IETF Logo Mail Archive

Re: [nfsv4] Last call start for "RPCSEC_GSS Version 2"

Nicolas Williams <Nicolas.Williams@sun.com> Fri, 13 June 2008 20:41 UTC

Return-Path: <nfsv4-bounces@ietf.org>
X-Original-To: nfsv4-archive@megatron.ietf.org
Delivered-To: ietfarch-nfsv4-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9775D3A691B; Fri, 13 Jun 2008 13:41:24 -0700 (PDT)
X-Original-To: nfsv4@core3.amsl.com
Delivered-To: nfsv4@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 199083A691B for <nfsv4@core3.amsl.com>; Fri, 13 Jun 2008 13:41:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.981
X-Spam-Level:
X-Spam-Status: No, score=-2.981 tagged_above=-999 required=5 tests=[AWL=0.065, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HHslHC+qx3lE for <nfsv4@core3.amsl.com>; Fri, 13 Jun 2008 13:41:23 -0700 (PDT)
Received: from sca-ea-mail-1.sun.com (sca-ea-mail-1.Sun.COM [192.18.43.24]) by core3.amsl.com (Postfix) with ESMTP id 1EF293A67B7 for <nfsv4@ietf.org>; Fri, 13 Jun 2008 13:41:23 -0700 (PDT)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by sca-ea-mail-1.sun.com (8.13.7+Sun/8.12.9) with ESMTP id m5DKftA1016524 for <nfsv4@ietf.org>; Fri, 13 Jun 2008 20:41:55 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id m5DKfsIQ045404 for <nfsv4@ietf.org>; Fri, 13 Jun 2008 14:41:55 -0600 (MDT)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1) with ESMTP id m5DKfsQx020457; Fri, 13 Jun 2008 15:41:54 -0500 (CDT)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.1+Sun/8.14.1/Submit) id m5DKfrRO020456; Fri, 13 Jun 2008 15:41:53 -0500 (CDT)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Fri, 13 Jun 2008 15:41:53 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Mike Eisler <mre-ietf@eisler.com>
Message-ID: <20080613204153.GI2735@Sun.COM>
Mail-Followup-To: Mike Eisler <mre-ietf@eisler.com>, nfsv4@ietf.org
References: <559831BE-8E35-43E4-911C-EE570E511C38@Sun.COM> <20080611231608.GA2735@Sun.COM> <47515.198.95.226.230.1213388508.squirrel@webmail.eisler.com>
Mime-Version: 1.0
Content-Disposition: inline
In-Reply-To: <47515.198.95.226.230.1213388508.squirrel@webmail.eisler.com>
User-Agent: Mutt/1.5.7i
Cc: nfsv4@ietf.org
Subject: Re: [nfsv4] Last call start for "RPCSEC_GSS Version 2"
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/nfsv4>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: nfsv4-bounces@ietf.org
Errors-To: nfsv4-bounces@ietf.org

On Fri, Jun 13, 2008 at 01:21:48PM -0700, Mike Eisler wrote:
> On Wed, June 11, 2008 4:16 pm, Nicolas Williams wrote:
> > On Mon, Jun 02, 2008 at 11:30:43PM -0500, Spencer Shepler wrote:
> >> http://www.ietf.org/internet-drafts/draft-ietf-nfsv4-rpcsec-gss-v2-03.txt
> 
> >
> >     - rbcva_chan_bind_hash_oid, should we actually need it (see below)
> >       should be described as containing the DER encoding of an OID.
> >
> >     - But I don't think we need to hash the channel bindings at all
> >       because: a) gss_get/verify_mic() can handle large amounts of input
> >       data anyways, thus no need to hash it down, b) using a hash adds
> >       complexity (including hash agility considerations), c) channel
> >       bindings will typically be hashed data to begin with[*].
> 
> OK, I'm very confused.
> 
> You wrote on April 21:
> 
> ``The primary change here is this: rather than use the raw public keys I

The change was to draft-williams-ipsec-channel-binding to make use of a
hash *there* rather than in RPCSEC_GSSv2.

> want to use a hash of them.  The main reason is: so keeping channel
> binding data in kernel mode implementations is not too difficult (by
> reducing the size of the data to keep around).  Hash agility is pushed
> to the application, which will require a change to RPCSEC_GSSv2 (which
> is still an I-D and has not progressed yet).''

What I meant by pushing hash agility to the application is that it's the
IPsec implementation's job to implement one or more hashes, and the
app's job to pick one.

The change to RPCSEC_GSSv2 is to remove the need for a hash there.  (But
see below.)

> The current RPCSEC_GSSv2 i-d is consistent with what you wrote on April
> 21. But you didn't say how you wanted the  RPCSEC_GSSv2 changed. So
> in absence of guidance, this is what you get.
> 
> As for "typically be hashed data" that's not good enough. RPCSEC_GSS
> creds and verifiers are limited to 400 bytes. Public keys can easily
> exceed 400 bytes.

We don't send the channel bindings though.  Just a MIC, so the 400 byte
issue is a non-issue.

The main reason to worry about channel bindings size is that you have to
keep track of them in kernel-land, which can be a pain.

There's no guarantee, as you point out, that all channel bindings sepcs
will be "small", so I realized last night that we may still want to keep
the hash thing, at least as an option.

If we want it to be an option, then we could say that the empty OID
(zero-length octet string) means "identity function" and that the client
MUST pick a hash only if the channel bindings are larger than the output
size of any of the hash functions available and acceptable to the
client.

If you don't want it to be an option then I don't object, and I retract
my comment about removing the feature.

Nico
-- 
_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www.ietf.org/mailman/listinfo/nfsv4

v2.23.0 | Report a Bug | By Email