Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma-cm-pvt-data
Chuck Lever <chuck.lever@oracle.com> Wed, 06 November 2019 22:00 UTC
Return-Path: <chuck.lever@oracle.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3A3A120100; Wed, 6 Nov 2019 14:00:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jM74DyRS5ovB; Wed, 6 Nov 2019 14:00:45 -0800 (PST)
Received: from userp2120.oracle.com (userp2120.oracle.com [156.151.31.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C39812002F; Wed, 6 Nov 2019 14:00:45 -0800 (PST)
Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.27/8.16.0.27) with SMTP id xA6Ln3Aj191170; Wed, 6 Nov 2019 22:00:40 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=corp-2019-08-05; bh=J3oKt2W/i6u3iOTkhQzRv6oVO8KRevB1DdQrcf1gt9k=; b=lHz/P1bZRfokV2NpaOwOsY2PSu7i2JBJKFLs/UNzAL/FlG3+XY8L0mW7pn8Y2OaiQiqt vfleh90R9ei0gLYocMWMDnvT3fgHkFwJECoo119zqm/2r+JokZWauP4lIRcojMEkGgGj gAZt7SWsPEjctUsDBzDa9RZezm6S40lp+Jl7siXX2MqS6Y1v1eRj2iOFkzWaI0H0gzph JdCgr7pM19YV4TnMq5ofsunQdyHqwW4vEn1X9Dsez+nUNVLOTTS6U+UfKoC7Ij/BnylD ZsYZRwxrx2rCNZTV4ja0lAld0hIopxZKZ/J2oR9cN/UVThFV2T/q6QnX3jdl5IoqbZPA Cw==
Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70]) by userp2120.oracle.com with ESMTP id 2w41w0t08v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 06 Nov 2019 22:00:40 +0000
Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1]) by aserp3020.oracle.com (8.16.0.27/8.16.0.27) with SMTP id xA6Ln8FP018347; Wed, 6 Nov 2019 22:00:39 GMT
Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by aserp3020.oracle.com with ESMTP id 2w41wep109-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 06 Nov 2019 22:00:39 +0000
Received: from abhmp0019.oracle.com (abhmp0019.oracle.com [141.146.116.25]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id xA6M0b6N008055; Wed, 6 Nov 2019 22:00:37 GMT
Received: from anon-dhcp-152.1015granger.net (/68.61.232.219) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 06 Nov 2019 14:00:37 -0800
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Chuck Lever <chuck.lever@oracle.com>
In-Reply-To: <5e2d5ca8986a23ed98543371ffca9462b064c892.camel@ericsson.com>
Date: Wed, 06 Nov 2019 17:00:36 -0500
Cc: "draft-ietf-nfsv4-rpcrdma-cm-pvt-data@ietf.org" <draft-ietf-nfsv4-rpcrdma-cm-pvt-data@ietf.org>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <09BF5B7E-20E1-461C-9D18-5F45A37F25E4@oracle.com>
References: <HE1PR0701MB2697052833EB5B100338912F957F0@HE1PR0701MB2697.eurprd07.prod.outlook.com> <262BD619-26E1-4C09-BE0C-537D05109DD1@oracle.com> <5e2d5ca8986a23ed98543371ffca9462b064c892.camel@ericsson.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9433 signatures=668685
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1910280000 definitions=main-1911060211
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9433 signatures=668685
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1910280000 definitions=main-1911060211
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/flkIc4ZNpmBFICKiLjcPfAeG46Y>
Subject: Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma-cm-pvt-data
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 22:00:48 -0000
Hi Magnus- > On Nov 5, 2019, at 4:46 AM, Magnus Westerlund <magnus.westerlund@ericsson.com> wrote: > > On Mon, 2019-11-04 at 11:36 -0500, Chuck Lever wrote: >> Hi Magnus, thanks for your review and moving forward with the AD write-up. >> >>> On Nov 4, 2019, at 9:56 AM, Magnus Westerlund < >>> magnus.westerlund=40ericsson.com@dmarc.ietf.org> wrote: >>> >>> Hi, >>> >>> I have started my AD review. It was such a short document that I thought I >>> read through it to figure out what more I need to read. So I have not yet >>> read like RFC 8166. So from a context of having little context understanding >>> the below are my comments and questions. I think it may be faster if you >>> help answering them then I read a lot of documents and still have question >>> marks. >>> >>> >>> 1. So this private data field is only existing in Infinite Band >>> Connection manger? So what this document is defining a structure to a field >>> which currently don’t have any structure but are part of a protocol defined >>> by another body? >>> a. Have this work been formally agreed with IBTA? >>> b. Or is the relationship to the connection manager used to >>> establish the RPC over RDMA different, if that is the case it needs to be >>> better explained. >> >> The private data field is for use by Upper Layer Protocols. It's existence >> is defined by the IBTA, but not its content. It's opaque to the CM, hence >> the name "private". >> >> Both iSER and iWARP itself (both IETF-defined) can place data in this field. >> That's why there >> is a 32-bit format ID field: if that doesn't match the constant defined in >> this document, that means some other ULP is using the private data field, >> and its contents are then ignored by RPC-over-RDMA. > > So with new text as proposed in other email to clarify that this extensions > apply to several different protocols will help making it clear that this is > useful for IETF to define and not stepping on anyone's particular toes. > >> >> >>> 3. Section 5: Is there only going to be one object of private data >>> forever in the relevant communication? If not, why isn’t this a well- >>> specified TLV so that unknow type entries can be skipped to the nest object? >> >> As I understand it, the private data field is used by one ULP at a time. >> I'm not aware of a TLV. There are already existing ULP implementations >> that do not assume a TLV, so that might be a tough sell. >> > > That helps a bit, but basically what we end up with is that the ULP need to > cordinate between the