IETF Logo Mail Archive

Re: [nfsv4] Roman Danyliw's Discuss on draft-ietf-nfsv4-rpc-tls-08: (with DISCUSS and COMMENT)

Roman Danyliw <rdd@cert.org> Fri, 21 August 2020 19:46 UTC

Return-Path: <rdd@cert.org>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF5703A153C; Fri, 21 Aug 2020 12:46:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sF7qHZdkHNdl; Fri, 21 Aug 2020 12:46:29 -0700 (PDT)
Received: from taper.sei.cmu.edu (taper.sei.cmu.edu [147.72.252.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CC3F3A1740; Fri, 21 Aug 2020 12:45:15 -0700 (PDT)
Received: from delp.sei.cmu.edu (delp.sei.cmu.edu [10.64.21.31]) by taper.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 07LJjDKX025395; Fri, 21 Aug 2020 15:45:13 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 taper.sei.cmu.edu 07LJjDKX025395
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1598039113; bh=wWWnvniJJkdt906NVVAQ9AGVfykDmIyILey2TF3ygfs=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=rru5tGwe6hKWcupi3mb6BXMX07oMNRVbzPTmhXRIb84M7kVC6iER7rT07Ke4Qe8qg aUgFXsEaLGgwnShK1yhX6CyoZSqpXQJcuEbMn0FmBORxnuBPpIxxOPQmnvY4brq+a7 h/FlRLWwf1z3S60vkfK9+c10y+HmgfrnKXCGO6gE=
Received: from MURIEL.ad.sei.cmu.edu (muriel.ad.sei.cmu.edu [147.72.252.47]) by delp.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 07LJj7ue023506; Fri, 21 Aug 2020 15:45:07 -0400
Received: from MORRIS.ad.sei.cmu.edu (147.72.252.46) by MURIEL.ad.sei.cmu.edu (147.72.252.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Fri, 21 Aug 2020 15:45:07 -0400
Received: from MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb]) by MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb%13]) with mapi id 15.01.1979.003; Fri, 21 Aug 2020 15:45:07 -0400
From: Roman Danyliw <rdd@cert.org>
To: David Noveck <davenoveck@gmail.com>, Chuck Lever <chuck.lever@oracle.com>
CC: "draft-ietf-nfsv4-rpc-tls@ietf.org" <draft-ietf-nfsv4-rpc-tls@ietf.org>, The IESG <iesg@ietf.org>, NFSv4 <nfsv4@ietf.org>, nfsv4-chairs <nfsv4-chairs@ietf.org>
Thread-Topic: [nfsv4] Roman Danyliw's Discuss on draft-ietf-nfsv4-rpc-tls-08: (with DISCUSS and COMMENT)
Thread-Index: AQHWVA4c+FRN9av/oE6VcrsTUtAB4Kj8ffcAgBRAiICAF5pxAIAG+giAgBPk/4A=
Date: Fri, 21 Aug 2020 19:45:06 +0000
Message-ID: <de856156e0dc4eaca3c00fe1bdf998ef@cert.org>
References: <159409225571.12966.1097397622994927028@ietfa.amsl.com> <18B68FBF-34A1-4F8F-A0E3-4A88ABAAF900@oracle.com> <F9231574-4E6B-49F2-A752-085C5A58C561@oracle.com> <93A02493-3212-4474-994F-7345409D6499@oracle.com> <CADaq8jc+=Q65wif8w9g9g9-vkzfZqWHMG3xDuuZAfZ6NFhmE4A@mail.gmail.com>
In-Reply-To: <CADaq8jc+=Q65wif8w9g9g9-vkzfZqWHMG3xDuuZAfZ6NFhmE4A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.202.178]
Content-Type: multipart/alternative; boundary="_000_de856156e0dc4eaca3c00fe1bdf998efcertorg_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/cuF_5ke0q-IkyCb37Bmqdao4qx4>
Subject: Re: [nfsv4] Roman Danyliw's Discuss on draft-ietf-nfsv4-rpc-tls-08: (with DISCUSS and COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Aug 2020 19:46:39 -0000

Hi David and Chuck!

