Re: [dtn] AD review of draft-ietf-dtn-tcpclv4-12

Brian Sipos <BSipos@rkf-eng.com> Fri, 09 August 2019 15:09 UTC

Return-Path: <BSipos@rkf-eng.com>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B9D912023B for <dtn@ietfa.amsl.com>; Fri, 9 Aug 2019 08:09:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rkfeng.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id THasegPk4cZ7 for <dtn@ietfa.amsl.com>; Fri, 9 Aug 2019 08:09:03 -0700 (PDT)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-eopbgr740077.outbound.protection.outlook.com [40.107.74.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B7E0120255 for <dtn@ietf.org>; Fri, 9 Aug 2019 08:09:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CX8XnbAqtDxcn2xpxbp6NrVI/dyXnlJqWxn0OPVXuLjzwZzh8O/EreEDTzjTpzlzXKMdoSmspkFXPBG4vOr/2ACyZHoMQqL3I/wGxFmI6I1rXl34Mh4/EZ5BOJ0m7EqpaEAs3hPbyuflonySo60d6ilc9cXHqt1Vg0O4bDXaSqkh5jL8bxkXFedD1PBpA7FcUAsE4RdQut6E7gF1FPtB/kANVX6Y/SRj+WfuSqswpFN3aeNgqMO+6aUvPFp8os8cLOrHA56tApLTYfCAnpK/Sq3+XZ+y/n6nCa4duGEKNdXIHu9s5oFv+hs4xLT+GucIV89JPWDvg0BASr+0AWFirA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+ADrHYX4G4/G/eU+aoHiI3E+KyhxjtRv2JiB8UcUKrA=; b=mU64tLqppQQJ0PdGDGYBBtxtwYRnNkKcsweTjPtsOymT5vqMu/cBwCbcb+fRyY+vyhlp2ZVETyOjGtVb4Ez/mawCkGInAAA1CmrfLJWuPk+m/IEFhRWzx5ZVpmZNUX8VOngkXBaJ8KQUGEw2lVfSr4DkMOHH/v0VNugRPVf7eDuPu2020vx4snQD4Bz8Bi5BTjY1gkLjs3vmP0Dywp9nKVDPSULd1lgLFE2GCOL3nNflAsKLP/OZ859+IEsUQbyxdmusyOVp/zXT1sasllSkG4GvVb7JwM/XSZCBTSP1dpW8GOnm1dLiNrhZxMqUrSNMmpTaaPk88UuY3eglZUPqhA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=rkf-eng.com; dmarc=pass action=none header.from=rkf-eng.com; dkim=pass header.d=rkf-eng.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rkfeng.onmicrosoft.com; s=selector2-rkfeng-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+ADrHYX4G4/G/eU+aoHiI3E+KyhxjtRv2JiB8UcUKrA=; b=sPstg5BogNSAr31D71G2ifpd0V0Ca8XlrO/JLMbDfKgNrlcG6r3DFaGpXpsGieTAI/dLYrhlgV1izYxICV4evhh7o56c3y4kjYmMcQVOh8KLavSphvwddFi6QSJ9HU7grVGhXErDKhxwdjXKx5JX2jHTngCtElt+oXCWdjHCysY=
Received: from BN8PR13MB2611.namprd13.prod.outlook.com (20.178.218.203) by BN8PR13MB2627.namprd13.prod.outlook.com (20.178.218.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2157.11; Fri, 9 Aug 2019 15:09:00 +0000
Received: from BN8PR13MB2611.namprd13.prod.outlook.com ([fe80::c889:3c7f:e539:36ee]) by BN8PR13MB2611.namprd13.prod.outlook.com ([fe80::c889:3c7f:e539:36ee%5]) with mapi id 15.20.2157.020; Fri, 9 Aug 2019 15:09:00 +0000
From: Brian Sipos <BSipos@rkf-eng.com>
To: "Burleigh, Scott C (US 312B)" <scott.c.burleigh=40jpl.nasa.gov@dmarc.ietf.org>, "dtn@ietf.org" <dtn@ietf.org>
Thread-Topic: AD review of draft-ietf-dtn-tcpclv4-12
Thread-Index: AQHVTiwYSdHzR6wPWEivvF9ksr/dOabx0VJggAEHqRo=
Date: Fri, 9 Aug 2019 15:08:59 +0000
Message-ID: <BN8PR13MB2611D2E56E407263B2B970419FD60@BN8PR13MB2611.namprd13.prod.outlook.com>
