IETF Logo Mail Archive

Re: [Last-Call] [homenet] Dnsdir telechat review of draft-ietf-homenet-front-end-naming-delegation-18

Daniel Migault <mglt.ietf@gmail.com> Thu, 20 October 2022 04:54 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F5E5C1524BA; Wed, 19 Oct 2022 21:54:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0K7COY40AToi; Wed, 19 Oct 2022 21:54:04 -0700 (PDT)
Received: from mail-qv1-xf32.google.com (mail-qv1-xf32.google.com [IPv6:2607:f8b0:4864:20::f32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AFD4C1522BC; Wed, 19 Oct 2022 21:53:37 -0700 (PDT)
Received: by mail-qv1-xf32.google.com with SMTP id h10so12823308qvq.7; Wed, 19 Oct 2022 21:53:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/+57YKWGXLQ+E1tdb7M73Tn81w23dBNhjEm7AU6+U9I=; b=TnefxUu25YEGmJs9a9eZPSy0K77DQx+6i/sqETjz2S+tKFKTqYayc+DRBqjNEJYz1t tya29QZ3MNG/IewvN+Yf6dWsxYFXeInr0odPbQEyMx50lXHBod/2Hfwgq7eG0hGt5JMN Nlp544KZILMVKzPfGsbZzs0WdfGhS4mGb1QGnt9kYLhrXc45Katob37IAGjHbGPGn+NQ 807UvkyxSSx1KadwF6plSfSImAwlySXIOpBtyb6/D1Aaj7XKl2YhQrR8/CIi24+2iExr aqBzyzi8vxpKaO1v35JHEgT25tqqG486sKL/J0ti5tSX2XfwKpeIUBhoNAnLWWzpGyXH e1kQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/+57YKWGXLQ+E1tdb7M73Tn81w23dBNhjEm7AU6+U9I=; b=TR1e9CjKAC90VPqQXnBB+TOXDaKOGgc4pcOKrW3RiSI1cl7VtwSGOYwLR3T1RWzyjN 34dkS/xcxOPZC7FDaQGMP4fvVeJDh2Z9CWJIJOofN2sCXQDfS6tOmzXKomaUzwGnIQyj LkiwZZKrfJDpH1hqefiOBUafxzqLlCCGBegVktjIc6YzC2URfgXm1GnUotlr13J2uvLq UF64d3cPUTbr6hnfS6u1Xy08fin69V4fIdE43NS6EUSmwYWV3HzEekol+9To6ZULi7xA PvW27gyYpx6HbNUa2vFeIzvTlCr2hFv44fvFq1x3kMA+V1uYGClg3CTKhadbV7v/IEMB gj0g==
X-Gm-Message-State: ACrzQf3GLPbrqfMBDRmXcpJf9f/Vd1akkSRcpyqQeArXZUQw7BWxwAOh edvpP9v+El10j19fw9t5a5AvGhkbnqW8aPmKwn/M9CXEM0Y=
X-Google-Smtp-Source: AMsMyM7OCO8PJfxV6wmQ9tI5vaJ2tLAZ99YPoTzkF65sNzMdIQcGMoNYHFXVlGWFhRNeEouGu2u6gDTvEqG0gSZ+L+4=
X-Received: by 2002:ad4:5de8:0:b0:4b1:85db:3509 with SMTP id jn8-20020ad45de8000000b004b185db3509mr9510932qvb.121.1666241615473; Wed, 19 Oct 2022 21:53:35 -0700 (PDT)
MIME-Version: 1.0
References: <166601224491.24452.9575096761631204136@ietfa.amsl.com> <CADZyTknfP8MJLhaEUm=5YqJMRnN+HXnjNnoK1qe1m_mK+f1uSQ@mail.gmail.com> <CAMgEDbTDY3w42-Aw0dBabcfkM6BssZ_qNvin9E_Qaj3R=d__jw@mail.gmail.com>
In-Reply-To: <CAMgEDbTDY3w42-Aw0dBabcfkM6BssZ_qNvin9E_Qaj3R=d__jw@mail.gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
Date: Thu, 20 Oct 2022 00:53:24 -0400
Message-ID: <CADZyTkkr=gV9neZNfxARcAasiHAhfKkgD2zR=+9yJ8fbg1ujsA@mail.gmail.com>
To: Matt Brown <ietf@mattb.net.nz>
Cc: dnsdir@ietf.org, draft-ietf-homenet-front-end-naming-delegation.all@ietf.org, homenet@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="00000000000099b24705eb701b2e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/MEcSrNtXupOgnV_SIWc6HyZKDYw>
Subject: Re: [Last-Call] [homenet] Dnsdir telechat review of draft-ietf-homenet-front-end-naming-delegation-18
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Oct 2022 04:54:06 -0000

Thanks for the feed back. Please see my response inline. Note that we are
clarifying the use of transport protocols in the current document. For the
synchronization channel we mandate XoT, for the control channel we mandate
DoT - still with mutual authentication. I hope the line below adresse you
concern regarding mutual authentication.
Yours,
Daniel

On Wed, Oct 19, 2022 at 8:29 PM Matt Brown <ietf@mattb.net.nz> wrote:

