IETF Logo Mail Archive

Re: [nfsv4] AD review of draft-ietf-nfsv4-rpc-tls

Chuck Lever <chuck.lever@oracle.com> Thu, 16 April 2020 21:31 UTC

Return-Path: <chuck.lever@oracle.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AFFD3A0407 for <nfsv4@ietfa.amsl.com>; Thu, 16 Apr 2020 14:31:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.268
X-Spam-Level:
X-Spam-Status: No, score=-2.268 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OnX1IDk1N2kG for <nfsv4@ietfa.amsl.com>; Thu, 16 Apr 2020 14:31:18 -0700 (PDT)
Received: from userp2120.oracle.com (userp2120.oracle.com [156.151.31.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0246F3A0404 for <nfsv4@ietf.org>; Thu, 16 Apr 2020 14:31:17 -0700 (PDT)
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 03GLI83i066065; Thu, 16 Apr 2020 21:31:10 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=corp-2020-01-29; bh=uW2hhSi+h7BmqnIdkkgu6tRw11hLABmkl6lbNXMeG6E=; b=z9r/JJ44ldTYaFJqKpWgOyKatCVIMuekEob9dXUN5MfPbLjQu3jGcPdQaQTFxi+OlX0e a+ul/zRYijGh0/7ta4UuitvAjMG1GaSPA4zHCHpQ0534NhSVB8eKkQ1/MuJwD1GtKmZO B/R1bIEPMm7nuCtZYRzetTcq29aK5g1tGTiqlfroDqBA2V0LPKLGXaG7AnK36P2wq+rr 6OJ5DGo/O2RWIxruOZ04z1hREUe0KmT5J49tt/tV2/ZFCBwUyaRcYH+CIjYKApeKEoR8 mkJ/Pvqz5fP1DVHN3FC0Se84Ov3hsaS1g5GwPGeHbeIDEGdaHtbxb0EN/yd5AbqyzMvr Yw==
Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70]) by userp2120.oracle.com with ESMTP id 30emejksww-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 16 Apr 2020 21:31:10 +0000
Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1]) by aserp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 03GLC8Jr122907; Thu, 16 Apr 2020 21:31:10 GMT
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserp3020.oracle.com with ESMTP id 30dn9grrpw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 16 Apr 2020 21:31:09 +0000
Received: from abhmp0012.oracle.com (abhmp0012.oracle.com [141.146.116.18]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id 03GLV9Qi002006; Thu, 16 Apr 2020 21:31:09 GMT
Received: from anon-dhcp-153.1015granger.net (/68.61.232.219) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 16 Apr 2020 14:31:09 -0700
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Chuck Lever <chuck.lever@oracle.com>
In-Reply-To: <750B9471-1BC2-4E18-B8D5-F4129353DC6C@gmail.com>
Date: Thu, 16 Apr 2020 17:31:08 -0400
Cc: Benjamin Kaduk <kaduk@mit.edu>, "nfsv4@ietf.org" <nfsv4@ietf.org>, Lars Eggert <lars@eggert.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <591EF30D-F007-4959-A935-5FA779D2D645@oracle.com>
References: <93C777E4-1C58-4307-9943-680E2527A7A3@oracle.com> <750B9471-1BC2-4E18-B8D5-F4129353DC6C@gmail.com>
To: Craig Everhart <cfeverhart@gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9593 signatures=668686
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 mlxscore=0 adultscore=0 spamscore=0 phishscore=0 bulkscore=0 suspectscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2004160146
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9593 signatures=668686
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 impostorscore=0 mlxscore=0 suspectscore=0 lowpriorityscore=0 spamscore=0 mlxlogscore=999 bulkscore=0 adultscore=0 phishscore=0 clxscore=1011 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2004160146
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/c4GTvDPy5bPtdoCbSD167j7rje0>
Subject: Re: [nfsv4] AD review of draft-ietf-nfsv4-rpc-tls
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2020 21:31:20 -0000

Following up -

> On Apr 12, 2020, at 6:30 PM, Craig Everhart <cfeverhart@gmail.com> wrote:
> 
> Is there a reason to require TLS 1.3?  TLS 1.2 isn’t old in many contexts.

My impression is that there are well-known security exposures with earlier versions of TLS and DTLS. Therefore new protocol specifications need to cite 1.3. I understood it to be a best security practice for protocol specifications to avoid enabling the consumption of known-to-be-insecure building blocks. I don't regard the TLS 1.3 requirement as any different from requiring SHA-256 instead of less secure ciphers.

rpc-tls has had two early SecDir reviews already, and there was no complaint about the TLS 1.3 requirement from those reviews. The one AD review comment relevant to this issue was that there should be a similar version requirement for DTLS, and so the next revision of rpc-tls will require DTLS 1.3 as well.

For those following at home, the text in question is this:

5.  TLS Requirements

  When peers negotiate a TLS session that is to transport RPC, the
  following restrictions apply:

  o  Implementations MUST NOT negotiate TLS versions prior to v1.3
     ([RFC8446] or [I-D.ietf-tls-dtls13]).  Support for mandatory-to-
     implement ciphersuites for the negotiated TLS version is REQUIRED.

How do others feel about this? Is the use of a current version of TLS merely an implementation quality issue? How have specifications of other upper layer consumers of TLS dealt with this issue?

My inclination, because we are already well-past WGLC for rpc-tls, is leave it to the IESG to adjudicate this issue.

--
Chuck Lever

v2.23.0 | Report a Bug | By Email