References: <BN8PR13MB2611BFB2B6E15C4BCF6D00D29FD70@BN8PR13MB2611.namprd13.prod.outlook.com>, <cd2a67b0498044b0bc4934591d95a9d8@jpl.nasa.gov>
In-Reply-To: <cd2a67b0498044b0bc4934591d95a9d8@jpl.nasa.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=BSipos@rkf-eng.com;
x-originating-ip: [38.100.63.114]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e6d637f2-81f7-4b16-5cf6-08d71cdb822e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN8PR13MB2627;
x-ms-traffictypediagnostic: BN8PR13MB2627:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <BN8PR13MB26277498D4A816A25D7A93389FD60@BN8PR13MB2627.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01244308DF
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39830400003)(346002)(366004)(376002)(136003)(396003)(199004)(189003)(15404003)(66556008)(6246003)(80792005)(2501003)(7736002)(74316002)(8676002)(66066001)(81166006)(81156014)(256004)(14444005)(71190400001)(71200400001)(606006)(64756008)(66476007)(66946007)(76116006)(26005)(66446008)(186003)(52536014)(5660300002)(11346002)(476003)(105004)(446003)(486006)(33656002)(229853002)(54896002)(6306002)(236005)(9686003)(53936002)(6436002)(110136005)(55016002)(30864003)(316002)(76176011)(53546011)(6506007)(19627405001)(7696005)(102836004)(99286004)(86362001)(508600001)(14454004)(2906002)(25786009)(966005)(3846002)(6116002)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN8PR13MB2627; H:BN8PR13MB2611.namprd13.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: rkf-eng.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 5tnk94eNBajGEgmTU+6rqh2dDsJPqOcgEExYis8CLW7i4G6hFWg3ayRWioW5Iw6P8gXliB8PnAcaHsOKwR//Aj48e//5J7UH9gyhXRJ4/o7DW0nwMGgjdrsdhU1Pv8XTO34Ujb8I0Hc7RU2ljSkSUKWFZqGNLKVfit61nPMkCAxwyIgkjlj3wqDTA6u3bnEX1G55aRkPWl0ZybxX39q4xEsSs5Fyca+qekYIi6oas4UP1Ji5nAsQQHsXH3vcLpM+lv9qjaFLdnmp0X6BrYKnFunz0eMPoV6T4pVUg3BM/s2B1kPmO3ggCwIeKOo7cP3H/mBoWh8LYWRWlOSyFr35Ll9vIiUEgcv5+3o/wboi2RnEtNk7rhCEXo4aXhcQRvVcKLFrRQjyKHzADzJOgakMhVZd+McGKqilAeXepPh419Y=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN8PR13MB2611D2E56E407263B2B970419FD60BN8PR13MB2611namp_"
MIME-Version: 1.0
X-OriginatorOrg: rkf-eng.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e6d637f2-81f7-4b16-5cf6-08d71cdb822e
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Aug 2019 15:08:59.8889 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4ed8b15b-911f-42bc-8524-d89148858535
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: L5k2w45KQteEtY6vBkDRx0lFYugKLHJ7BbY4aA36yjpwoNaiZxtG8R2vmRPgZeK7jcdk362A6i7XTtp1h/Dv5g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR13MB2627
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/ssEvLvmwENrPKinMW3WhuJ9zzsQ>
Subject: Re: [dtn] AD review of draft-ietf-dtn-tcpclv4-12
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Aug 2019 15:09:18 -0000