end-point about which private data format(s) it will use. > And if is to include multiple formats it need to know that the peer can delimit > all of them. That is what I see as the issue. Maybe this assumption and > responsibility of the ULP can be made clearer in the document. > >> >>> 4. Even if there ever is going to be one entry, can you be more formal >>> in description of what is a valid message using another format identifier, >>> is that only the 32-bit field of the format Identifier, or also the version. >> >> I can cite the use of this field by other protocols, if that would help. > > As I said yes. >> >> >>> 5. Isn’t the version field just unnecessary? If one needs version using >>> another format identifier is more easy than the identifier + version >>> construct. >> >> It's possibly superfluous. But: >> >> - the two fields serve different purposes, even though they could be combined. >> - there's already an implementation that uses both fields. > > So, I understand that your down the road on this one and you don't need to > implement any change. But, it was a reflection I had after commenting on issue > 4). > >> >> >>> 6. Section 6: The IANA consideration is confusing. If the specification >>> for a CM private data format requires IESG approval, then why have the >>> expert review policy. In that case one can simply use the IESG approval >>> policy instead. However, requiring any type of IESG approval here appear to >>> be a way to high bar. I think expert review is likely appropriate, but the >>> guidance to the Experts needs to be clearer. For example what happens if >>> IBTA want to use this to add some format? >> >> I would be OK with Expert Review only, but: >> >> 1. I will need suggestions about expert guidance. Will look at other RFCs. > > Basically the WG can specify what requirements you consider needed for a > registration request. Publicly availble specification, contact information, what > criterias the expert should make judgment on. Like if there are sensitive > information or not. Etc. > >> 2. IMO WG consensus is needed on the replacement text of this section. > > Sure, and if the WG want to choice IESG approval or Specification Required as > policy for the registry that is also fine with me. However, I am currently not > fine with the strange mix that is currently documented. > >> >> >>> 7. Section 7: The security consideration. I am missing any discussion >>> about the security requirements that the actual extension. It appears that >>> integrity and source authenticity are required for safe operation of these >>> two extensions. >> >> Integrity is a property of RDMA Reliable Connection transports. >> >> Not clear about the source authenticity requirement. Can you elaborate? > > What I am trying to say, is that security consideration sections should make a > security requirement analysis. And what I can see this private data when > delivered to receiver, the receiver need to know that the data was not modified > and it needs to know from whom it came. Thus integrity and source > authentication. Then you can simply add a statement that the protocol you know > to carry this field will provide that security service. > > The other aspect to consider is really if one can get any impact on the peer by > being malicous in setting these fields. For example can I get the peer entity to > consume more resources? To my understanding the answer is partially yes, but not > without having to similarily promise to allocate resources. And if I don't do > things will fail. And the point is that there is other methods that will be more > efficient to do Denile of Service attacks on the peer in the protocol. > > It is usually good to document what aspects of attacks that has been considered > and what level of an issue they are on. The latest: https://chucklever.github.io/i-d-rpcrdma-cm-pvt-data/draft-ietf-nfsv4-rpcrdma-cm-pvt-data.html And a convenience URL for diffing with -04: https://tools.ietf.org/rfcdiff?url1=https://tools.ietf.org/id/draft-ietf-nfsv4-rpcrdma-cm-pvt-data.txt&url2=https://chucklever.github.io/i-d-rpcrdma-cm-pvt-data/draft-ietf-nfsv4-rpcrdma-cm-pvt-data.txt I've tried to address the following issues that you called out after your attempt at an AD write-up of -04: - Now a Proposed Standard updating RFC 8166 - Replaced the stale link to the IB specification - Additional text explaining precedents and the purpose of the Format Identifier - Revised the IANA Considerations section to remove "specification required" language - Revised the Security Considerations section I can take this further if you would like more changes before the next steps. Otherwise I can provide a draft-ietf-nfsv4-rpcrdma-cm-pvt-data-05.xml for you to submit manually. -- Chuck Lever
- [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma-cm-… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Chuck Lever
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… McDonald, Alex
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Tom Talpey
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Chuck Lever
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… McDonald, Alex
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Chuck Lever
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Tom Talpey
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Chuck Lever
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Tom Talpey
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Chuck Lever
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Chuck Lever
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund
- Re: [nfsv4] AD review of draft-ietf-nfsv4-rpcrdma… Magnus Westerlund