Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt
David Noveck <davenoveck@gmail.com> Thu, 27 September 2018 09:55 UTC
Return-Path: <davenoveck@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C23F7130DD0 for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 02:55:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xcLpM019kCHk for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 02:55:13 -0700 (PDT)
Received: from mail-oi1-x233.google.com (mail-oi1-x233.google.com [IPv6:2607:f8b0:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0479A130DF6 for <nfsv4@ietf.org>; Thu, 27 Sep 2018 02:55:13 -0700 (PDT)
Received: by mail-oi1-x233.google.com with SMTP id 13-v6so1641114ois.1 for <nfsv4@ietf.org>; Thu, 27 Sep 2018 02:55:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=o7fNE9DHqAKwsigaRdfsmethdPFdQhDn9zkXz2vsXTs=; b=golBqhu9Y6kIzHYHAPkyPgX1QPXm04SVdsTEKiJKchLVyw9NEuoj36Ze5PtkIOUFWU j+Tqb9+t6m598WLpNgofmuSYeL1p8pUOr7mkmMjPx/Ma+0RLd0xdrgBeF2hwkeeO0osR qUUZrRnuLGOADpZjWrdhYU0aSR3ar5x1UjbdB+lhtGE4jd3AUrpf190FTw+9VNgg1PXc aBkrIXSjzeesv3oiqO6rA5d+MQ05J4zsORiA9/oYecHt5khRokqBbKyK+WoohiRIvFQd DrkJZeX7lbq48pXs1D/0lcbIuKs+tPmNu2iVcbMNLTvU2pRh7XCmZ5Z29ozBbrnIYOgF 7d4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=o7fNE9DHqAKwsigaRdfsmethdPFdQhDn9zkXz2vsXTs=; b=lciXpS2X1sCQ2/DnC8/6Of+xOL47Ye0f7equ/uJKKKQKdy49QN/MAOdPuuJKJB6qNa AcKc/2Ufz0aGoQS0V99ojE9tQ1s+VY2cNanidNf4HeM+URnt3JKbutopgrLRsWYD8IcK e0whYdp+ViXi4qDuYZMKRBphSU1ZHO9DOyuIPCN7OKjhML0ARTXI15YP+Mzm185Vh05G IceIQcXvNglcNciY90YtEeutqc79TVPjvHiDG7u6hI7UmEwR83kX5LkjPAAxV5UR7szW 4mttoHhzKnmdbhZ3x4xsbIxAou8gk/GvsgpVml11w034H9sPtzS3nxVudjBVJDKwxmwl Ek1Q==
X-Gm-Message-State: ABuFfohnY8kNPpclX+x0D6NwhXBSh3bE1jRo20gTXUCf7QewGhQltI7o WNaFpCTG/g/0DubDKsjvUSgsCyOQ3AgFfFHP/WY=
X-Google-Smtp-Source: ACcGV62aKJO30lTeNxm1o1gWIsBN4eJUs60/XQ8KSXpLS4dV6PrhqHwHeK5giVxoN2DKBGzVp9e/Efg+TX9NaFqBKhg=
X-Received: by 2002:aca:5008:: with SMTP id e8-v6mr2618208oib.111.1538042112138; Thu, 27 Sep 2018 02:55:12 -0700 (PDT)
MIME-Version: 1.0
References: <153780090601.28221.16958675117475194416@ietfa.amsl.com> <CADE569F-8584-42CF-A297-E60956D368A2@oracle.com> <CAKKJt-fmB5psmtbm9PJTnhkZkZLCBnCVZnr3fMsf++exN5XObQ@mail.gmail.com> <20180926202157.GA826@fieldses.org> <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com>
In-Reply-To: <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com>
From: David Noveck <davenoveck@gmail.com>
Date: Thu, 27 Sep 2018 05:55:02 -0400
Message-ID: <CADaq8jdRU1OJd6K4KOJWb6xE7OMakOAcbvsm0=eRwUPkkqeN0Q@mail.gmail.com>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: "J. Bruce Fields" <bfields@fieldses.org>, NFSv4 <nfsv4@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000be653c0576d75585"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/4PIDY642pyXzYjXRsaD9seMDbO4>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 09:55:16 -0000
> Why would it not be sufficient to implement client support? I think it is sufficient. > Or, what do you believe might be missing in the draft? Not sure what Bruce had in mind but I think the problem is something that is in the draft that shouldn't be, rather than something missing. >> How do you propose that an implementation would make the information >> self-describing? > That is out of scope for this draft. If so, then so is "*MUST* (emphasis added) be self-describing". > But typically if an integrity service wanted to do this If it were really a "MUST", then what an integrity service wants to do should be irrelevant. On Wed, Sep 26, 2018 at 4:27 PM Chuck Lever <chuck.lever@oracle.com> wrote: > > > > On Sep 26, 2018, at 1:21 PM, bfields@fieldses.org wrote: > > > > On Mon, Sep 24, 2018 at 10:45:29AM -0500, Spencer Dawkins at IETF wrote: > >> Hi, Chuck, > >> On Mon, Sep 24, 2018 at 10:06 AM Chuck Lever <chuck.lever@oracle.com> > wrote: > >> > >>> > >>> > >>>> On Sep 24, 2018, at 7:55 AM, internet-drafts@ietf.org wrote: > >>>> > >>>> > >>>> A New Internet-Draft is available from the on-line Internet-Drafts > >>> directories. > >>>> This draft is a work item of the Network File System Version 4 WG of > the > >>> IETF. > >>>> > >>>> Title : File Content Provenance for Network File > System > >>> version 4 > >>>> Author : Charles Lever > >>>> Filename : draft-ietf-nfsv4-integrity-measurement-01.txt > >>>> Pages : 9 > >>>> Date : 2018-09-24 > >>>> > >>>> Abstract: > >>>> This document specifies an OPTIONAL extension to NFS version 4 minor > >>>> version 2 that enables file provenance information to be conveyed > >>>> between NFS version 4.2 servers and clients. File provenance > >>>> information authenticates the creator of a file's content and helps > >>>> guarantee the content's integrity from creation to use. > >>>> > >>>> > >>>> The IETF datatracker status page for this draft is: > >>>> > https://datatracker.ietf.org/doc/draft-ietf-nfsv4-integrity-measurement/ > >>>> > >>>> There are also htmlized