Re: [Last-Call] [nfsv4] Genart last call review of draft-ietf-nfsv4-rpc-tls-07
Chuck Lever <chuck.lever@oracle.com> Fri, 29 May 2020 23:36 UTC
Return-Path: <chuck.lever@oracle.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 991D03A11D7; Fri, 29 May 2020 16:36:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j9EK0S4BhuTU; Fri, 29 May 2020 16:36:47 -0700 (PDT)
Received: from userp2130.oracle.com (userp2130.oracle.com [156.151.31.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 266CF3A11D6; Fri, 29 May 2020 16:36:46 -0700 (PDT)
Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 04TNWvKC180099; Fri, 29 May 2020 23:36:36 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=corp-2020-01-29; bh=dNLCYQ4EV6CLnG9ZMc43bwOkHPQdzbGmPEbd3nHEIgM=; b=uxLuhVsLD1KvwQQ/+Yhy/dy2USWM6r5NFro+pToQ6O5Vdl5ZbX2MEKgxGEBzg7bcehYv XL+SFhmjxW4ST2SZjl9AhiN22+m7N14f118CD+4TLm+MWSPCux8yHTd+n0jwcGR5RiqU xDFiKt78mNc2hS1nDAlCiEDbPl7UM30KKU4QWwFEJ+szw5wKATGaSHfRJtLx805YcqWm UASNb7k3ZO22FA8CT1uepkuRKCuS2zWc1eD54JAXYzw32reqoU3aTH5XQV99Oh7v3wpH VoUeRhZkID72zrfzOyUnOmZ7d0IBqhj9NnVr9sm3QejbRTapRv3dfFhEmjHTtc+X4BEs Lw==
Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2130.oracle.com with ESMTP id 316u8rcwjr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Fri, 29 May 2020 23:36:36 +0000
Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 04TNX103052736; Fri, 29 May 2020 23:36:36 GMT
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by userp3030.oracle.com with ESMTP id 317ds5199h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 May 2020 23:36:36 +0000
Received: from abhmp0006.oracle.com (abhmp0006.oracle.com [141.146.116.12]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id 04TNaZxP000961; Fri, 29 May 2020 23:36:35 GMT
Received: from anon-dhcp-153.1015granger.net (/68.61.232.219) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 29 May 2020 16:36:34 -0700
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.14\))
From: Chuck Lever <chuck.lever@oracle.com>
In-Reply-To: <1E8C42B7-C038-44AB-BCF9-1C0C9D02DEEE@oracle.com>
Date: Fri, 29 May 2020 19:36:33 -0400
Cc: last-call@ietf.org, gen-art@ietf.org, nfsv4@ietf.org, draft-ietf-nfsv4-rpc-tls.all@ietf.org
Content-Transfer-Encoding: 7bit
Message-Id: <7941B9E9-6CD1-460E-82C5-94369EE6DEAB@oracle.com>
References: <87pnaoiwx6.fsf@hobgoblin.ariadne.com> <1E8C42B7-C038-44AB-BCF9-1C0C9D02DEEE@oracle.com>
To: Dale Worley <worley@ariadne.com>
X-Mailer: Apple Mail (2.3445.104.14)
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9636 signatures=668686
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 phishscore=0 malwarescore=0 mlxlogscore=999 adultscore=0 suspectscore=0 bulkscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2005290170
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9636 signatures=668686
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 mlxscore=0 priorityscore=1501 spamscore=0 cotscore=-2147483648 suspectscore=0 phishscore=0 clxscore=1015 mlxlogscore=999 bulkscore=0 adultscore=0 lowpriorityscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2005290170
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/E-_PJzUQYBaGfUCTIvCbsoXhrPk>
Subject: Re: [Last-Call] [nfsv4] Genart last call review of draft-ietf-nfsv4-rpc-tls-07
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2020 23:36:49 -0000
> On May 27, 2020, at 11:57 PM, Chuck Lever <chuck.lever@oracle.com> wrote: > > > >> On May 27, 2020, at 11:02 PM, worley@ariadne.com wrote: >> >> Chuck Lever <chuck.lever@oracle.com> writes: >>>> Somewhere in this section you need to specify the semi-obvious: >>>> >>>> [...] >>> >>> I can add something like this in Section 4.1, but note that Sections >>> 5.1.1 and 5.1.2 already explain the relationships between TCP/UDP >>> and TLS/DTLS, respectively. >> >> Hmmm, I want to answer "yes and no". I think those passages were >> written with the presupposition that those relationships were already >> known and specified, and the text talks *about* that relationship. >> E.g., 5.1.1 qualifies the sentence with "Typically", and neither section >> uses normative language. >> >> The point is that if you upgrade, if you start with TCP, you MUST >> upgrade to TLS, and if you start with UDP, you MUST upgrade to DTLS. >> Whereas it is conceivable that one could start with UDP to port 111, >> discover rpc-tls support and then do a TLS connection to TCP port 111 >> ("the same port") to continue. (After all, every NFS server listens on >> 111 both with UDP and TCP, right?) And you have to state that >> explicitly as a requirement. > > NFSv4 servers don't have to provide an rpcbind service on port 111 any > more... but I get your point. > > The proposed replacement text I posted earlier today explains how it is > supposed to work but does not use normative language. It needs to take > another step and /require/ that a client uses the appropriate protection > mechanism for the transport it wants to use. Proposing the following text to replace all of Section 4.1. It better describes the initiation of an AUTH_TLS probe, and provides additional normative requirements to help bridge the gap cleanly between the probe and the establishment of a TLS session. 