> On Wed, Oct 19, 2022 at 3:25 PM Daniel Migault <mglt.ietf@gmail.com>
> wrote:
> >
> > Hi Matt,
> >
> > Thanks for the review. I am only responding to the major comments - for
> now. I apologize for the partial response but I promise I will go through
> all other comments tomorrow (my) morning and hope you will still have this
> partial response (your) morning.
>
> No problem, likewise responding just to this first message now, and
> hopefully to your subsequent message later today!
>
> >> Major Issues (aka Not Ready):
> >>
> >> Mutual TLS and DoT - 3.2 and 4.6 recommend that the HNA and DM secure
> their
> >> control channel communications using mutual TLS and DoT - but DoT is not
> >> specified to support mutual authentication. While mutual TLS auth at the
> >> underlying TLS layer is clearly viable - how to integrate that at the
> DNS
> >> layer, and whether that is compatible with DoT on the existing port, or
> would
> >> need a further port allocation (and subsequent IANA consideration in
> 13) would
> >> need to be addressed. None of the alternative future protocols listed
> in 3.2
> >> support mTLS either as far as I am aware.
> >>
> >> Given the recommendation to use XoT (RFC9103) (which does specify mTLS
> >> capability) for the Synchronization channel in 5.1 - I wonder why this
> protocol
> >> has not also been considered for the control channel instead of DoT?
> >>
> > The section securing the Synchronization channel  mentions:
> >
> > The AXFR request from the DM to the HNA SHOULD be secured and the use of
> TLS is RECOMMENDED {{!RFC9103}}.
> >
> > So this is effectively what we rely on, mostly for the following
> reasons: 1) most of our exchanges are IXFR/AXFR and these are the one with
> the main concern, and 2) we wanted to reuse what is implemented in major
> distributions.
> > To put it in another way, we wanted the transaction between the HNA and
> the DM to be protected by TLS, and probably split from DNS over TLS to DoT.
> Would replacing DoT by XoT address your concern ?
>
> I'll confess my first encounter with XoT was in reading this draft, so
> I don't have a lot of context on its suitability for this use-case
> yet, but in as much as it looks at a glance to be a protocol that is
> intended to support mTLS (where DoT is not) in a context where
> authentication is expected, then I think it would address my
> concern... more below.
>
> > I would be happy to understand though why DoT would be an issue. The
> only point I can see is that 7858 specifies that it limits its scope to
> client -to resolver communications while admitting such restriction is due
> to a charter limitation. Since XoT mentions it is heavily relying on DoT,
> and resolvers and authoritative servers both handle DNS packets, I tend to
> assume that we may consider DoT can be used for any DNS communications, but
> I might be missing something.
>
> What I understand when I read this draft is a proposal is to take a
> protocol (DoT, RFC7858) with a primary purpose of providing *privacy*
> and which states in its design that authentication of clients is not
> in scope and use it in a context where *authentication of clients* is
> the primary requirement (e.g. the DM needs to know that it's receiving
> a connection from a client authorized to control the domain in the
> messages). That type of usage outside of the scope envisaged by
> RFC7858 brings two concerns to my mind:
> 1) *How* will clients/servers choose to implement the client
> authentication and will they be compatible with each other without
> further guidance/constraint being provided on how client
> authentication in DoT should be performed?
>

This is correct that if client authentication is disable it will not
happen. That said, we can believe that if that is what we are looking at
the TLS library will be configured appropriately. IN this case
the clients and the server are specific entities.

Regarding 7858, it does not say the client is not authenticated, it says
that the client authenticates the server and after the negotiation
completes the connection is encrypted. Client authentication is part of the
TLS negotiation.

Another example is also that when session resumption occurs, it becomes
hard to claim the client is not authenticated as TLS uses tha PSK-ECDHE
scheme.

To keep things simple, I would say if DoT were not defined we would have
said the traffic is secured by TLS. If we cannot use DoT we are happy to do
so, but I do not think using Dot is a concern there. That said, I am happy
to learn more if I am missing anything.

2) What are the security implications of authenticating clients in
> DoT? No doubt there are ways to do it that are not secure and should
> be avoided, but neither DoT or this now proposed draft examine this in
> any way.
>

XoT did that and optimized AXFR over TLS.

>
> Generally any time I see a security protocol/mechanism designed for
> one purpose (e.g. privacy) re-used in another context (e.g. client
> authentication) without significant examination of the implications
> and safety of that, I hear warning bells.



>
>
> Another point I would like to clarify is why another port would be needed
> for mTLS as this is a capacity announced by the TLS server. The support of
> mTLS is simply announced by the server by sending a CertificateRequest. The
> TLS client may only accept such communications. I do not necessarily see
> this as an issue, but again maybe I am missing something.
>
> Sorry for the confusion here, the point I was trying to make was
> simply whether DoT on the existing port could be used, or whether to
> get the authentication properties you need from the connection you
> actually need a new protocol (not DoT) that is designed fro
> authentication, not privacy to achieve that, and if that were the
> case, then such a hypothetical new protocol would presumably require
> its own port.
>
> Hope that clarifies.
>
> yes it does. I do not think we need a new port.


> --
> Matt Brown
> DNS Directorate Member
>


-- 
Daniel Migault
Ericsson

v2.23.0 | Report a Bug | By Email