IETF Logo Mail Archive

Re: [Last-Call] [homenet] Dnsdir telechat review of draft-ietf-homenet-front-end-naming-delegation-18

Daniel Migault <mglt.ietf@gmail.com> Sat, 22 October 2022 13:13 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E57AAC1524D0; Sat, 22 Oct 2022 06:13:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8FzrtucLYBhF; Sat, 22 Oct 2022 06:13:11 -0700 (PDT)
Received: from mail-il1-x136.google.com (mail-il1-x136.google.com [IPv6:2607:f8b0:4864:20::136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA09FC14F743; Sat, 22 Oct 2022 06:12:14 -0700 (PDT)
Received: by mail-il1-x136.google.com with SMTP id u2so3035292ilv.6; Sat, 22 Oct 2022 06:12:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Rs9WbRGpIIK3BXezPfhmNqWTQx/rNLazSre4p+nYJ7I=; b=n8lbn3B1zDER8CrzvuYfbfrUncjrRLLLA9IXiuwkmMn9KVQp6RSNfdqoYj5T+qLTKl 368q7/dj4j/8eZxRYjkHXenYhTZqBunU+GIqTDwzYgwlPb5xjX/pmoQxn+yediwm6bVR UXxGKDr0JEs1oWk/RSdr6iTqBdefKOtnoXecEG5TiceG7L6jCI6Y/kUkcDJp9NxqZ+D/ KfB95yOOWuMO7TBNS32aiifrQTIwd2u1kIl3QSdO8+/LeLQ7WpKth49ACPupWo1+JImx 6lNx+MAi9KRquS5csRpoPi0kxG1y3d8lzcPsp7kH/Gs20L8PU4KUVT+LwpKqAmWt5LvF sSHg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Rs9WbRGpIIK3BXezPfhmNqWTQx/rNLazSre4p+nYJ7I=; b=1tFKk2WLRunGApOQ3nI7Ut/LPAs+cf9FN0Ubf9I8BYCQKr2+wZEr+2B3K1qAjqa/1B ZaVHfJ4hCTfYvKt5NrKuDlx3/iIpwnyCEAMOzJEH1vR7N4NOLdbFrOi2H2ofskiJjr8+ rMcmApvh5yfiH24cXEA66T8qdiRe+fgMjXIyKUe9ZwqoZqh40vnKnjYiwEBYNVtBhp8a NGQY3HSI0aqKbrwT4KMVyUFEcq1BWLcmZSFiZxFuhHLvQgUFY+E74oyYc9mIMn0B+yQ7 IOHuMNsB9ZUYMnmsarWo6ZvVb8Eaouv2VIysjYFbRbR0WzYw/eoe4BJf4Gg0p5D1jrfP siyQ==
X-Gm-Message-State: ACrzQf2xbrpgIIJv24PBzi5PqhwiQMtgNySemCdsbMPxWrfTIggD725e jibbNO2ZlQ0Mgr0A6v5FF6Ovu3yOfSrNQXL9igI5eucP150=
X-Google-Smtp-Source: AMsMyM6kTHwz30wzqS0CEBLnWdozXsL25aShVhtsjktGzhPhhYtIiXETu4mwkauqp5vfGV8gDjuWgHj5vcKE5Psa0eE=
X-Received: by 2002:a92:d243:0:b0:2ff:c2cd:ed61 with SMTP id v3-20020a92d243000000b002ffc2cded61mr903545ilg.287.1666444333591; Sat, 22 Oct 2022 06:12:13 -0700 (PDT)
MIME-Version: 1.0
References: <166601224491.24452.9575096761631204136@ietfa.amsl.com> <CADZyTknfP8MJLhaEUm=5YqJMRnN+HXnjNnoK1qe1m_mK+f1uSQ@mail.gmail.com> <CAMgEDbTDY3w42-Aw0dBabcfkM6BssZ_qNvin9E_Qaj3R=d__jw@mail.gmail.com> <CADZyTkkr=gV9neZNfxARcAasiHAhfKkgD2zR=+9yJ8fbg1ujsA@mail.gmail.com> <CAMgEDbS2JJiCjG5zCs4Y8s6kSWEf4Fz75D3kupuaPqDUCJZP+g@mail.gmail.com> <CADZyTkmnJU3q55kocJ=MrHed98zcc1MEUfTSvf6YAkg=7gf+Dw@mail.gmail.com> <CAMgEDbSVXOyoBKiMs59WMcNHdYmE8VHnoNsPQU158e17D1V+OA@mail.gmail.com>
In-Reply-To: <CAMgEDbSVXOyoBKiMs59WMcNHdYmE8VHnoNsPQU158e17D1V+OA@mail.gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
Date: Sat, 22 Oct 2022 09:12:02 -0400
Message-ID: <CADZyTk=6HEGAPyOnAbswTSgLBG9JDKkHs3=66EQgegmBO-Ky1g@mail.gmail.com>
To: Matt Brown <ietf@mattb.net.nz>
Cc: dnsdir@ietf.org, draft-ietf-homenet-front-end-naming-delegation.all@ietf.org, homenet@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008ab33905eb9f4efc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/w0tJQ8lNDiw4FDxFCW32DB4Wqcg>
Subject: Re: [Last-Call] [homenet] Dnsdir telechat review of draft-ietf-homenet-front-end-naming-delegation-18
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Oct 2022 13:13:14 -0000

