Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity
tom petch <daedulus@btconnect.com> Mon, 15 February 2021 17:36 UTC
Return-Path: <daedulus@btconnect.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9388A3A0E28; Mon, 15 Feb 2021 09:36:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GAhJmvCQpHFs; Mon, 15 Feb 2021 09:36:55 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2105.outbound.protection.outlook.com [40.107.20.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A9413A0E25; Mon, 15 Feb 2021 09:36:54 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dZntwJfUSSRqQkYh0s92IZ1QO5EptJ8g8rDcyUH+UWCSJ1KvpvzSMWNP6V1R+8OcvX6cNFlV4NCX/2Ckkh83ea7/VkY32uwqysMZNQI3asdRT7sEdAPxYfl7ry+BFj+6Re1OSh+H7HZKMrexN4Ggw4G+5vlPRAXuaTj/az0eCE0fxDycNvslO9K1q8nJGYnm+XYpng92V/xmvKiMngniSoTJLAMTmpDH1ZlJ2NiXmv8R3d5U9o3zONDGseDUFTJEloQJmAI7ds5jEDbzK/TJm2MKlphi+VQ1w+Tk/46dFFKQd619LtC8cCnSMDBsbZ04xdDAVM3SAYYGp4dTBUavKQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iks1Yvy/4ZwURsj8S8Gro0AUYq4Gr+1fld20uIw4Av0=; b=hYhVb7Lyr9k9Qx+/u49R3DVA4rXzJzQ6PaV1/ZIJTv3mrewPtgmoxIMV3Yf9J6V6cHN5m0Yn5ueO17ApqXt8M8LI9lDlshhwQZgGOXhLSsS0RBz2zQyDTcdoxcJMMLc1XVizC6qydBTygpMw5xqUctKKCnrXBS2SLwdMqXek5M39o+nEVLmwkQ+PXFzy5M3dVHjF16wVQuYSDDZHdHZ5IeTRBW3D/3BfuRaY065COqVJTpWgmY4jN8P+R0EeHc2q32/9T67TmfiOEU+KgK0K9tWMKWHtMCGOQZnl1JHkEN6yWbfgO5I4V0jBTlp571RSg00zzds0thgKlgcDKPrYKA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iks1Yvy/4ZwURsj8S8Gro0AUYq4Gr+1fld20uIw4Av0=; b=WZWN1xFLsArxRFL8rZPLDUhkY/3QhVMhvF7DRXPG7eyjFd7RFcs8LEdqlGqw5oWfWjUhEEAiz5vUsa5k5knkW6YuOCXtpfr6FMaLS6JB3hAua5j+q8WO6HBKJsE4l6A8lx445dgIldhh5+cxiNMSbE3qb3TuF+xL9xZ/M4LY2uQ=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=btconnect.com;
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8) by VI1PR0701MB2189.eurprd07.prod.outlook.com (2603:10a6:800:25::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.12; Mon, 15 Feb 2021 17:36:52 +0000
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::181c:709a:6f7a:b811]) by VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::181c:709a:6f7a:b811%3]) with mapi id 15.20.3868.022; Mon, 15 Feb 2021 17:36:52 +0000
To: Benjamin Kaduk <kaduk@mit.edu>
References: <161195994417.2651.6499166797756243533@ietfa.amsl.com> <60212265.6020204@btconnect.com> <CAB75xn7tXa1BCHd=KFR9DC=+bA01R1A+X2M4oUbrF-YLx8ExJA@mail.gmail.com> <602262BD.3050708@btconnect.com> <20210215011127.GA21@kduck.mit.edu>
Cc: Dhruv Dhody <dhruv.ietf@gmail.com>, NTP WG <ntp@ietf.org>, last-call@ietf.org, draft-ietf-ntp-yang-data-model@ietf.org, ek.ietf@gmail.com, Dieter Sibold <dsibold.ietf@gmail.com>, ntp-chairs@ietf.org
From: tom petch <daedulus@btconnect.com>
Message-ID: <602AB12E.9040701@btconnect.com>
Date: Mon, 15 Feb 2021 17:36:46 +0000
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
In-Reply-To: <20210215011127.GA21@kduck.mit.edu>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [86.146.121.140]
X-ClientProxiedBy: LO4P123CA0046.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:152::15) To VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [192.168.1.65] (86.146.121.140) by LO4P123CA0046.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:152::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.3846.38 via Frontend Transport; Mon, 15 Feb 2021 17:36:51 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 9a0a1f14-30ba-4036-93bc-08d8d1d847dd
X-MS-TrafficTypeDiagnostic: VI1PR0701MB2189:
X-Microsoft-Antispam-PRVS: <VI1PR0701MB218948387527048F7408C71DC6889@VI1PR0701MB2189.eurprd07.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 84MuXC13daz5Asko5UeqlKReNHl62Q83SdI2Xlu8MVNieuoL3eoAd4wgDUXT6dVMvpx8aJ6EqrEI+0Kmy6NnLbXdmESlos8ah3QgXjhYpjZIdt+JL4JEXG6FO+vPgPvM93lArhC+ADRNRkdtvIe5bmnE0URZXQ/4I2+hHX3FbB1jBSWOSzsnSDwre/g9g55SqFbFKD/fcg2dfHPDdaADtpThcznPbVknkpapgsyIz6QrESpxDJOxdLrftQAdPlM1dzY+GDPcQ0JHapNYAoW/6RsqrPczzOFUvYQRTXDsJjIVqA2rwmsQrve9CpQgUfbrHQigPriQifnXxb6avgzF3YnyDRmkgomykHOAu0E4t/wdCV83WAYfc4yG2ulLf0/mc6KgmO51RARghdlrWnZk5SRmdW9tf8NuuQ8UYCeuvHvEhzhSSZoRF3P8FwKfgxks9ghSMMOybkfOYE1ulmySrn53MjgenN6Pjrf2AIbJXkH3v5vEr5JPfZjdLMRTnJzc4O3K7AtuklZ/M0V6kv6R69cUd7y02L7rXAQoX/+6QCh7imH0xcMCSKSk0AF5X1FofMVd4dFIAF3s0c2YKpivcuRUBQTXuWyHRc4qapGv7pk=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB6704.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(39860400002)(346002)(136003)(396003)(366004)(376002)(33656002)(478600001)(966005)(8676002)(8936002)(66556008)(6916009)(2906002)(54906003)(36756003)(5660300002)(956004)(66476007)(86362001)(83380400001)(87266011)(16526019)(2616005)(52116002)(186003)(4326008)(26005)(6486002)(316002)(53546011)(16576012)(6666004)(66946007); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: YSPeWnIfFnsfjQF/q/ocoP8+5SU4TJgUVShF6HFBzOQJNlIi4+w89ccQkizkBxnSiLG8gyFD9eRfKTySRZ3MBqEKPDWrTRQLL5wbgL5dbnuqW8JGA0V8Ws5owv4jKWrDC3lila18kFi7Bx1vUgJ7IRFLFmbX8tAy+l0nJImjCXQcaA27MRKimWY9k1G3fKBC7Hh+xrQGTB2ToLkYW383XqrbOaYY93ZwDgDumMb7v/regoDZnXz6BF1X+PzcCT9AvEaj6ust+kbGVmkSvNBsoNEyjd3Iuj24QLZjx4QWcse6V4JTmWEAqmJc5tFk9Rn4YZUz9rVldup3tyFhNBhD/ltle8Rnsc3l+bBQBNPy2ZNmwXIqRe1N91V6e5xQAi4h2i2uPz7fErpR+HDMKEIaC5ORa7isMmxAwoiH0kCvSC0YYFEXFYkEEoN7Z7SmiOaWq+UuiFj1Aqh35tqWIBGAIwadhFM3QnKpQ2xH9fJ8455wWhBfDlYvdKbLwGuCNys4yGE0G5V5Hk2Gun0dlqZbP5uRYqzqYNKP6Cr42qrs3yFIgNEj0GhC+rgGOr1oKXGhhNT8b0+Qn0DsGHqm1hmiHwZmGfuKktEOW1TN9fJs7OvvqQjqv/tw1IubFbOFaQzEKXn9CC4NX9cfaFRQJpFwXi/7q+4ZXpn+jGdNasAgnzwFLQHNIWu/4s84QRnkRv+KmcMCcPO7bB872SUGynCVlB/r7wqEd9tQ9pccNObMNllmJKLXjxVdB1T50P/wUge3FKkZgnkJy/I+ElOZkP5DwE1uKqTFhWwuJZRrD3vg/HYK++UKXIrdnzv+Ymnb29aSYb/HULVWPewmk6qElmlrxVIfgRYFzHQ/HjFwLX3XoWJp1mz6WnAHckCKQQuY7u1J8jGg/pjMHgnq/9mWjrNwSPfX/6CIXluwnIY4VllHVTV1mFAJozRPjmTQEsGoYIjbiFuTwnbvwYGUPZy4G/lMB223XJxjUw+Bd9af4DwZlMUeOu0LQsh6jFrFKY4RhTtwgYzJRsnK6ySEVf7K+Bn97g3RO9sffqIhD3UPTL8LYbn7jq3oH96XRf8a8c+lcSzqk3dWLc0SoCtw2q4iHQ534eytnZfiVhowPkZIJKfKNXA49gPYeMKxBqHVKsCvqwjpALlkfP/b5jiydsAtqwJMVZcW6gHMDjZSjVdyNhC9mfoDJybrU3NVAOdbHqTkaYM9fbPXoClJqlYij1ePvme5/ypBjK6iYnwBMXc51vNgSz8iT5OtSQUcFPItSFhFodw8BsXw3GHUryIbXTUHWkgkLRXnqRGXTyB2KEL8C3FJniUMzL+WGrnfLjHMURxLqfQs
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9a0a1f14-30ba-4036-93bc-08d8d1d847dd
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB6704.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Feb 2021 17:36:52.4955 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Ws/M+6p/JixQ5hx0DIbi6LHvwUhZtl2Az3Ngzi3xvpwDCDI25cvHlNTDo3swMjSwDqS9O/UX3nuiY0Rhy/iTuw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2189
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/7F8nEVO_6qV865XMgtbHoQezr4o>
Subject: Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Feb 2021 17:36:58 -0000
On 15/02/2021 01:11, Benjamin Kaduk wrote: > Hi Tom, > > On Tue, Feb 09, 2021 at 10:23:57AM +0000, tom petch wrote: >> On 08/02/2021 17:05, Dhruv Dhody wrote: >>> Hi Tom, >>> >>> Thanks for your detailed review. Lets discuss the security first - >>> >>> On Mon, Feb 8, 2021 at 6:07 PM tom petch <daedulus@btconnect.com> wrote: >>>> >>>> This is my second response to this Last Call, about a possible security >>>> issue. >>>> >>>> RFC8573 seems clear that MD5 must not be used to effect security for NTP >>>> but this I-D imports iana-crypt-hash which allows MD5 without any >>>> restriction, so is MD5 allowed or not? >>> >>> Good question. While it is easy to restrict the use of MD5 by adding a >>> must statement, I want to check if it is a good idea. The YANG model >>> is written in