IETF Logo Mail Archive

Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt

David Noveck <davenoveck@gmail.com> Thu, 27 September 2018 09:55 UTC

Return-Path: <davenoveck@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C23F7130DD0 for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 02:55:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xcLpM019kCHk for <nfsv4@ietfa.amsl.com>; Thu, 27 Sep 2018 02:55:13 -0700 (PDT)
Received: from mail-oi1-x233.google.com (mail-oi1-x233.google.com [IPv6:2607:f8b0:4864:20::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0479A130DF6 for <nfsv4@ietf.org>; Thu, 27 Sep 2018 02:55:13 -0700 (PDT)
Received: by mail-oi1-x233.google.com with SMTP id 13-v6so1641114ois.1 for <nfsv4@ietf.org>; Thu, 27 Sep 2018 02:55:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=o7fNE9DHqAKwsigaRdfsmethdPFdQhDn9zkXz2vsXTs=; b=golBqhu9Y6kIzHYHAPkyPgX1QPXm04SVdsTEKiJKchLVyw9NEuoj36Ze5PtkIOUFWU j+Tqb9+t6m598WLpNgofmuSYeL1p8pUOr7mkmMjPx/Ma+0RLd0xdrgBeF2hwkeeO0osR qUUZrRnuLGOADpZjWrdhYU0aSR3ar5x1UjbdB+lhtGE4jd3AUrpf190FTw+9VNgg1PXc aBkrIXSjzeesv3oiqO6rA5d+MQ05J4zsORiA9/oYecHt5khRokqBbKyK+WoohiRIvFQd DrkJZeX7lbq48pXs1D/0lcbIuKs+tPmNu2iVcbMNLTvU2pRh7XCmZ5Z29ozBbrnIYOgF 7d4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=o7fNE9DHqAKwsigaRdfsmethdPFdQhDn9zkXz2vsXTs=; b=lciXpS2X1sCQ2/DnC8/6Of+xOL47Ye0f7equ/uJKKKQKdy49QN/MAOdPuuJKJB6qNa AcKc/2Ufz0aGoQS0V99ojE9tQ1s+VY2cNanidNf4HeM+URnt3JKbutopgrLRsWYD8IcK e0whYdp+ViXi4qDuYZMKRBphSU1ZHO9DOyuIPCN7OKjhML0ARTXI15YP+Mzm185Vh05G IceIQcXvNglcNciY90YtEeutqc79TVPjvHiDG7u6hI7UmEwR83kX5LkjPAAxV5UR7szW 4mttoHhzKnmdbhZ3x4xsbIxAou8gk/GvsgpVml11w034H9sPtzS3nxVudjBVJDKwxmwl Ek1Q==
X-Gm-Message-State: ABuFfohnY8kNPpclX+x0D6NwhXBSh3bE1jRo20gTXUCf7QewGhQltI7o WNaFpCTG/g/0DubDKsjvUSgsCyOQ3AgFfFHP/WY=
X-Google-Smtp-Source: ACcGV62aKJO30lTeNxm1o1gWIsBN4eJUs60/XQ8KSXpLS4dV6PrhqHwHeK5giVxoN2DKBGzVp9e/Efg+TX9NaFqBKhg=
X-Received: by 2002:aca:5008:: with SMTP id e8-v6mr2618208oib.111.1538042112138; Thu, 27 Sep 2018 02:55:12 -0700 (PDT)
MIME-Version: 1.0
References: <153780090601.28221.16958675117475194416@ietfa.amsl.com> <CADE569F-8584-42CF-A297-E60956D368A2@oracle.com> <CAKKJt-fmB5psmtbm9PJTnhkZkZLCBnCVZnr3fMsf++exN5XObQ@mail.gmail.com> <20180926202157.GA826@fieldses.org> <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com>
In-Reply-To: <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com>
From: David Noveck <davenoveck@gmail.com>
Date: Thu, 27 Sep 2018 05:55:02 -0400
Message-ID: <CADaq8jdRU1OJd6K4KOJWb6xE7OMakOAcbvsm0=eRwUPkkqeN0Q@mail.gmail.com>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: "J. Bruce Fields" <bfields@fieldses.org>, NFSv4 <nfsv4@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000be653c0576d75585"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/4PIDY642pyXzYjXRsaD9seMDbO4>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 09:55:16 -0000

> Why would it not be sufficient to implement client support?

I think it is sufficient.

> Or, what do you believe might be missing in the draft?

Not sure what Bruce had in mind but I think the problem is something that
is in the draft that shouldn't be, rather than something missing.

>> How do you propose that an implementation would make the information
>> self-describing?

> That is out of scope for this draft.

If so, then so is "*MUST* (emphasis added) be self-describing".

> But typically if an integrity service wanted to do this

If it were really a "MUST", then what an integrity service wants to do
should be irrelevant.