Thanks Matt, I now understand clearly your point of view and can commit to
remain vigilant if any other opinion goes into your direction. Thank you
for taking the time to review the document anyway - your feedback and
discussion was highly appreciated.

Yours,
Daniel

On Sat, Oct 22, 2022 at 4:56 AM Matt Brown <ietf@mattb.net.nz> wrote:

> On Sat, Oct 22, 2022 at 4:11 AM Daniel Migault <mglt.ietf@gmail.com>
> wrote:
> >
> > Hi Matt,
> >
> > Thanks for the follow-up, please see my response.
> >
> > Yours,
> > Daniel
> >
> > On Thu, Oct 20, 2022 at 4:37 PM Matt Brown <ietf@mattb.net.nz> wrote:
> >>
> >> On Thu, Oct 20, 2022 at 5:53 PM Daniel Migault <mglt.ietf@gmail.com>
> wrote:
> >> >
> >> > Thanks for the feed back. Please see my response inline. Note that we
> are clarifying the use of transport protocols in the current document. For
> the synchronization channel we mandate XoT, for the control channel we
> mandate DoT - still with mutual authentication. I hope the line below
> adresse you concern regarding mutual authentication.
> >> > Yours,
> >> > Daniel
> >> >
> >> > On Wed, Oct 19, 2022 at 8:29 PM Matt Brown <ietf@mattb.net.nz> wrote:
> >> >>
> >> >> On Wed, Oct 19, 2022 at 3:25 PM Daniel Migault <mglt.ietf@gmail.com>
> wrote:
> >> >> >
> >>
> >> <snip>
> >>
> >> >> > I would be happy to understand though why DoT would be an issue.
> The only point I can see is that 7858 specifies that it limits its scope to
> client -to resolver communications while admitting such restriction is due
> to a charter limitation. Since XoT mentions it is heavily relying on DoT,
> and resolvers and authoritative servers both handle DNS packets, I tend to
> assume that we may consider DoT can be used for any DNS communications, but
> I might be missing something.
> >> >>
> >> >> What I understand when I read this draft is a proposal is to take a
> >> >> protocol (DoT, RFC7858) with a primary purpose of providing *privacy*
> >> >> and which states in its design that authentication of clients is not
> >> >> in scope and use it in a context where *authentication of clients* is
> >> >> the primary requirement (e.g. the DM needs to know that it's
> receiving
> >> >> a connection from a client authorized to control the domain in the
> >> >> messages). That type of usage outside of the scope envisaged by
> >> >> RFC7858 brings two concerns to my mind:
> >> >> 1) *How* will clients/servers choose to implement the client
> >> >> authentication and will they be compatible with each other without
> >> >> further guidance/constraint being provided on how client
> >> >> authentication in DoT should be performed?
> >> >
> >> > This is correct that if client authentication is disable it will not
> happen. That said, we can believe that if that is what we are looking at
> the TLS library will be configured appropriately. IN this case the clients
> and the server are specific entities.
> >> >
> >> > Regarding 7858, it does not say the client is not authenticated, it
> says that the client authenticates the server and after the negotiation
> completes the connection is encrypted. Client authentication is part of the
> TLS negotiation.
> >> >
> >> > Another example is also that when session resumption occurs, it
> becomes hard to claim the client is not authenticated as TLS uses tha
> PSK-ECDHE scheme.
> >> >
> >> > To keep things simple, I would say if DoT were not defined we would
> have said the traffic is secured by TLS. If we cannot use DoT we are happy
> to do so, but I do not think using Dot is a concern there. That said, I am
> happy to learn more if I am missing anything.
> >>
> >> If I'm understanding you correctly, the argument is that the
> >> underlying TLS libraries support mTLS, so can be used in the way
> >> proposed, even though it is outside the scope of what is standardised
> >> in RFC7858. This may very well be true, but in my understanding it's
> >> then incorrect to call this using DoT. To me, what is proposed is to
> >> build further protocol specifics (client authentication) on top of DoT
> >> - which may work, but if that is what is intended, then it needs to be
> >> done explicitly - e.g."this standard extends the DoT specification to
> >> support client authentication via mTLS" or similar.
> >>
> >> Are there existing DoT implementations using mTLS to authenticate
