Re: [IPFIX] [Technical Errata Reported] RFC7011 (7413)

Benoit Claise <benoit.claise@huawei.com> Sun, 09 April 2023 08:16 UTC

Return-Path: <benoit.claise@huawei.com>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53457C1524AE for <ipfix@ietfa.amsl.com>; Sun, 9 Apr 2023 01:16:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.801
X-Spam-Level:
X-Spam-Status: No, score=0.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_SUMOF=5, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uP5ZJMEg6F_q for <ipfix@ietfa.amsl.com>; Sun, 9 Apr 2023 01:16:16 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5791C152574 for <ipfix@ietf.org>; Sun, 9 Apr 2023 01:16:15 -0700 (PDT)
Received: from frapeml500001.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4PvPyJ2Gtpz6J6yr; Sun, 9 Apr 2023 16:14:00 +0800 (CST)
Received: from [10.47.152.79] (10.47.152.79) by frapeml500001.china.huawei.com (7.182.85.94) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Sun, 9 Apr 2023 10:16:07 +0200
Message-ID: <5cf9e33a-fd28-76b1-3d1a-9033a35e70bc@huawei.com>
Date: Sun, 09 Apr 2023 10:16:02 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.9.1
Content-Language: en-GB
To: "Brian Trammell (IETF)" <ietf@trammell.ch>, RFC Errata System <rfc-editor@rfc-editor.org>
CC: paitken@cisco.com, ipfix@ietf.org, rwilton@cisco.com, mwd@cert.org, n.brownlee@auckland.ac.nz, bclaise@cisco.com, warren@kumari.net, trammell@tik.ee.ethz.ch
References: <20230402231741.D199456691@rfcpa.amsl.com> <B263BBF9-EDB4-49A7-AF93-3E07372E535F@trammell.ch>
From: Benoit Claise <benoit.claise@huawei.com>
In-Reply-To: <B263BBF9-EDB4-49A7-AF93-3E07372E535F@trammell.ch>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.47.152.79]
X-ClientProxiedBy: dggems704-chm.china.huawei.com (10.3.19.181) To frapeml500001.china.huawei.com (7.182.85.94)
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipfix/iV5vDVLuECY14yHX8dCqUussYwM>
Subject: Re: [IPFIX] [Technical Errata Reported] RFC7011 (7413)
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipfix/>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Apr 2023 08:16:20 -0000

Dear all,

I agreed with Brian, this is a useful clarification, which should be 
verified.

Regards, Benoit
On 4/3/2023 2:29 PM, Brian Trammell (IETF) wrote:
> On first glance, this seems (1) correct and (2) a useful clarification, and superior to both of the other proposed possible fixes. So I think this one can be verified.
>
>> On 3 Apr 2023, at 01:17, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
>>
>> The following errata report has been submitted for RFC7011,
>> "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information".
>>
>> --------------------------------------
>> You may review the report below and at:
>> https://www.rfc-editor.org/errata/eid7413
>>
>> --------------------------------------
>> Type: Technical
>> Reported by: Michael Duggan <mwd@cert.org>
>>
>> Section: 3.4.1
>>
>> Original Text
>> -------------
>> Field Count
>>
>>       Number of fields in this Template Record.
>>
>> Corrected Text
>> --------------
>> Field Count
>>
>>       Number of fields in this Template Record.  The Field Count MUST NOT be zero.
>>
>> The sum of the Field Lengths of the Field Specifiers of a Template Record MUST NOT be zero.
>>
>> Notes
>> -----
>> If the size of data record corresponding to a template can ever be zero, then  the only valid size for such a data set is the size of the set header.  For normal cases any size greater than that of the set header is a valid size, since records are read from a set until the number of octets remaining is less than the smallest possible record size for that set.  If a record size can be zero, then any number of bytes past the header cannot be padding (is not smaller than the smallest record), and a conforming implementation might return an infinite number of zero-sized records.  As this could cause a denial of service situation, rejecting templates that define zero-sized records seems to be the simplest solution.
>>
>> Similar text may be necessary for Option Template records, though the fact that the scope count MUST be non-zero may negate the necessity.
>>
>> Other possible fixes:
>> * Require all Field Specifiers to have a non-zero Field Length.  This may be an even simpler solution, but I can envision uses for zero-sized data elements, especially for elements that MAY be of variable length.
>> * Require a conforming implementation to reject or ignore data sets for zero-sized templates.
>>
>> Instructions:
>> -------------
>> This erratum is currently posted as "Reported". If necessary, please
>> use "Reply All" to discuss whether it should be verified or
>> rejected. When a decision is reached, the verifying party
>> can log in to change the status and edit the report, if necessary.
>>
>> --------------------------------------
>> RFC7011 (draft-ietf-ipfix-protocol-rfc5101bis-10)
>> --------------------------------------
>> Title               : Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information
>> Publication Date    : September 2013
>> Author(s)           : B. Claise, Ed., B. Trammell, Ed., P. Aitken
>> Category            : INTERNET STANDARD
>> Source              : IP Flow Information Export
>> Area                : Operations and Management
>> Stream              : IETF
>> Verifying Party     : IESG
>>
>> _______________________________________________
>> IPFIX mailing list
>> IPFIX@ietf.org
>> https://www.ietf.org/mailman/listinfo/ipfix
> _______________________________________________
> IPFIX mailing list
> IPFIX@ietf.org
> https://www.ietf.org/mailman/listinfo/ipfix