. >>>>>>>>>>> >>>>>>>>>>> NEW: >>>>>>>>>>> 6.5.11. EAP-Response/AKA'-Notification >>>>>>>>>>> >>>>>>>>>>> There are no changes for the EAP-Response/AKA'-Notification. >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> OLD: >>>>>>>>>>> [TS.33.501] >>>>>>>>>>> 3GPP, "Security architecture and procedures for 5G >>>>>>>>>>> System", Version 18.1.0, 3GPP TS 33.501, March 2023. >>>>>>>>>>> >>>>>>>>>>> NEW: >>>>>>>>>>> [TS.33.501] >>>>>>>>>>> 3GPP, "Security architecture and procedures for 5G >>>>>>>>>>> System", Version 19.0.0, 3GPP TS 33.501, September 2024. >>>>>>>>>>> >>>>>>>>>>> John: We should refer to the last version >>>>>>>>>>> >>>>>>>>>>> --- >>>>>>>>>>> >>>>>>>>>>> From: Megan Ferguson <mfergu...@amsl.com> >>>>>>>>>>> Date: Friday, 20 December 2024 at 21:57 >>>>>>>>>>> To: Jari Arkko <jari.ar...@gmail.com>, Karl Norrman >>>>>>>>>>> <karl.norr...@ericsson.com> >>>>>>>>>>> Cc: rfc-edi...@rfc-editor.org <rfc-edi...@rfc-editor.org>, John >>>>>>>>>>> Mattsson <john.matts...@ericsson.com>,emu-...@ietf.org >>>>>>>>>>> <emu-...@ietf.org>, emu-cha...@ietf.org <emu-cha...@ietf.org>, >>>>>>>>>>> Peter Yee <pe...@akayla.com>, Paul Wouters <paul.wout...@aiven.io>, >>>>>>>>>>> auth48archive@rfc-editor.org<auth48archive@rfc-editor.org>, Jari >>>>>>>>>>> Arkko <jari.ar...@piuha.net> >>>>>>>>>>> Subject: Re: AUTH48: RFC-to-be 9678 <draft-ietf-emu-aka-pfs-12> for >>>>>>>>>>> your review >>>>>>>>>>> >>>>>>>>>>> Jari and Karl, >>>>>>>>>>> >>>>>>>>>>> Thank you for your replies. Please see our (several) >>>>>>>>>>> questions/comments regarding your responses inline in the message >>>>>>>>>>> below marked with [rfced] for places in which further guidance from >>>>>>>>>>> authors may be necessary or where confirmation and careful review >>>>>>>>>>> of our updates is requested. >>>>>>>>>>> >>>>>>>>>>> *General Note*: Please note that any updates made to figures with >>>>>>>>>>> SVG have been made in the <artwork> only. The authors will need to >>>>>>>>>>> re-render the SVG to match the desired output. We recommend doing >>>>>>>>>>> this once AUTH48 changes are complete and all author approvals have >>>>>>>>>>> been received so that many iterations can be avoided. >>>>>>>>>>> >>>>>>>>>>> All other changes have been incorporated into our version of the >>>>>>>>>>> files as requested. >>>>>>>>>>> >>>>>>>>>>> Please review the files carefully as we do not make changes after >>>>>>>>>>> publication. >>>>>>>>>>> >>>>>>>>>>> The files have been posted here (please refresh): >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.txt&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596011999%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=8Hj08tOgekXPwXEGjey6LP9F%2FVygBOwOs%2Bfjt5zpnI0%3D&reserved=0 >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.pdf&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596022607%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=jXmKRrKD1LYr77eGXi0EwjkpZ7re%2BFaIdxwGGd6RgDg%3D&reserved=0 >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596033020%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=VPv0NvPvPDqi0DeE7%2FOxz%2FHjYu6B4xbo6la%2BA3xLytw%3D&reserved=0 >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678.xml&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596043437%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=ezL7%2BZ41OZHYhzErohASwyaOpRjEqCMjxoGtvv8zeas%3D&reserved=0 >>>>>>>>>>> >>>>>>>>>>> The relevant diff files have been posted here (please refresh): >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-diff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596054096%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=6RXRchrwN5kZK7BClAuELV10N4CxXHBgpRbApsF4eV8%3D&reserved=0(comprehensive >>>>>>>>>>> diff) >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9678-auth48diff.html&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596064519%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=%2BB1Krb3SdzQOX0QgvMHXs%2Fd9Miwp1v5xchwhfO3Zw%2BI%3D&reserved=0 >>>>>>>>>>> (AUTH48 changes only) >>>>>>>>>>> >>>>>>>>>>> Please contact us with any further updates/questions/comments you >>>>>>>>>>> may have. >>>>>>>>>>> >>>>>>>>>>> We will await approvals from each of the parties listed on the >>>>>>>>>>> AUTH48 status page prior to moving forward to publication. >>>>>>>>>>> >>>>>>>>>>> The AUTH48 status page for this document is available here: >>>>>>>>>>> >>>>>>>>>>> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauth48%2Frfc9678&data=05%7C02%7Cjohn.mattsson%40ericsson.com%7C70fc77698a4a4d6dc4be08dd56b706b2%7C92e84cebfbfd47abbe52080c6b87953f%7C0%7C0%7C638762066596074922%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=fFDD%2BzyMHZ814EO2fzQCNsPZmNU%2B%2BN03Z0we4uVArXM%3D&reserved=0 >>>>>>>>>>> >>>>>>>>>>> Thank you. >>>>>>>>>>> >>>>>>>>>>> RFC Editor/mf >>>>>>>>>>> >>>>>>>>>>>> On Dec 13, 2024, at 8:54 AM, Jari Arkko <jari.ar...@gmail.com> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>> Trying to answer the questions: >>>>>>>>>>>> >>>>>>>>>>>>> 1) <!-- [rfced] We had a few questions about the title of this >>>>>>>>>>>>> document, >>>>>>>>>>>>> mostly as relates to the expansion of the initialism EAP-AKA'. >>>>>>>>>>>>> We would love some guidance that we can track for future >>>>>>>>>>>>> documents using this abbreviation as it looks like this has not >>>>>>>>>>>>> been consistent thus far. >>>>>>>>>>>>> >>>>>>>>>>>>> a) We believe the single quote following the abbreviation is used >>>>>>>>>>>>> to >>>>>>>>>>>>> indicate the "improved" method described in RFC 5448 (as opposed >>>>>>>>>>>>> to >>>>>>>>>>>>> basic EAP-AKA from RFC 4187). If this is so, should "improved" be >>>>>>>>>>>>> added to the title of this document? >>>>>>>>>>>> >>>>>>>>>>>> I think so, what do other authors think? >>>>>>>>>>> >>>>>>>>>>> [Karl]: Yes, I think naming it “Forward Security for the Improved >>>>>>>>>>> Extensible…” would be the correct name and in line with 5448. >>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> b) We see past expansions of both EAP-AKA and EAP-AKA' in RFC >>>>>>>>>>>>> titles >>>>>>>>>>>>> include 3rd Generation or 3GPP Mobile Network. Should some >>>>>>>>>>>>> mention of >>>>>>>>>>>>> 3rd generation be added to the title of this document? >>>>>>>>>>>>> >>>>>>>>>>>>> RFC 4187: >>>>>>>>>>>>> Extensible Authentication Protocol Method for 3rd Generation >>>>>>>>>>>>> Authentication and Key Agreement (EAP-AKA) >>>>>>>>>>>>> >>>>>>>>>>>>> RFC 5448: >>>>>>>>>>>>> Improved Extensible Authentication Protocol Method for >>>>>>>>>>>>> 3rd Generation Authentication and Key Agreement (EAP-AKA') >>>>>>>>>>>>> >>>>>>>>>>>>> RFC 9048: >>>>>>>>>>>>> Improved Extensible Authentication Protocol Method for 