IETF Logo Mail Archive

Re: [nfsv4] New Version Notification for draft-cel-nfsv4-rpc-tls-01.txt

Trond Myklebust <trondmy@gmail.com> Fri, 29 March 2019 03:54 UTC

Return-Path: <trondmy@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD7E912052E for <nfsv4@ietfa.amsl.com>; Thu, 28 Mar 2019 20:54:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wk2Xvd6Rnk1t for <nfsv4@ietfa.amsl.com>; Thu, 28 Mar 2019 20:54:33 -0700 (PDT)
Received: from mail-it1-x12d.google.com (mail-it1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96AC312051E for <nfsv4@ietf.org>; Thu, 28 Mar 2019 20:54:33 -0700 (PDT)
Received: by mail-it1-x12d.google.com with SMTP id z126so1698720itd.5 for <nfsv4@ietf.org>; Thu, 28 Mar 2019 20:54:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6zGZXYchMNwnDJMu2CPZ5yxacSNVN5FQRPo497D872o=; b=j+mb0JzA3WjF6esW16iPSp2CouXumTy2fAkhds5q7zOY5l4/mnsgQP4JaO+oXcLb4Y Z/9HxEXPzK2XId3uzNpfFb4wZUDFTF9HwEJxtDm87jsBwZcdF41RCtlgIS7ezvB4tmEa Sl1LZhW2ImtcqsYEhpQLbcxXWLPCPdCvA9CXdhV+y6A6aWomhkxws0BehcbrT3EaKrvE PNzvuaRoaF1c44caaCM43E/GNo+VyXPtdS6Z0swRF4ECHgdCVIQSp3/drUgF5WTC3XMs 9MHm2hX+w8DyxHE9fY228+E4KfI4H+ZLWGnVkM4jDxzJ0vteakCKVJar4od6k/q4YpOC f3yg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6zGZXYchMNwnDJMu2CPZ5yxacSNVN5FQRPo497D872o=; b=mBmCpGS8lTUsIvqY1QbwP1fSVlCtLqBAYufSmswhoVXbBG+DBFasOqZOgOgbzNxgRZ Xi32x+tTQUgdA2HczBB+2NudslKJ9dl6NdKdygzs9w77jpBOUGdVk10PyCea+y6ViZ84 oz4zaBryWNrLCM1vxjQBYqmitRQVWoJFr2xKCZv19I/GgCLyEtJn6JkAHy4zJsooPJVx KwNecj6reN1kIDz5UDPXvWistQEeyCnAqJSKW6DP/q/FrGSesqAYI6/sKkbIsLS46zkZ Wv+5x+NIJLriGx/DY1lSh2A+WY9aI+qw7SdnFQ0EO3dshuNdYfuMbDk0NAPVxlx7A7or YFCQ==
X-Gm-Message-State: APjAAAVlJTG1TDdo4XmsJzYsBzpzZkfp9W17Jz+ZX2GEUcu3b3cRY0zQ 20NllInOK1YlEzQ0SrFDbN+kSceJ5zBGzECmqg==
X-Google-Smtp-Source: APXvYqz6GbSx/0Lc2kAyenFkY9gqTfpxQybJIbNEBClZJ8YHUoWAI4bc90RdrD545/XJCAdkWLe3Zu3KJidGbHQUlB0=
X-Received: by 2002:a24:d244:: with SMTP id z65mr2574185itf.76.1553831672599; Thu, 28 Mar 2019 20:54:32 -0700 (PDT)
MIME-Version: 1.0
References: <154264272736.5235.8955444239583271708.idtracker@ietfa.amsl.com> <CO2PR0601MB7597A7490C43DAE5A3268E6B5D80@CO2PR0601MB759.namprd06.prod.outlook.com> <39802AA5-3F70-48C7-824B-CAC0FB871016@oracle.com> <CADaq8jc82bfxpjxz_f6Uy-4c0yazJujOrKo+TejPkx-q6qq_3Q@mail.gmail.com> <1480794517.422703.1553504031783.JavaMail.zimbra@desy.de> <4F7BC6A0-50F9-47BC-8465-28833835E7F6@oracle.com> <1119874674.601037.1553546666143.JavaMail.zimbra@desy.de> <946EFDD8-F04D-49CD-A1C8-D8E8A6D5EE35@oracle.com> <2020506870.740381.1553612716598.JavaMail.zimbra@desy.de> <CAN-5tyGggDUe2DNSjRc6vAyXgGo4LVwYVK5zmTOyr0soPFVKrQ@mail.gmail.com> <3705AA25-10DF-43BF-BE1D-B0BE27F705DE@eggert.org> <0E00BED9-74D4-4594-A7AC-FCD624461DD7@eggert.org> <880CC259-A82A-401F-A81D-5FCD6A9758B3@oracle.com> <SN4PR2101MB0736EF7A385F5D95107D4118A05F0@SN4PR2101MB0736.namprd21.prod.outlook.com> <3A634328-B190-473B-A6D7-C5878CC2654B@oracle.com> <SN4PR2101MB073663820F28F2AAA8766E38A05A0@SN4PR2101MB0736.namprd21.prod.outlook.com> <CAABAsM49bwZ=Fj_4Y5vKEa8GH-uu-CksozVhB9Z7ODMgfzSeMA@mail.gmail.com>
In-Reply-To: <CAABAsM49bwZ=Fj_4Y5vKEa8GH-uu-CksozVhB9Z7ODMgfzSeMA@mail.gmail.com>
From: Trond Myklebust <trondmy@gmail.com>
Date: Thu, 28 Mar 2019 23:54:21 -0400
Message-ID: <CAABAsM7pD=izi-RG8GsXPNYdS3vO-CJugAnqbGCmM4ve=L2-HA@mail.gmail.com>
To: Tom Talpey <ttalpey=40microsoft.com@dmarc.ietf.org>
Cc: Chuck Lever <chuck.lever@oracle.com>, NFSv4 <nfsv4@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/pVUzt_YRKEwzD98hqPloc_I9fUY>
Subject: Re: [nfsv4] New Version Notification for draft-cel-nfsv4-rpc-tls-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Mar 2019 03:54:36 -0000