Scott,
For #1-3, should the CL spec use the term "Node ID" instead? The Endpoint ID term was carried over from TCPCLv3 quite blindly, as I am less familiar with bundle routing logic than transport logic.

Regarding #4-5, is it true that a CL contact/session is likely to be established with a peer already known to the BP agent and already associated with a Node ID? Or is it just as likely to do something like proactively attempt TCPCL sessions with all addresses in a local subnet to coarsely 'discover' other nodes?

My feeling on the TLS authentication topic is to allow any of the following:

  *   Authenticate the IP peer name/address using X.509 subjectAltName of type dNSName or iPAddress
  *   Authenticate the DTN peer Node ID using subjectAltName of type uniformResourceIdentifier

Then it would be up to each entity policy of when to require authentication, and the auth'n could occur on either/both ends of the CL session regardless of which entity is the passive or active role.
________________________________
From: dtn <dtn-bounces@ietf.org> on behalf of Burleigh, Scott C (US 312B) <scott.c.burleigh=40jpl.nasa.gov@dmarc.ietf.org>
Sent: Thursday, August 8, 2019 18:39
To: dtn@ietf.org <dtn@ietf.org>
Subject: Re: [dtn] AD review of draft-ietf-dtn-tcpclv4-12

Hi.  A couple of thoughts here:

1.  In section 4.1.5.2 of the bpbis I-D we explain how nodes are identified by node IDs and how node IDs are a subset of (though syntactically indistinguishable from) EIDs.

2.  There is no need for TCPCL to have any awareness of BP endpoint IDs at all.  BP endpoints are the destinations of bundles, used for routing in the network; TCPCL plays no part in bundle routing.

3.  What TCPCL needs to be aware of is the IDs of the BP nodes on whose behalf it is acting.  Node IDs, not endpoint IDs.

4.  When a remote TCPCL entity makes a TCP connection to the local TCPCL entity, contact headers are exchanged; the IDs of the BP nodes served by the two TCPCL entities are noted in the contact headers.  At the local TCPCL entity, this enables bundles that are queued up for transmission to the BP node served by the remote TCPCL entity to be dequeued and transmitted correctly via the new TCP connection.

5.  It is of course possible for the remote TCPCL entity's contact header to be incorrect or malicious, falsely claiming association with the cited BP node.  To this end, maybe one of the data items in the contact header should be a signature over the whole contact header, signed in the private key of the remote TCPCL entity's associated BP node.  When each TCPCL entity receives the other's contact header and reads the node ID, it could use the cited node's public key to validate the contact header's signature.

Scott

From: dtn <dtn-bounces@ietf.org> On Behalf Of Brian Sipos
Sent: Thursday, August 8, 2019 2:18 PM
To: dtn@ietf.org
Subject: [EXTERNAL] Re: [dtn] AD review of draft-ietf-dtn-tcpclv4-12

All,
Because I am less familiar with the nuances of preexisting DTN and TCPCLv3 uses, can anyone help inform me about how the EID was/is intended to be used as part of the TCPCL. As Magnus points out, as currently written (and as a carry-over from TCPCLv3) there is no mechanism to authenticate that the EID sent by a TCPCL Entity is properly bound to the host sending it. Is there a purpose for this EID other than manual troubleshooting?

I'm planning on adding some text explaining how TLS with X.509can be used to authenticate the TCPCL peer based on the hostname/address used for the TCP connection in accordance with RFC 6125. It would also be possible to authenticate the EID as a subject URI of a peer certificate. Does this seem reasonable and desirable?

Thanks for any guidance,
Brian S.

________________________________________
From: Magnus Westerlund
Sent: Thursday, August 01, 2019 09:31
To: mailto:dtn@ietf.org; mailto:draft-ietf-dtn-tcpclv4@ietf.org
Subject: AD review of draft-ietf-dtn-tcpclv4-12

Hi,

I have now performed my AD review of draft-ietf-dtn-tcpclv4-12. I think most are minor comments, however the TLS and security related ones may be more problematic to resolve. I will now be on vacation so you know you will not receive any quick replies from me before the end of the month.