such a way that it supports older versions of NTP as >>> well. Would barring MD5 configuration be an issue if there are older >>> implementations in the network still? I think perhaps adding a warning >>> in the description is a good idea. I did a quick search and dont see >>> other YANG models doing a check either. Would be good to get some >>> guidance on this. >> >> Dhruv >> >> After many years, Security (AD, secdir, advisor) still have the power to >> surprise me but I would still be surprised if Security were happy with >> an I-D which places no constraint on MD5 when the IETF has published RFC >> deprecating its use and NTP has RFC8573 which specifically deprecates it. >> >> Yet Security may not realise this from reading this I-D since the >> unrestricted use of MD5 is not immediately apparent so my post was aimed >> at bringing this to the attention of Security. As to whether this needs >> a note in Security Considerations or enforcing by YANG or both I am less >> clear on - that is up to Security. If the YANG is to deprecate it, then >> the features in ianach make that possible. >> >> Whether or not MD5 is widely used in the field is irrelevant. The IETF >> consensus it to deprecate its use and I am sure that the IESG will want >> this I-D to do just that. > > Thanks for flagging the issue; it's good to have many eyes looking out for > these things. > > That said, I think recent practice has been to not take a strict hard line > that MD5 cannot be used ever, and that non-cryptographic uses for legacy > compatibility can be retained, when accompanied by a disclaimer that the > use of MD5 is not for cryptographic purposes and that MD5 is not a secure > cryptographic hash function. > > There is an example of this buried in my remarks at > https://datatracker.ietf.org/doc/draft-ietf-extra-imap4rev2/ballot/ that > resulted in the text now found at > https://tools.ietf.org/html/draft-ietf-extra-imap4rev2-29#section-11.6 . Ben Thank you for noticing:-) The -10 that I reviewed had - MD5 is used to turn an IPv6 address into a 32-bit identifier - MD5 can be used for authentication without constraint - AES-CMAC cannot be used for authentication. I do not have a view on the first but see the second and third as contradicting RFC8573 and so in need of change. Allowing AES-CMAC I see as not controversial but do not have a view as to what to do with MD5 used for authentication e.g. - allow without constraint - allow, but deprecated, in the YANG - allow with a note in Security COnsiderations - do not allow in the YANG etc. I am still sitting on the fence on that issue, lacking the secuirty insight as to what would be acceptable, to you and the IESG. Tom Petch > -Ben > . >
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… Dhruv Dhody
- [Last-Call] Antw: [EXT] Re: [Ntp] Last Call: <dra… Ulrich Windl
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… Hal Murray
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… Dhruv Dhody
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… tom petch
- Re: [Last-Call] Antw: [EXT] Re: [Ntp] Last Call: … tom petch
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… tom petch
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… Salz, Rich
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… Benjamin Kaduk
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… Hal Murray
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… tom petch
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… Benjamin Kaduk
- Re: [Last-Call] Last Call: <draft-ietf-ntp-yang-d… tom petch
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… Harlan Stenn
- Re: [Last-Call] [Ntp] Last Call: <draft-ietf-ntp-… Hal Murray