IETF Logo Mail Archive

Re: [nfsv4] New Version Notification for draft-dnoveck-nfsv4-security-07.txt

Thomas Haynes <loghyr@gmail.com> Tue, 19 December 2023 20:17 UTC

Return-Path: <loghyr@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C815C14F60D for <nfsv4@ietfa.amsl.com>; Tue, 19 Dec 2023 12:17:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19DxbV1w20MC for <nfsv4@ietfa.amsl.com>; Tue, 19 Dec 2023 12:17:41 -0800 (PST)
Received: from mail-oo1-xc30.google.com (mail-oo1-xc30.google.com [IPv6:2607:f8b0:4864:20::c30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57ED2C14F726 for <nfsv4@ietf.org>; Tue, 19 Dec 2023 12:17:41 -0800 (PST)
Received: by mail-oo1-xc30.google.com with SMTP id 006d021491bc7-58a7d13b00bso3311225eaf.1 for <nfsv4@ietf.org>; Tue, 19 Dec 2023 12:17:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1703017060; x=1703621860; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=BeNIslUyAnvmnJ0fu9Vv/DWykKwyAjd3qs7Lsoi6jK8=; b=Ky39SaaqXB3zOgkbuCWPhHh7oBz4TZ4iCvpq5GfSbFaqbMfFTomwpJX2drzR0A1jnz lSpEgFkVsKswEJYknZiTk+S6wJdJo3hIbrN+dPKhtXJaYoDfebGZoNqROBdhFUp+yCm0 CzmJu3CWCSpirJxYqKDbfIbrV2uktqLz6Upa+qtcvUytJA3Ptg+qyn+4an2su4xwWUY1 TVzM4kQm6NZgqGJpSOkdqLR0j8VHl1oTiOzgMZD5gKd9d/UNjbSdb7dzHQ6KsJHZQU0J X44zgPXGCCv/vaQOdRDfC7l5M/xBkqiOr28GEAAwO7t0Lz2q4uyvqqjBgnxyYkzRmXLE LFOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1703017060; x=1703621860; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=BeNIslUyAnvmnJ0fu9Vv/DWykKwyAjd3qs7Lsoi6jK8=; b=Sg5rGmx9iPxvJ6R7g4cQBScLvc2ctktD3+dyhNSOyFvHqtWFw3Ng0y9SC+IeDSruHF hJlO0Hj21EfuBZTM6UZAMYOV/BBv30/or1Lawo/Yxw+TA1WMSmR8Por1q5eFBPnP2KOj +gCzb/wci1wPdW91bT1tmN8TnAiJPbOEcqns5uhbToM/zli6jEg3eD1eqI8qjDZ38xIt lRmCDK5LEA5lGlvy2wmfAUsNeT5eDcRonF7Dz+/3lVWaGO4pK67Ewp+CeMlNJjxqU80T hvJ/LPXpA9HzeAWnm713xofU67s2vT/Z2JxSuxEcl16XuL/PDeJx5yzJGKdvVPsOeSmK oEsw==
X-Gm-Message-State: AOJu0YwoIfi21XJSwFnSK5GA9aFNAjDsdLchiotHbV03f+vxfz7LOWhd 3hOKsB98mHmsuhCOkT0//EN5JAgamaA=
X-Google-Smtp-Source: AGHT+IGf4L5vJ8+c+KzMova5FsyjUSukYGx/h6NgiD9RjSB4FJyPhUB35tqnDk0l2Dzbz8YFGghBpA==
X-Received: by 2002:a05:6358:2484:b0:172:eba7:5184 with SMTP id m4-20020a056358248400b00172eba75184mr2974527rwc.12.1703017060070; Tue, 19 Dec 2023 12:17:40 -0800 (PST)
Received: from smtpclient.apple ([2601:647:4500:91:d8d0:7fe3:d557:eb0a]) by smtp.gmail.com with ESMTPSA id h6-20020a17090a2ec600b0028afdb88d08sm2038372pjs.23.2023.12.19.12.17.37 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Dec 2023 12:17:38 -0800 (PST)
From: Thomas Haynes <loghyr@gmail.com>
Message-Id: <2EA19246-8A5E-458E-81B4-61FCEE67241D@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_01A0CFD8-3B7E-4250-A56E-F5D7C7AD6B97"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.200.91.1.1\))
Date: Tue, 19 Dec 2023 12:17:24 -0800
In-Reply-To: <CDF49605-5DDE-4CCE-BBF0-A038E9376CB7@gmail.com>
Cc: NFSv4 <nfsv4@ietf.org>, Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com>
To: David Noveck <davenoveck@gmail.com>
References: <169997789858.7698.1352596107183873281@ietfa.amsl.com> <CADaq8jdiNrsN9sLR+xW1xYQtNiVVos5JLVWebSGC-YHixrLe9Q@mail.gmail.com> <CDF49605-5DDE-4CCE-BBF0-A038E9376CB7@gmail.com>
X-Mailer: Apple Mail (2.3774.200.91.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/LeuMLwNXUNTkI9lVS-hoGXMZUJ4>
Subject: Re: [nfsv4] New Version Notification for draft-dnoveck-nfsv4-security-07.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2023 20:17:45 -0000

