IETF Logo Mail Archive

Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt

Chuck Lever <chuck.lever@oracle.com> Wed, 26 September 2018 20:27 UTC

Return-Path: <chuck.lever@oracle.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA9D5128CFD for <nfsv4@ietfa.amsl.com>; Wed, 26 Sep 2018 13:27:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.757
X-Spam-Level:
X-Spam-Status: No, score=-4.757 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.456, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e7hbnkRjTPEp for <nfsv4@ietfa.amsl.com>; Wed, 26 Sep 2018 13:27:47 -0700 (PDT)
Received: from userp2120.oracle.com (userp2120.oracle.com [156.151.31.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA9FD128CB7 for <nfsv4@ietf.org>; Wed, 26 Sep 2018 13:27:46 -0700 (PDT)
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w8QKDnV8171048; Wed, 26 Sep 2018 20:27:43 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=corp-2018-07-02; bh=uydd/Ao7wAdzGpgopSAdSai6z/kHCnmZRPi1omE70vw=; b=Feb1Fr0IXiErpdMzJ3DZegYTQI2QtpG/XJhSKs4QGvsScFPm1k3skx3Eah5O+fI8QbvN YDvwKFQdpMPqYYHHVQPQKxdr01GrO+zGCsGbB8R6FoQk8k8ZbolUSIW1uETqf/+0PurK BEGF03ywNS3gfsArb4yvIMPvew76kukEwXR0m2p6Uog5mvunasJusSKbZZD5ORGyORZZ rdgf7913naPp3QmdM54dF2P3eBSpE1GDt+T3oq0fBECasou1STWp3vUpMSXSgidrm0Ao M/CxZHIG2pu3pZzVbR0xP38Paj4bQcZmfe7mJmfbXPE3CIaDRJKjLTcJigfwnzUveC4O Lw==
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by userp2120.oracle.com with ESMTP id 2mnvtuup46-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 26 Sep 2018 20:27:43 +0000
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w8QKRgsV016407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 26 Sep 2018 20:27:42 GMT
Received: from abhmp0016.oracle.com (abhmp0016.oracle.com [141.146.116.22]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w8QKRgYC014086; Wed, 26 Sep 2018 20:27:42 GMT
Received: from [10.71.9.255] (/8.25.222.2) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 26 Sep 2018 13:27:42 -0700
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Chuck Lever <chuck.lever@oracle.com>
In-Reply-To: <20180926202157.GA826@fieldses.org>
Date: Wed, 26 Sep 2018 13:27:41 -0700
Cc: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, NFSv4 <nfsv4@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <1F2E60B5-E09F-4B33-8301-99C5E5A0F310@oracle.com>
References: <153780090601.28221.16958675117475194416@ietfa.amsl.com> <CADE569F-8584-42CF-A297-E60956D368A2@oracle.com> <CAKKJt-fmB5psmtbm9PJTnhkZkZLCBnCVZnr3fMsf++exN5XObQ@mail.gmail.com> <20180926202157.GA826@fieldses.org>
To: Bruce Fields <bfields@fieldses.org>
X-Mailer: Apple Mail (2.3445.9.1)
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9028 signatures=668707
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1809260190
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/dW9gklNKpgRucoW0UfL8NgvGqKw>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-integrity-measurement-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Sep 2018 20:27:50 -0000


