Re: [nfsv4] Benjamin Kaduk's Discuss on draft-ietf-nfsv4-rpc-tls-08: (with DISCUSS and COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Thu, 08 October 2020 21:41 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0D9D3A0DD4; Thu, 8 Oct 2020 14:41:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jk73SmXmHKGd; Thu, 8 Oct 2020 14:41:23 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4AA83A0CA2; Thu, 8 Oct 2020 14:41:22 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 098LfIFF016806 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 8 Oct 2020 17:41:20 -0400
Date: Thu, 08 Oct 2020 14:41:17 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: draft-ietf-nfsv4-rpc-tls@ietf.org, nfsv4-chairs@ietf.org, nfsv4@ietf.org
Message-ID: <20201008214117.GB89563@kduck.mit.edu>
References: <159419140773.2153.2711644434582054796@ietfa.amsl.com> <32CDAB5F-5B87-4A04-8658-18A7A2E8B20D@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <32CDAB5F-5B87-4A04-8658-18A7A2E8B20D@oracle.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/-qqhzwoEFWXgTaiZXoP64bT9t70>
Subject: Re: [nfsv4] Benjamin Kaduk's Discuss on draft-ietf-nfsv4-rpc-tls-08: (with DISCUSS and COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2020 21:41:25 -0000
Hi Chuck, I don't have any further comments on the below, and as I stated in an earlier message the -09 addresses the discuss points. I did, however, want to separately thank you for the thoughful analysis (in this note) and rewrite of section 5.2.1; they are quite well done. -Ben On Wed, Sep 09, 2020 at 10:58:16AM -0400, Chuck Lever wrote: > Hi Ben- > > It appears that many of your comments have overlapping impact on > the document, so I'm attempting to address all of them in my > working copy of the document and will post proposals for replacement > text once I feel that they coherently address your concerns. > > More below. > > > > On Jul 8, 2020, at 2:56 AM, Benjamin Kaduk via Datatracker <noreply@ietf.org> wrote: > > > > Benjamin Kaduk has entered the following ballot position for > > draft-ietf-nfsv4-rpc-tls-08: Discuss > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut this > > introductory paragraph, however.) > > > > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-nfsv4-rpc-tls/ > > > > > > > > ---------------------------------------------------------------------- > > DISCUSS: > > ---------------------------------------------------------------------- > > ... > > > (5) Section 5.2.1 requires that: > > > > * Implementations SHOULD indicate their trusted Certification > > Authorities (CAs). > > > > Indicate to whom? > > > > (6) The usage of RFC 6125 procedures in Section 5.2.1 seems counter to its > > intent. Specifically, we seem to be saying "the peer gave me a cert, let me > > look through it to see if it has something I like", but RFC 6125's intended > > procedure is "I know a list of names that I expect to see at least one of in > > the cert; these rules tell me whether the cert is valid for any such name". > > It's not entirely clear that it's appropriate for this document to specify > > how the client has to order its list of names by type (per Section 6.1 of > > RFC 6125's "The client constructs a list of acceptable reference > > identifiers"), which the bit about "The following precedence applies" seems > > to be doing. To the extent that we give a recommendation to use DNS-ID > > instead of CN-ID, and ipAddress SAN instead of CN-ID, that's already covered > > by RFC 6125; it would be okay for us to say "use DNS-ID or iPAddress SAN", > > though. (Roman's comment about "why not a normative MUST" for putting IP > > addresses in the iPAddress SAN is related, and if we don't have a compelling > > reason to allow the flexibility, we should limit to the specific > > DNS-ID/iPAddress options without allowing CN-ID.) > > > > (6.1) Note additionally that if wildcard certificates are to be used, RFC > > 6125 requires the application protocol specification to give details on how > > they are to be used. > > > > (6.2) RFC 6125's procedures are (facially, at least) only valid for TLS > > server authentication. We also want to authenticate TLS clients, so we > > should say whether we expect the same procedures to be used, or what > > procedures should be used (even just as how it differs from the RFC 6125 > > ones). Of particular note is that, since the server is not initiating the > > network connection, it is unlikely to have a preconceived notion of what > > client identity to expect, and is likely limited to attempting to extract > > something from the certificate. In this scenario a precedence list (as I > > complained about being inconsistent with RFC 6125 above) would be > > appropriate. > > These two DISCUSS points are related to Section 5.2.1, and will > likely have to be dealt with by rewriting that section. The crux > of your commentary seems to be: > > --- Clients use different logic for authenticating and authorizing > a TLS session than servers do, and what rpc-tls provides is a jumble. > > As you point out, RFC 6125 stipulates that clients authenticate a > server by checking its presented identity against a list of known > identities. I don't see a need for rpc-tls to further decorate the > process laid out in RFC 6125, and I don't know of any issue with > disallowing CN-ID. > > rpc-tls still thinks about the server-side authorization process in > terms of the NFS server's legacy IP access control list. Instead we > should think of it like GSS: the RPC layer handles authorization, full > stop, and nothing need be exposed otherwise. The peer's IP address may > be exposed to the upper layer service, but I don't see that rpc-tls > needs to take a position on that; it's an implementation quality issue. > > However, rpc-tls does need to provide explicit instructions for servers > to authenticate clients. Thus editorially I think we need to split > Section 5.2.1 into a section that describes server authentication of > clients, and client authentication of servers. > > I'm wondering if the PSK section likewise needs bifurcation. But also, > I'm not sure that the PSK identity needs to be surfaced, for similar > reasons: TLS should handle authorization -- either the session was > established by the rules, or it wasn't authorized, and that's all the > upper layer consumer needs to be aware of. > > Finally, there's the issue of whether a TLS exporter will be necessary > for properly dealing with GSS channel binding. I haven't looked at that > closely yet, but it might need to be partially addressed in 5.2.1. > > I'm interested in my co-author's thoughts, as well as the opinions of > those who have already implemented a RPC-over-TLS prototype. > > > -- > Chuck Lever > > >
- [nfsv4] Benjamin Kaduk's Discuss on draft-ietf-nf… Benjamin Kaduk via Datatracker
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… David Noveck
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Benjamin Kaduk
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Benjamin Kaduk
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Benjamin Kaduk
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… David Noveck
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Chuck Lever
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… David Noveck
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Benjamin Kaduk
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Benjamin Kaduk
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… Benjamin Kaduk
- Re: [nfsv4] Benjamin Kaduk's Discuss on draft-iet… David Noveck