Resending...

> On Nov 16, 2023, at 11:05 AM, Thomas Haynes <loghyr@gmail.com> wrote:
> 
> I will be on a plane for the first meeting.
> 
> Please use a spell checker.
> 
> 1) Section 1.1.1.
> *  The attributess owner, owner-group, and mode needed to be made
> ^^ spelling
> 
> 2) 1.1.2.
>       ovecomplicate the specification, and create difficult
> ^^ spelling
> 
> 2.1) 
> 
> The attributess owner, owner-group, and mode needed to be made
>       REQUIRED since clients need this information and not supporting
>       these attributes would create troublesome interoperabiity issues.
> a) This almost sounds normative, with “need” being “MUST”.
> 
> b) But more importantly, why do the clients require these attributes and what troublesome interoperability issues will arise?
> 
> c) “interoperabiity” is misspelled.
> 
> I’m not going to call out any remaining spelling errors, please use a spell checker.
> 
> 3) Then:
> 
>       the acl-related attributes either.  To continue in this way would
> Vs
> 
>    *  The handling of ACLs is not described in the detail normally
> a) Is ACL to be capitalized or not?
> 
> b) And the first use should expand the acronym.
> 
> 4) 
> 
> Because of
>       the broad license granted by previous specifications to allow
>       server implementations to choose how to behave, clients are forced
>       to accept a broad range of server behaviors, with no way of
>       reliably determining server behavior actually implemented.
> a) I understand why you use “license", but my first thought was confusion because I didn’t think the IETF granted use licenses.
> 
> b) “broad” is repeated. I got the point the first time you used it.
> 
> 5) Is this one or two sentences? The first seems to end prematurely.
> 
> The remaining issue caused by this approach, of providing a way
>       for clients to determine the authorization-related effects of
>       setting.  ACLs or other security-related attributes, cannot be
>       addressed in this way.
> 
> 
> 6) In section 1, features are introduced without any reference to where they appear in one of the prior documents. I understand that this is difficult due to there being 3 versions to support, but we can decide to simply reference RFC7530.
> 
> 
> Section 1.2.
> 
> For such pending issues, the following annotations will be used:
> 
>    *  A paragraph headed "[Author Aside]:", provides the author's
>       comments about possible changes and will probably not appear in an
>       eventual RFC.
> 7) In the section tags, you can add removeInRFC=“false” or removeInRFC=“true”. You might be able to add this to other tags,
> 
> Section 1.3.
> 
> 8) A lot of repetition in this section.
> 
> Perhaps the way to deal with compliance is to state that the changes made in this document they should be addressed in prior versions, but are required for the next version of NFSv4.
> 
> I.e., one specific concern would be to say that AUTH_SYS is not supported in NFSv4.3 and beyond.
> 
> Whether we require Kerberos or RPC-with-TLS is something we can determine when we get to NFS4.3.
> 
> Appendix A:
> 
> 9) 
> 
>    Another such change was in the treatment of AUTH_SYS, previously
>    described, inaccurately, as an "OPTIONAL means of authentication"
>    with the unfortunate use of the RFC2119 keyword obscuring the
>    negative consequences of the typical use of AUTH_SYS (in the clear,
>    without client-peer authentication) for security by enabling the
>    execution of unauthenticated requests.
> I think you are rewriting history here. The negative consequences were known at the time and accepted as a means to allow NFSv4 to be deployed in data centers “without” external connections.
> 
> I.e., it was a means to replace NFSv3 without adding the overhead of Kerberos.
> 
> 10) Appendix A seems to repeat large chunks of Section 1. Is this either going to be combined or is the Appendix going to be removed in the future?