> >> clients to DoT servers that you are aware of? I could not find any in
> >> a quick search.
> >>
> >> As you noted previously the XoT spec provides a good example that
> >> building on top of DoT in this way is feasible and a reasonable thing
> >> to do - which is useful - but I think two things should be noted from
> >> that comparison (emphasis mine below):
> >> 1) XoT does not say it uses DoT, it says (end of Introduction):
> >> "encrypting zone transfers using TLS [RFC8499] -- **based closely on
> >> DoT [RFC7858]** -- seems like a simple step forward. This document
> >> specifies how to use TLS (1.3 or later) as a transport to prevent zone
> >> collection from zone transfers." - e.g. it is clear that what is being
> >> described is not DoT, but something close to it.
> >> 2) The level of detail in how to accomplish that extension is higher
> >> than I see present in this draft (e.g. RFC9103 7.1, 7.3 cover TLS
> >> establishment specifically, and 9.3.3 and 10.0 then cover the addition
> >> of authentication, etc).
> >
> > I got your point, but I think there is a confusion between the subset of
> functionalities being used versus those provided by the protocol. TLS
> provides client authentication and its part of TLS, any use of TLS unless
> explicitly specified provides this capacity. To my understanding this is
> why architect solutions at the protocol level - that is to guarantee any
> new scenario that maybe we did not think in the beginning can work.
>
> I agree with this in principle.
>
> > DoT defines a way to carry DNS messages over TLS and does not restrict
> the functionalities provided by TLS - at least at a high level.
>
> But I think here is where we're reading RFC7858 differently - I do
> read it as restricting how TLS is used in DoT, because it is an RFC
> that is scoped only to a privacy purpose and for that reason has only
> considered how to use TLS to provide privacy and server
> authentication, not client authentication.
>
> If RFC7858 didn't contain those restrictions on its scope, then I
> think we'd be in agreement than any use of TLS is in scope, but that's
> not what I see.
>
> > That some were using a particular set of functions of TLS does not
> prevent others from using others. None of the DoT implementations uses its
> own TLS implementation that prevents client authentication - which would be
> a light TLS but not TLS. Put in other words, client implementation is
> supported by all DoT implementations. DoT clearly identifies session
> resumption which in TLS 1.3 is very close to a client authentication. All
> of this just to mention that TLS has multiple built-in functionalities.
> >
> > If the TLS of 9103 were different it is likely that 9103 would update -
> at least in some ways - 7858. This is not the case and section 9.3.3 and
> 10.0 do not mention any changes that apply to DoT and the TLS in XoT and
> DoT is the same.
>
> The way I read 9103 (per the wording I quoted in the previous mail) is
> that it builds a separate protocol (XoT) that inherits from DoT in
> that it also uses TLS, but it is not DoT, hence it does not update the
> DoT RFC.
>
> > Now, if you believe that just saying DNS is encapsulated as in DoT with
> a mutual authentication seems more appropriate, I am happy to consider the
> wording that you think is more appropriate.
>
> I guess at this point, I'd like to hear some other opinions to either
> agree/disagree with the interpretation I've made of the situation - if
> you follow my reasoning, it's more than just wording that is required
> - either RFC7858 does need to be updated by this RFC, and/or you would
> need to more fully specify the new protocol and security/privacy
> considerations as 9103 did for XoT.
>
> I understand that's a lot to be asking and I'm conscious that this is
> only my first formal review and it's possible I'm taking an overly
> strict interpretation of the existing standards... I don't think I am
> FWIW, but I think it might be reasonable to solicit some more opinions
> on whether this type of re-use of DoT is as straightforward/intended
> as you read it, or brings up the challenges that I see.
>
> Cheers
>
> --
> Matt Brown
> DNS Directorate Member
>


-- 
Daniel Migault
Ericsson

v2.23.0 | Report a Bug | By Email