Thanks for your patience and my apologize for the delay.  More inline …

Regards,
Roman

On Tue, Aug 4, 2020 at 8:59 AM Chuck Lever <chuck.lever@oracle.com<mailto:chuck.lever@oracle.com>> wrote:
>> On Jul 7, 2020, at 11:15 AM, Chuck Lever <chuck.lever@oracle.com<mailto:chuck.lever@oracle.com>> wrote:
>>
>> Hi Roman-
>>
>> Thanks for your review and comments. If I may, I'd like to handle
>> the DISCUSS first, and then respond to the COMMENTs in a separate
>> reply.
>>
>>
>>> On Jul 6, 2020, at 11:24 PM, Roman Danyliw via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote:
>>>
>>> Roman Danyliw has entered the following ballot position for
>>> draft-ietf-nfsv4-rpc-tls-08: Discuss
>>>
>>> ----------------------------------------------------------------------
>>> DISCUSS:
>>> ----------------------------------------------------------------------
>>>
>>> ** Despite Section 5.0 stating that only TLS v1.3+ can be used, there are two
>>> references to TLS v1.2 mechanisms:
>>
>> Good catch!
>>
>>
>>> -- Section 5.0. Per “Implementations MUST support certificate-based mutual
>>> authentication.  Support for TLS-PSK mutual authentication [RFC4279] is
>>> OPTIONAL”.  Shouldn’t Section 2.2.2 or 4.2.11 of RFC8446 be used instead?
>>
>> In fact Section 5.2.3 already cites RFC8446 Section 2.2. I propose changing
>> Section 5.0 as follows:
>>
>> OLD:
>>
>>  *  Implementations MUST support certificate-based mutual
>>     authentication.  Support for TLS-PSK mutual authentication
>>     [RFC4279] is OPTIONAL.  See Section 4.2 for further details.
>>
>> NEW:
>>
>>  *  Implementations MUST support certificate-based mutual
>>     authentication.  Support for PSK mutual authentication is
>>     OPTIONAL; see Section 5.2.3 for further details.
[Roman] Make sense.  Thanks.
>>
>>> -- Section 5.2.4.  The token binding mechanism suggested here, RFC8471, only
>>> applies to TLS v1.2.  The expired draft-ietf-tokbind-tls13 provides the TLS
>>> v1.3 mechanism.
>>
>> Potential replacement:
>>
>> OLD:
>>
>> 5.2.4.  Token Binding
>>
>>  This mechanism is OPTIONAL to implement.  In this mode, a token
>>  uniquely identifies the RPC peer.
>>
>>  Versions of TLS after TLS 1.2 contain a token binding mechanism that
>>  is more secure than using certificates.  This mechanism is detailed
>>  in [RFC8471].
>>
>> NEW:
>>
>> 5.2.4.  Token Binding
>>
>>  This mechanism is OPTIONAL to implement.  In this mode, a token
>>  uniquely identifies the RPC peer.  The TLSv1.3 token binding
>>  mechanism is detailed in [I-D.ietf-tokbind-tls13].
>>
>>
>> Another option would be to remove this section.

I leave this up to the working group/responsible AD to sort out.  My DISCUSS is on the fact this this behavior needs to be specified for TLS v1.3 not on how it gets documented.  My recommendation would be to remove the section – there is no IETF consensus reference for this behavior.  This binding can always be specified later.  If there is a desire to use ietf-tokbind-tls13 and there is work planned to publish it (i.e., pull it out of expired state and iterate to completion), this document could also wait in a MISREF state with the RFC Editorial until it is published.  I suspect there is also the option of re-calling consensus on the document for a downref to an unpublished document.  I’m flexible.

>>
>>> ** Section 7.4.  Per “When using AUTH_NULL or AUTH_SYS, both peers are required
>>> to have DNS TLSA records and certificate material …”, what is “certificate
>>> materials”?  Can this guidance please be clarified (and perhaps related to the
>>> options specified in Section 5.2).
>>
>> Potential replacement:
>>
>> OLD:
>>
>>  *  When using AUTH_NULL or AUTH_SYS, both peers are required to have
>>     DNS TLSA records and certificate material, and a policy that
>>     requires mutual peer authentication and rejection of a connection
>>     when host authentication fails.
>>
>> NEW:
>>
>>  *  When using AUTH_NULL or AUTH_SYS, both peers are required to have
>>     DNS TLSA records, keys with which to perform mutual peer
>>     authentication using one of the methods described in Section 5.2,
>>     and a security policy that requires mutual peer authentication and
>>     rejection of a connection when host authentication fails.
[Roman] Works for me.  Thank you.





> --
> Chuck Lever
>
>
>

--
Chuck Lever

v2.23.0 | Report a Bug | By Email