> 
> I am fine with Appendix A and B being used to track consensus as the document matures, but I don’t believe they are needed in the final document.
> 
> 11) Going back to point 8 above, my motivation for consolidating the Security over the 3 versions was not to rewrite but to consolidate. I am of the firm belief that rewriting requires a new version of the protocol.
> 
> 
>> On Nov 16, 2023, at 8:28 AM, David Noveck <davenoveck@gmail.com> wrote:
>> 
>> As I promised at IETF118, I have submitted the next draft of the security document.  I know lots of people were unable to attend, because the meeting was at 4AM Pacific among other reasons.  The slides I presented are available in the datatracker.  Let me know   if you have any questions.
>> 
>> I will be presenting regarding this document at the 11/21 interim.  The slides will be available soon.  I'd like to start discussing adoption of this document pretty soon so it would be helpful if people became more familiar with it.  The diff with -07 is straightforward, but given limited familiarity with that document it might not be all that helpful and an rfcdiff with rfc8881 will be both voluminous and useless.
>> 
>> Given that most people will not have a chance to read the full document, I am suggesting people familiarize themselves with Section 1  (about ten pages) and follow up with appendices A and B to help jumpstart our discussion of issues for which consensus needs to be ascertained.
>> 
>> The other focus of discussion at the 11/21 meeting will be the internationalization document but there will not ne a new document for the the 11/21 or 12/5v meetings.  I'm hoping for 12/19.  It might be helfl for people to look at the slides for this since there is a discussionfor the working group to make.
>> 
>> ---------- Forwarded message ---------
>> From: <internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>>
>> Date: Tue, Nov 14, 2023 at 11:04 AM
>> Subject: New Version Notification for draft-dnoveck-nfsv4-security-07.txt
>> To: David Noveck <davenoveck@gmail.com <mailto:davenoveck@gmail.com>>
>> 
>> 
>> A new version of Internet-Draft draft-dnoveck-nfsv4-security-07.txt has been
>> successfully submitted by David Noveck and posted to the
>> IETF repository.
>> 
>> Name:     draft-dnoveck-nfsv4-security
>> Revision: 07
>> Title:    Security for the NFSv4 Protocols
>> Date:     2023-11-14
>> Group:    Individual Submission
>> Pages:    172
>> URL:      https://www.ietf.org/archive/id/draft-dnoveck-nfsv4-security-07.txt
>> Status:   https://datatracker.ietf.org/doc/draft-dnoveck-nfsv4-security/
>> HTML:     https://www.ietf.org/archive/id/draft-dnoveck-nfsv4-security-07.html
>> HTMLized: https://datatracker.ietf.org/doc/html/draft-dnoveck-nfsv4-security
>> Diff:     https://author-tools.ietf.org/iddiff?url2=draft-dnoveck-nfsv4-security-07
>> 
>> Abstract:
>> 
>>    This document describes the core security features of the NFSv4
>>    family of protocols, applying to all minor versions.  The discussion
>>    includes the use of security features provided by RPC on a per-
>>    connection basis.
>> 
>>    The current version of the document is intended, in large part, to
>>    result in working group discussion regarding existing NFSv4 security
>>    issues and to provide a framework for addressing these issues and
>>    obtaining working group consensus regarding necessary changes.
>> 
>>    When the resulting document is eventually published as an RFC, it
>>    will supersede the description of security appearing in existing
>>    minor version specification documents such as RFC 7530 and RFC 8881.
>> 
>> 
>> 
>> The IETF Secretariat
>> 
>> 
>> _______________________________________________
>> nfsv4 mailing list
>> nfsv4@ietf.org
>> https://www.ietf.org/mailman/listinfo/nfsv4
>

v2.23.0 | Report a Bug | By Email