On Wed, Sep 26, 2018 at 4:27 PM Chuck Lever <chuck.lever@oracle.com> wrote:

>
>
> > On Sep 26, 2018, at 1:21 PM, bfields@fieldses.org wrote:
> >
> > On Mon, Sep 24, 2018 at 10:45:29AM -0500, Spencer Dawkins at IETF wrote:
> >> Hi, Chuck,
> >> On Mon, Sep 24, 2018 at 10:06 AM Chuck Lever <chuck.lever@oracle.com>
> wrote:
> >>
> >>>
> >>>
> >>>> On Sep 24, 2018, at 7:55 AM, internet-drafts@ietf.org wrote:
> >>>>
> >>>>
> >>>> A New Internet-Draft is available from the on-line Internet-Drafts
> >>> directories.
> >>>> This draft is a work item of the Network File System Version 4 WG of
> the
> >>> IETF.
> >>>>
> >>>>       Title           : File Content Provenance for Network File
> System
> >>> version 4
> >>>>       Author          : Charles Lever
> >>>>      Filename        : draft-ietf-nfsv4-integrity-measurement-01.txt
> >>>>      Pages           : 9
> >>>>      Date            : 2018-09-24
> >>>>
> >>>> Abstract:
> >>>>  This document specifies an OPTIONAL extension to NFS version 4 minor
> >>>>  version 2 that enables file provenance information to be conveyed
> >>>>  between NFS version 4.2 servers and clients.  File provenance
> >>>>  information authenticates the creator of a file's content and helps
> >>>>  guarantee the content's integrity from creation to use.
> >>>>
> >>>>
> >>>> The IETF datatracker status page for this draft is:
> >>>>
> https://datatracker.ietf.org/doc/draft-ietf-nfsv4-integrity-measurement/
> >>>>
> >>>> There are also htmlized versions available at:
> >>>> https://tools.ietf.org/html/draft-ietf-nfsv4-integrity-measurement-01
> >>>>
> >>>
> https://datatracker.ietf.org/doc/html/draft-ietf-nfsv4-integrity-measurement-01
> >>>>
> >>>> A diff from the previous version is available at:
> >>>>
> >>>
> https://www.ietf.org/rfcdiff?url2=draft-ietf-nfsv4-integrity-measurement-01
> >>>>
> >>>>
> >>>> Please note that it may take a couple of minutes from the time of
> >>> submission
> >>>> until the htmlized version and diff are available at tools.ietf.org.
> >>>>
> >>>> Internet-Drafts are also available by anonymous FTP at:
> >>>> ftp://ftp.ietf.org/internet-drafts/
> >>>
> >>> As a result of the discussion at IETF 102 and recent follow-ups
> >>> on this mailing list, I've made substantial changes to this
> >>> document.
> >>>
> >>> - References to and discussion of Linux IMA have been replaced
> >>> throughout the document, with the exception of a single citation
> >>> as an informative example in the Introduction. IMA metadata is
> >>> now referred to generically using the term "file provenance
> >>> information".
> >>>
> >>> - Integrity checking of file attributes is no longer an included
> >>> feature. There were some issues that made attribute integrity
> >>> not straightforward for NFS, especially without an existing
> >>> IMA/EVM standard even for local file systems. Attribute
> >>> integrity can still be addressed at a later time.
> >>>
> >>> - The Introduction now makes a problem statement and discusses
> >>> use cases instead of explaining the mechanism of file integrity
> >>> checking. The new Introduction addresses the most common
> >>> questions I've received during previous review.
> >>>
> >>> Spencer D. and other reviewers:
> >>> - Have previously stated interoperability concerns been addressed?
> >>> - Have normative citation requirements been sufficiently met?
> >>>
> >>
> >> Recognizing that I haven't done an AD Evaluation of this draft, but
> looking
> >> at the responses to my previous questions, I think dropping down to one
> >> explicit mention of IMA pointing to the best available reference is
> about
> >> right.
> >
> >       "A keyed hash authenticates the identity of the last modifier of
> >       a file's content and serves as a strong check of the content's
> >       integrity.  For the purposes of this document, we will refer to
> >       this as file provenance information.  The Linux Integrity
> >       Measurement Architecture (IMA) is an example of a mechanism for
> >       assessing file content provenance [IMA-WP]."
> >
> > I think it's also true that this draft is sufficient to allow a client
> > to support IMA?  That also seems worth mentioning.
>
> I'm confused by your remark. I'm describing a transport
> protocol between a NFS client and server. Why would it
> not be sufficient to implement client support? Or, what
> do you believe might be missing in the draft?
>
>
> >       "To ensure interoperability among accessors of this information
> >       when it is stored on NFS version 4.2 servers, this information
> >       MUST be self- describing."
> >
> > How do you propose that an implementation would make the information
> > self-describing?
>
> That is out of scope for this draft.
>
> But typically if an integrity service wanted to do this, it
> could use XML or JSON to describe the information, for example.
>
> An HMAC has a particular structure (RFC 2104) that should be
> easy to recognize.
>
>
> > --b.
> >
> >>
> >> Thanks for making that change. It will be helpful during Last Call and
> IESG
> >> Evaluation.
> >>
> >> Spencer (D)
> >>
> >>
> >>>
> >>> I know time is precious, but even a cursory review of this new
> >>> revision would be helpful. It's wafer-thin!
> >>>
> >>> --
> >>> Chuck Lever
> >>>
> >>>
> >>>
> >>>
> >
> >> _______________________________________________
> >> nfsv4 mailing list
> >> nfsv4@ietf.org
> >> https://www.ietf.org/mailman/listinfo/nfsv4
>
> --
> Chuck Lever
>
>
>
> _______________________________________________
> nfsv4 mailing list
> nfsv4@ietf.org
> https://www.ietf.org/mailman/listinfo/nfsv4
>

v2.23.0 | Report a Bug | By Email