1. Section 1: What are the applicability of TCPCLv4 to BPv6? I wonder as RFC5050 is referenced.
2. Section 1.1: Session State Changed. Some editorial issues. Missing ":" initially. Then double ".." on Terminated.
3. Section 1.1:
   Session Idle Changed  The TCPCL supports indication when the live/idle sub-state changes.  This occurs only when the top-level session state is Established.  Because TCPCL transmits serially over a TCP connection, it suffers from "head of queue blocking" this indication provides information about when a session is available for immediate transfer start.

So in which direction are this change indicated/reported, both or only in one of them, or any as implied by Section 2.1's definition of Live Session?
4. Section 1.1: Transmission Intermediate Progress: Segment is not defined prior to this. Maybe a forward pointe? Or should maybe the whole subsection (1.1) be moved to after definitions?
5. Section 2: Is there a point to use the RFC 8174 language that makes only capital words have special meaning?
6. Section 3.1: "One of these parameters is a singleton endpoint identifier for each node (not the singleton Endpoint Identifier (EID) of any application running on the node) to denote the bundle-layer identity of each DTN node."

The above quote does imply something that at least BPBis isn't making clear that a particular application agent would have its own EID. It is not clear that there are a one-to-one relationship between bundle nodes and application agents. Can you please clarify what the relationship is and lets figure out if that needs to be clarified back to BPbis.
7. Section 3.1: "Bundle interleaving can be accomplished by fragmentation at the BP layer or by establishing multiple TCPCL sessions between the same peers."

Are there clear rules established for how many TCPCL sessions in parallel that may be established? By the end of my reading this is unanswered.
8. Section 3.1: XFER_REFUSE does that indicate that the bundle has already been received. How else does one separate other reasons for refusing a bundle versus that one have received it prior?
9. Section 3:1:    Once a session is established established, TCPCL is a symmetric protocol between the peers.
Double established
10. Figure 4: "Close message" is this TCP level message, if that is the case can that be clarified by prefix with TCP?
11. Section 3.2:
   Notes on Established Session states:
      Session "Live" means transmitting or reeiving over a transfer
      stream.

      Session "Idle" means no transmission/reception over a transfer
      stream.

     Session "Closing" means no new transfers will be allowed.

Note that "Closing" is not used in Figure 4, it is called ending. Note spelling error on "live" receving.
12. Section 3.2: Figure 5 and 6 uses PCH without explanation. Figure 5 could probably also benefit by expanding CH as Contact Header.
13. Figure 8 and 10: Uses [SESSTERM] is this the same as using the SESS_TERM message, or some other procedure. Please clarify.
14. Section 3.3: "   Many other policies can be established in a TCPCL network between these two extremes."

The list above includes three items, so the two extremes needs to be enumerated.
15. Section 4.1: Can TCPCLv3 and TCPCLv4 coexist on Port 4556? Based on 9.1 the answer is yes, please clarify here.
16. Section 4.1: "Therefore, the entity MUST retry the connection setup no earlier than some delay time from the last attempt, and it SHOULD use a (binary) exponential backoff mechanism to increase this delay in case of repeated failures."

Any recommended upper limit for the backoff?
17. Section 4.2:    Version:  A one-octet field value containing the value 4 (current version of the protocol).