> On Sep 26, 2018, at 1:21 PM, bfields@fieldses.org wrote:
> 
> On Mon, Sep 24, 2018 at 10:45:29AM -0500, Spencer Dawkins at IETF wrote:
>> Hi, Chuck,
>> On Mon, Sep 24, 2018 at 10:06 AM Chuck Lever <chuck.lever@oracle.com> wrote:
>> 
>>> 
>>> 
>>>> On Sep 24, 2018, at 7:55 AM, internet-drafts@ietf.org wrote:
>>>> 
>>>> 
>>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>> directories.
>>>> This draft is a work item of the Network File System Version 4 WG of the
>>> IETF.
>>>> 
>>>>       Title           : File Content Provenance for Network File System
>>> version 4
>>>>       Author          : Charles Lever
>>>>      Filename        : draft-ietf-nfsv4-integrity-measurement-01.txt
>>>>      Pages           : 9
>>>>      Date            : 2018-09-24
>>>> 
>>>> Abstract:
>>>>  This document specifies an OPTIONAL extension to NFS version 4 minor
>>>>  version 2 that enables file provenance information to be conveyed
>>>>  between NFS version 4.2 servers and clients.  File provenance
>>>>  information authenticates the creator of a file's content and helps
>>>>  guarantee the content's integrity from creation to use.
>>>> 
>>>> 
>>>> The IETF datatracker status page for this draft is:
>>>> https://datatracker.ietf.org/doc/draft-ietf-nfsv4-integrity-measurement/
>>>> 
>>>> There are also htmlized versions available at:
>>>> https://tools.ietf.org/html/draft-ietf-nfsv4-integrity-measurement-01
>>>> 
>>> https://datatracker.ietf.org/doc/html/draft-ietf-nfsv4-integrity-measurement-01
>>>> 
>>>> A diff from the previous version is available at:
>>>> 
>>> https://www.ietf.org/rfcdiff?url2=draft-ietf-nfsv4-integrity-measurement-01
>>>> 
>>>> 
>>>> Please note that it may take a couple of minutes from the time of
>>> submission
>>>> until the htmlized version and diff are available at tools.ietf.org.
>>>> 
>>>> Internet-Drafts are also available by anonymous FTP at:
>>>> ftp://ftp.ietf.org/internet-drafts/
>>> 
>>> As a result of the discussion at IETF 102 and recent follow-ups
>>> on this mailing list, I've made substantial changes to this
>>> document.
>>> 
>>> - References to and discussion of Linux IMA have been replaced
>>> throughout the document, with the exception of a single citation
>>> as an informative example in the Introduction. IMA metadata is
>>> now referred to generically using the term "file provenance
>>> information".
>>> 
>>> - Integrity checking of file attributes is no longer an included
>>> feature. There were some issues that made attribute integrity
>>> not straightforward for NFS, especially without an existing
>>> IMA/EVM standard even for local file systems. Attribute
>>> integrity can still be addressed at a later time.
>>> 
>>> - The Introduction now makes a problem statement and discusses
>>> use cases instead of explaining the mechanism of file integrity
>>> checking. The new Introduction addresses the most common
>>> questions I've received during previous review.
>>> 
>>> Spencer D. and other reviewers:
>>> - Have previously stated interoperability concerns been addressed?
>>> - Have normative citation requirements been sufficiently met?
>>> 
>> 
>> Recognizing that I haven't done an AD Evaluation of this draft, but looking
>> at the responses to my previous questions, I think dropping down to one
>> explicit mention of IMA pointing to the best available reference is about
>> right.
> 
> 	"A keyed hash authenticates the identity of the last modifier of
> 	a file's content and serves as a strong check of the content's
> 	integrity.  For the purposes of this document, we will refer to
> 	this as file provenance information.  The Linux Integrity
> 	Measurement Architecture (IMA) is an example of a mechanism for
> 	assessing file content provenance [IMA-WP]."
> 
> I think it's also true that this draft is sufficient to allow a client
> to support IMA?  That also seems worth mentioning.

I'm confused by your remark. I'm describing a transport
protocol between a NFS client and server. Why would it
not be sufficient to implement client support? Or, what
do you believe might be missing in the draft?


> 	"To ensure interoperability among accessors of this information
> 	when it is stored on NFS version 4.2 servers, this information
> 	MUST be self- describing."
> 
> How do you propose that an implementation would make the information
> self-describing?

That is out of scope for this draft.

But typically if an integrity service wanted to do this, it
could use XML or JSON to describe the information, for example.

An HMAC has a particular structure (RFC 2104) that should be
easy to recognize.


> --b.
> 
>> 
>> Thanks for making that change. It will be helpful during Last Call and IESG
>> Evaluation.
>> 
>> Spencer (D)
>> 
>> 
>>> 
>>> I know time is precious, but even a cursory review of this new
>>> revision would be helpful. It's wafer-thin!
>>> 
>>> --
>>> Chuck Lever
>>> 
>>> 
>>> 
>>> 
> 
>> _______________________________________________
>> nfsv4 mailing list
>> nfsv4@ietf.org
>> https://www.ietf.org/mailman/listinfo/nfsv4

--
Chuck Lever

v2.23.0 | Report a Bug | By Email