3GPP Mobile >>>>>>>>>>>>> Network Authentication and Key Agreement (EAP-AKA') >>>>>>>>>>>>> >>>>>>>>>>>>> c) If the title is really a 1:1 with the initialism, it may be >>>>>>>>>>>>> beneficial for the reader to move the initialism to the front >>>>>>>>>>>>> followed >>>>>>>>>>>>> by a colon (common use in RFCs) (see Perhaps A below). >>>>>>>>>>>>> >>>>>>>>>>>>> With *all* the above in mind (a-c), here are some suggested >>>>>>>>>>>>> titles. >>>>>>>>>>>>> If none of these fit the bill, please let us know if/how we can >>>>>>>>>>>>> rephrase. >>>>>>>>>>>>> >>>>>>>>>>>>> Perhaps A: >>>>>>>>>>>>> Forward Secrecy Extension to the Improved Extensible >>>>>>>>>>>>> Authentication Protocol for Authentication and Key Agreement >>>>>>>>>>>>> (EAP-AKA' FS) >>>>>>>>>>>>> >>>>>>>>>>>>> Perhaps B: >>>>>>>>>>>>> EAP-AKA' FS: The Forward Secrecy Extension for Improved >>>>>>>>>>>>> Extensible Authentication Protocol for Authentication and Key >>>>>>>>>>>>> Agreement >>>>>>>>>>>>> >>>>>>>>>>>>> Perhaps C: >>>>>>>>>>>>> Improved Extensible Authentication Protocol Method for 3GPP >>>>>>>>>>>>> Mobile Network Authentication and Key Agreement Forward Secrecy >>>>>>>>>>>>> Extension (EAP-AKA' FS) >>>>>>>>>>>>> >>>>>>>>>>>>> --> >>>>>>>>>>>> >>>>>>>>>>>> I personally prefer A, but I don’t have a strong opinion. >>>>>>>>>>>> Retaining the whole stack of content is making the title too long, >>>>>>>>>>>> imho, hence not preferring C. >>>>>>>>>>> >>>>>>>>>>> [Karl]: I also prefer A. >>>>>>>>>>> >>>>>>>>>>> [rfced] Please see the updated file for the adoption of suggestion >>>>>>>>>>> A and that also includes “Method” (which was accidentally removed >>>>>>>>>>> in our suggestion A we originally sent). >>>>>>>>>>>> >>>>>>>>>>>>> 2) <!--[rfced] The Abstract and IANA Considerations each contain >>>>>>>>>>>>> places >>>>>>>>>>>>> where an (almost) RFC title is listed for one RFC but a >>>>>>>>>>>>> "nickname" for another/others. How may we make these consistent? >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Abstract: >>>>>>>>>>>>> This document updates RFC 9048, the improved Extensible >>>>>>>>>>>>> Authentication >>>>>>>>>>>>> Protocol Method for 3GPP Mobile Network Authentication and Key >>>>>>>>>>>>> Agreement (EAP-AKA'),...Similarly, this document also updates the >>>>>>>>>>>>> earlier version of the EAP-AKA' specification in RFC 5448. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> IANA: >>>>>>>>>>>>> This extension of EAP-AKA' shares its attribute space and subtypes >>>>>>>>>>>>> with Extensible Authentication Protocol Method for Global System >>>>>>>>>>>>> for >>>>>>>>>>>>> Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM) >>>>>>>>>>>>> [RFC4186], EAP-AKA [RFC4187], and EAP-AKA' [RFC9048]. >>>>>>>>>>>>> --> >>>>>>>>>>>> >>>>>>>>>>>> Clearly this needs to be corrected. Let’s use the full name in >>>>>>>>>>>> both. >>>>>>>>>>> >>>>>>>>>>> [rfced] In the IANA Considerations section, we have further updated >>>>>>>>>>> to make this a bulleted list of RFCs to aid in readability. Please >>>>>>>>>>> review and let us know objections. >>>>>>>>>>> >>>>>>>>>>> In the Abstract, we found expanding both very similar document >>>>>>>>>>> titles so close to each other actually tougher to read, so we have >>>>>>>>>>> updated the text differently there. Again, please let us know any >>>>>>>>>>> objections. >>>>>>>>>>> >>>>>>>>>>> <snip> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> 9) <!