I think the use of "the protocol" is unclear, maybe call it "the TCP convergence layer". This to avoid confusion with BPv7.
18. Section 4.2: Please define how to set and ignore reserved bits in the Flags field so that it may be extended in the future.
19. Section 4.3 and 4.4: Due to how the Contact Header relate to TLS there is clear risk for a TLS stripping attack where the CAN_TLS flag is cleared. I think there need to be some thought about mitigation of this weakness. Depending on the expected mix of entities and their capabilities one can either have policy for a deployment where one mandates TLS being used, thus preventing the bid-down by not being according to policy. It is more difficult to mitigate in a deployment where one have some entities that doesn't support TLS, unless one can some way securely learn which entities support it or not and thus can detect the manipulation. One can potentially also first attempt to do a TLS handshake for the best version one supports. Then run the CH inside the TLS to prevent TCPCL version and other flags to be manipulated. But that doesn't solve the down-bid. I did note the negotiation in Section 4.7 and the relation to Security Policy. Maybe the solution is to write some text on the risk of TLS striping in Section 8 and add forward pointers in 4.7 to that risk.
20. Section 4.4: Dealing with new TLS versions. BCP 195 does not appear to me to define how to deal with newer versions. However, as TLS 1.3 already exist I think this is from the start a relevant question.
21. Section 4.4: So what about entity authentication? Will the TCPCL entity have a name / identity that can be authenticated so that one know that one are talking to the right entity. And is the solution for this a classical PKI, or something else? Also does the passive entity expect the active (TLS client) to authenticate itself also?
22. Section 4.8: Please define how to set and ignore the reserved bits.
23. Section 4.5: Based on that many later sections just refer to the Message Header, shouldn't the section title for section 4.5 be Message Header? Now the first mentioning of "Message Header" are in Figure 16's title.
24. Section 6.1:
   After sending a SESS_TERM message, an entity MAY continue a possible
   in-progress transfer in either direction.  After sending a SESS_TERM
   message, an entity SHALL NOT begin any new outgoing transfer (i.e.
   send an XFER_SEGMENT message) for the remainder of the session..
   After receving a SESS_TERM message, an entity SHALL NOT accept any
   new incoming transfer for the remainder of the session.

To me it seems that the above paragraph contains one contradiction. The parenthesis in the second sentence (i.e. send an XFER_SEGMENT message) appears to be false. Because as the beginning of the sentence implies that it can't start a new transfer. However SESS_TERM is allowed to be inserted in between XFER_SEGEMENT messages for a transfer ID, i.e. XFER_SEGMENT(ID=7), SESS_TERM, XFER_SEGMENT(ID=7, end) is an allowed sequence. Can you please clarify.
25. Section 8.
If this identifier is used outside of a TLS-secured session or
   without further verification as a means to determine which bundles
   are transmitted over the session, then the node that has falsified
   its identity would be able to obtain bundles that it otherwise would
   not have.

I don't see how a entity could trust the in SESS_INIT provided EID more just because it is in TLS unless there are some mechanism for binding the EID to the TLS session endpoint (client or server). Some type of authentication is needed to prove the identity.
26. Section 8.
Therefore, an entity SHALL NOT use the EID value of an
unsecured contact header to derive a peer node's identity unless it
   can corroborate it via other means.

The EID value is not part of the CH, only SESS_INIT. Is this a left over from TCPCLv3 or earlier versions?
27. Section 8. Needs text on  TLS stripping attack due to the optional TLS usage.
28. Section 9: "In this section, registration procedures are as defined in [RFC8126]." . defined as in .
29. Section 9: "Some of the registries below are created new for TCPCLv4 but share code values with TCPCLv3."

I don't think "share" is the right word here. Maybe "Some of the registries have been defined as version specific to TCPCLv4, and imports some or all codepoints from TCPCLv3."
30. Section 9.3: Is RFC Required unnecessary strict? Considering the quite large name space, I would think that specification required would be a suitable policy? Just trying to understand what you think is gained by having someone publish the extension as an RFC, in any stream including the independent.
31. Section 9.4: Same question as for 30)
32. Section 9.5: Here RFC required may be suitable. However, does it make sense to allocate 2 or 4 points also here for Private/Experiments?
33. Section 9.6: Here I would consider Expert Review with a specification requirement. I also do not understand why so much is reserved, a reason for that?
34. I would expect that the policy for 9.6-9.8 to be aligned so may require change if change is decided on 33.
35. A big question I have after having read this document is how one discover / determine the IP+port(s) to connect to for a given EID. Is this currently completely deployment specific? And how bound is this to Bundle routing?

What may be missing is the section that tells the intended implementor that in addition to follow this specification you do need a solution to the following things, like for example authentication framework that allows one to verify the TLS connects to EID mappings. Or an address resolution protocol that maps EID to IP address and port pairs for cases when routing simply give you Forward this bundle to EID using TCPCLv4.

Cheers

Magnus Westerlund

_______________________________________________
dtn mailing list
dtn@ietf.org
https://www.ietf.org/mailman/listinfo/dtn