versions available at: > >>>> https://tools.ietf.org/html/draft-ietf-nfsv4-integrity-measurement-01 > >>>> > >>> > https://datatracker.ietf.org/doc/html/draft-ietf-nfsv4-integrity-measurement-01 > >>>> > >>>> A diff from the previous version is available at: > >>>> > >>> > https://www.ietf.org/rfcdiff?url2=draft-ietf-nfsv4-integrity-measurement-01 > >>>> > >>>> > >>>> Please note that it may take a couple of minutes from the time of > >>> submission > >>>> until the htmlized version and diff are available at tools.ietf.org. > >>>> > >>>> Internet-Drafts are also available by anonymous FTP at: > >>>> ftp://ftp.ietf.org/internet-drafts/ > >>> > >>> As a result of the discussion at IETF 102 and recent follow-ups > >>> on this mailing list, I've made substantial changes to this > >>> document. > >>> > >>> - References to and discussion of Linux IMA have been replaced > >>> throughout the document, with the exception of a single citation > >>> as an informative example in the Introduction. IMA metadata is > >>> now referred to generically using the term "file provenance > >>> information". > >>> > >>> - Integrity checking of file attributes is no longer an included > >>> feature. There were some issues that made attribute integrity > >>> not straightforward for NFS, especially without an existing > >>> IMA/EVM standard even for local file systems. Attribute > >>> integrity can still be addressed at a later time. > >>> > >>> - The Introduction now makes a problem statement and discusses > >>> use cases instead of explaining the mechanism of file integrity > >>> checking. The new Introduction addresses the most common > >>> questions I've received during previous review. > >>> > >>> Spencer D. and other reviewers: > >>> - Have previously stated interoperability concerns been addressed? > >>> - Have normative citation requirements been sufficiently met? > >>> > >> > >> Recognizing that I haven't done an AD Evaluation of this draft, but > looking > >> at the responses to my previous questions, I think dropping down to one > >> explicit mention of IMA pointing to the best available reference is > about > >> right. > > > > "A keyed hash authenticates the identity of the last modifier of > > a file's content and serves as a strong check of the content's > > integrity. For the purposes of this document, we will refer to > > this as file provenance information. The Linux Integrity > > Measurement Architecture (IMA) is an example of a mechanism for > > assessing file content provenance [IMA-WP]." > > > > I think it's also true that this draft is sufficient to allow a client > > to support IMA? That also seems worth mentioning. > > I'm confused by your remark. I'm describing a transport > protocol between a NFS client and server. Why would it > not be sufficient to implement client support? Or, what > do you believe might be missing in the draft? > > > > "To ensure interoperability among accessors of this information > > when it is stored on NFS version 4.2 servers, this information > > MUST be self- describing." > > > > How do you propose that an implementation would make the information > > self-describing? > > That is out of scope for this draft. > > But typically if an integrity service wanted to do this, it > could use XML or JSON to describe the information, for example. > > An HMAC has a particular structure (RFC 2104) that should be > easy to recognize. > > > > --b. > > > >> > >> Thanks for making that change. It will be helpful during Last Call and > IESG > >> Evaluation. > >> > >> Spencer (D) > >> > >> > >>> > >>> I know time is precious, but even a cursory review of this new > >>> revision would be helpful. It's wafer-thin! > >>> > >>> -- > >>> Chuck Lever > >>> > >>> > >>> > >>> > > > >> _______________________________________________ > >> nfsv4 mailing list > >> nfsv4@ietf.org > >> https://www.ietf.org/mailman/listinfo/nfsv4 > > -- > Chuck Lever > > > > _______________________________________________ > nfsv4 mailing list > nfsv4@ietf.org > https://www.ietf.org/mailman/listinfo/nfsv4 >
- [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-me… internet-drafts
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Spencer Dawkins at IETF
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… J. Bruce Fields
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Bruce Fields
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… David Noveck
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Bruce Fields
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Everhart, Craig
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Everhart, Craig
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Bruce Fields
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Everhart, Craig
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Quigley, David
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrit… Chuck Lever