4.1. Discovering Server-side TLS Support The mechanism described in the current document interoperates fully with RPC implementations that do not support RPC-on-TLS. Policy settings on the RPC-on-TLS-enabled peer determine whether RPC operation continues without the use of TLS or RPC operation is not permitted. To achieve this interoperability, we introduce a new RPC authentication flavor called AUTH_TLS. The AUTH_TLS authentication flavor signals that the client wants to initiate TLS negotiation if the server supports it. Except for the modifications described in this section, the RPC protocol is unaware of security encapsulation at the transport layer. The value of AUTH_TLS is defined in Section 8.1. An RPC client begins its communication with an RPC server by selecting a transport and destination port. The choice of transport and port is typically based on the RPC program that is to be used. The RPC client might query the RPC server's rpcbind service to make this selection. In all cases, an RPC server MUST listen on the same ports for (D)TLS-protected RPC programs as the ports used when (D)TLS is not available. To protect RPC traffic to a TCP port, the RPC client opens a TCP connection to that port and sends a NULL RPC procedure with an auth_flavor of AUTH_TLS on that connection. To protect RPC traffic to a UDP port, the RPC client sends a UDP datagram to that port containing a NULL RPC procedure with an auth_flavor of AUTH_TLS. The mechanism described in the current document does not support RPC transports other than TCP and UDP. The length of the opaque data constituting the credential sent in the RPC Call message MUST be zero. The verifier accompanying the credential MUST be an AUTH_NONE verifier of length zero. The flavor value of the verifier in the RPC Reply message received from the server MUST be AUTH_NONE. The length of the verifier's body field is eight. The bytes of the verifier's body field encode the ASCII characters "STARTTLS" as a fixed-length opaque. If the RPC server replies with a reply_stat of MSG_ACCEPTED and an AUTH_NONE verifier containing the "STARTTLS" token, the client SHOULD proceed with TLS session establishment, even if the Reply's accept_stat is not SUCCESS. If the AUTH_TLS probe was done via TCP, the RPC client MUST send the "ClientHello" message on the same connection. If the AUTH_TLS probe was done via UDP, the RPC client MUST send the "ClientHello" message to the same UDP destination port. Conversely, if the Reply's reply_stat is not MSG_ACCEPTED, if its verifier flavor is not AUTH_NONE, or if its verifier does not contain the "STARTTLS" token, the RPC client MUST NOT send a "ClientHello" message. RPC operation can continue, however it will be without any confidentiality, integrity or authentication protection from (D)TLS. If, after a successful RPC AUTH_TLS probe, the subsequent (D)TLS handshake should fail for any reason, the RPC client reports this failure to the upper-layer application the same way it reports an AUTH_ERROR rejection from the RPC server. If an RPC client uses the AUTH_TLS authentication flavor on any procedure other than the NULL procedure, or an RPC client sends an RPC AUTH_TLS probe within an existing (D)TLS session, the RPC server MUST reject that RPC Call by setting the reply_stat field to MSG_DENIED, the reject_stat field to AUTH_ERROR, and the auth_stat field to AUTH_BADCRED. Once the TLS session handshake is complete, the RPC client and server have established a secure channel for communicating. A successful AUTH_TLS probe on one particular port/transport tuple never implies RPC-on-TLS is available on that same server using a different port/ transport tuple. -- Chuck Lever
- [Last-Call] Genart last call review of draft-ietf… Dale Worley via Datatracker
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… David Noveck
- Re: [Last-Call] [nfsv4] Genart last call review o… Trond Myklebust
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… worley
- Re: [Last-Call] [nfsv4] Genart last call review o… worley
- Re: [Last-Call] [nfsv4] Genart last call review o… worley
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… worley
- Re: [Last-Call] [nfsv4] Genart last call review o… Chuck Lever
- Re: [Last-Call] [nfsv4] Genart last call review o… worley
- Re: [Last-Call] [Gen-art] [nfsv4] Genart last cal… Alissa Cooper