--[rfced] Might it be helpful to the reader to point them to >>>>>>>>>>>>> the >>>>>>>>>>>>> specific 3GPP specifications to which you refer? >>>>>>>>>>>>> >>>>>>>>>>>>> Original: >>>>>>>>>>>>> The details of those interactions are outside the scope of this >>>>>>>>>>>>> document, however, and the reader is referred to the 3GPP >>>>>>>>>>>>> specifications. >>>>>>>>>>>> >>>>>>>>>>>> I don’t see the problem, isn’t the next sentence containing one >>>>>>>>>>>> such reference? >>>>>>>>>>> >>>>>>>>>>> [Karl]: I assume this is from just above Figure 2. Maybe we could >>>>>>>>>>> add a reference to [TS 33.501] just for clarity. It is already >>>>>>>>>>> mentioned a bit higher up in the same section for another detail. >>>>>>>>>>> >>>>>>>>>>> [rfced] Please review how we have updated to try and address this >>>>>>>>>>> issue and let us know any objections. >>>>>>>>>>> <snip> >>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> 12) <!--[rfced] We have some questions regarding the text below >>>>>>>>>>>>> from >>>>>>>>>>>>> Section 6.3: >>>>>>>>>>>>> >>>>>>>>>>>>> i. This paragraph appears several paragraphs after the text it >>>>>>>>>>>>> describes. Would it be helpful to have this paragraph appear >>>>>>>>>>>>> closer to >>>>>>>>>>>>> the notation it defines? Or to update from "of the notation used >>>>>>>>>>>>> above" to instead use "of the notation used in Figure X" (and add >>>>>>>>>>>>> a >>>>>>>>>>>>> title to the text in the <figure> tags? >>>>>>>>>>>>> >>>>>>>>>>>>> ii. For readability, may we reformat the sentence as follows? >>>>>>>>>>>>> >>>>>>>>>>>>> Original: >>>>>>>>>>>>> >>>>>>>>>>>>> For readability, an explanation of the notation used above is >>>>>>>>>>>>> copied >>>>>>>>>>>>> here: [n..m] denotes the substring from bit n to m. PRF' is a new >>>>>>>>>>>>> pseudo-random function specified in [RFC9048]. K_encr is the >>>>>>>>>>>>> encryption key, 128 bits, K_aut is the authentication key, 256 >>>>>>>>>>>>> bits, >>>>>>>>>>>>> K_re is the re-authentication key, 256 bits, MSK is the Master >>>>>>>>>>>>> Session Key, 512 bits, and EMSK is the Extended Master Session >>>>>>>>>>>>> Key, >>>>>>>>>>>>> 512 bits. MSK and EMSK are outputs from a successful EAP method >>>>>>>>>>>>> run >>>>>>>>>>>>> [RFC3748]. >>>>>>>>>>>>> >>>>>>>>>>>>> Perhaps: >>>>>>>>>>>>> >>>>>>>>>>>>> For readability, an explanation of the notation used [in Figure >>>>>>>>>>>>> X?] >>>>>>>>>>>>> above is copied here: >>>>>>>>>>>>> >>>>>>>>>>>>> * [n..m] denotes the substring from bit n to m. >>>>>>>>>>>>> >>>>>>>>>>>>> * PRF' is a new pseudorandom function specified in [RFC9048]. >>>>>>>>>>>>> >>>>>>>>>>>>> * K_encr is the encryption key (128 bits). >>>>>>>>>>>>> >>>>>>>>>>>>> * K_aut is the authentication key (256 bits). >>>>>>>>>>>>> >>>>>>>>>>>>> * K_re is the re-authentication key (256 bits). >>>>>>>>>>>>> >>>>>>>>>>>>> * MSK is the Master Session Key (512 bits). >>>>>>>>>>>>> >>>>>>>>>>>>> * EMSK is the Extended Master Session Key (512 bits). >>>>>>>>>>>>> >>>>>>>>>>>>> Note: MSK and EMSK are outputs from a successful EAP method run >>>>>>>>>>>>> [RFC3748]. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Yes, this works. And maybe just ”An explanation .. ” (ie. omit the >>>>>>>>>>>> part about readability). >>>>>>>>>>> >>>>>>>>>>> [rfced] We believe this was assent to both the update and the >>>>>>>>>>> movement of text. Please review how this appears in the file and >>>>>>>>>>> let us know any objections. >>>>>>>>>>> >>>>>>>>>>> <snip> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> 21) <!--[rfced] "MAC" appears to be used as a verb in the sentence >>>>>>>>>>>>> below. Are any adjustments needed? >>>>>>>>>>>>> >>>>>>>>>>>>> Original: >>>>>>>>>>>>> >>>>>>>>>>>>> K_encr and K_aut are used to encrypt and MAC data in the EAP-Req/ >>>>>>>>>>>>> AKA'-Challenge message... >>>>>>>>>>>>> >>>>>>>>>>>>> --> >>>>>>>>>>>> >>>>>>>>>>>> Right. Maybe ”… encrypt and to calculate a MAC …” >>>>>>>>>>> >>>>>>>>>>> [rfced] Please review our update which also removes “data” and let >>>>>>>>>>> us know if this is incorrect. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> --> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> 24) <!--[rfced] The terms RAND, AUTN, XRES, RES, IK, and CK >>>>>>>>>>>>> appear with >>>>>>>>>>>>> and without articles throughout this document (see an example >>>>>>>>>>>>> below). How may we update for consistency? >>>>>>>>>>>>> >>>>>>>>>>>>> Original: >>>>>>>>>>>>> >>>>>>>>>>>>> The authentication vector >>>>>>>>>>>>> contains a random part RAND, an authenticator part AUTN used for >>>>>>>>>>>>> authenticating the network to the USIM, an expected result part >>>>>>>>>>>>> XRES, a 128-bit session key for integrity check IK, and a 128-bit >>>>>>>>>>>>> session key for encryption CK. >>>>>>>>>>>>> >>>>>>>>>>>>> If this process is successful (the AUTN is valid and the sequence >>>>>>>>>>>>> number >>>>>>>>>>>>> used to generate AUTN is within the correct range)... >>>>>>>>>>>>> >>>>>>>>>>>>> --> >>>>>>>>>>>> >>>>>>>>>>>> I’m not sure. Can you suggest how to do it, just based on using >>>>>>>>>>>> proper English? >>>>>>>>>>> >>>>>>>>>>> [rfced] We have made the updates to the body of the text that you >>>>>>>>>>> can review, but have not made changes to the figures as these >>>>>>>>>>> situations read okay to us (since the names were not followed by a >>>>>>>>>>> label). Please let us know if you would like to make any updates >>>>>>>>>>> like the following to the figures or if you too are okay leaving >>>>>>>>>>> these as they are. >>>>>>>>>>> >>>>>>>>>>> Example: >>>>>>>>>>> >>>>>>>>>>> Current: >>>>>>>>>>> ...generating RAND and AUTN,… >>>>>>>>>>> >>>>>>>>>>> Perhaps: >>>>>>>>>>> ...generating the RAND and AUTN values,... >>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> --> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> 26) <!--[rfced] Please review the <artwork> element in Section >>>>>>>>>>>>> 6.3 and let us know >>>>>>>>>>>>> if it should be updated to <sourcecode> or another element. --> >>>>>>>>>>>> >>>>>>>>>>>> It is more of ”equations” or perhaps source code than a figure, so >>>>>>>>>>>> if <sourcecode> is appropriate for this, then go ahead. >>>>>>>>>>>> >>>>>>>>>>> [rfced] Just a further pointer to the sourcecode type list in case >>>>>>>>>>> anything there seems like it fits. We will leave these as >>>>>>>>>>> <artwork> unless we hear otherwise. >>>>>>>>>> >>>>>>>>> >>>>>>>>> <rfc9678_JPM.xml> >>>>>> >>>>> >>>> >>> >>> <rfc9678_fixed_SVG.xml> >> > -- auth48archive mailing list -- auth48archive@rfc-editor.org To unsubscribe send an email to auth48archive-le...@rfc-editor.org