On Thu, 28 Mar 2019 at 22:20, Trond Myklebust <trondmy@gmail.com> wrote:
>
> On Thu, 28 Mar 2019 at 20:35, Tom Talpey
> <ttalpey=40microsoft.com@dmarc.ietf.org> wrote:
> >
> > > -----Original Message-----
> > > From: Chuck Lever <chuck.lever@oracle.com>
> > > Sent: Thursday, March 28, 2019 3:43 PM
> > > To: Tom Talpey <ttalpey@microsoft.com>
> > > Cc: Lars Eggert <lars@eggert.org>; NFSv4 <nfsv4@ietf.org>
> > > Subject: Re: [nfsv4] New Version Notification for draft-cel-nfsv4-rpc-tls-01.txt
> > >
> > >
> > > > On Mar 26, 2019, at 1:58 PM, Tom Talpey <ttalpey@microsoft.com> wrote:
> > > >
> > > >> -----Original Message-----
> > > >> From: nfsv4 <nfsv4-bounces@ietf.org> On Behalf Of Chuck Lever
> > > >> Sent: Tuesday, March 26, 2019 1:52 PM
> > > >> To: Lars Eggert <lars@eggert.org>
> > > >> Cc: NFSv4 <nfsv4@ietf.org>
> > > >> Subject: Re: [nfsv4] New Version Notification for draft-cel-nfsv4-rpc-tls-
> > > 01.txt
> > > >>
> > > >>
> > > >>
> > > >>> On Mar 26, 2019, at 12:35 PM, Lars Eggert <lars@eggert.org> wrote:
> > > >>>
> > > >>> On 2019-3-26, at 17:33, Lars Eggert <lars@eggert.org> wrote:
> > > >>>> Also note that STARTTLS is somewhat less secure than running TLS
> > > directly.
> > > >> See for example Section 6 of RFC3207:
> > > >>>>
> > > >>>>   A man-in-the-middle attack can be launched by deleting the "250
> > > >>>>   STARTTLS" response from the server.  This would cause the client not
> > > >>>>   to try to start a TLS session.  Another man-in-the-middle attack is
> > > >>>>   to allow the server to announce its STARTTLS capability, but to alter
> > > >>>>   the client's request to start TLS and the server's response.
> > > >>>>
> > > >>>>   ...
> > > >>>
> > > >>> And RFC8314 recommends (for mail) that "implicit TLS" should be used
> > > >> instead of STARTTLS.
> > > >>
> > > >> Perhaps that is what we should require for RPC on TLS;
> > > >> that is, "STARTTLS MUST NOT be used"?
> > > >
> > > > It's a fine requirement, but there may need to be a justification for the MUST.
> > > >
> > > > It's important to note that such a requirement means you'll need to allocate
> > > > a new port number for such connections. This would apply to any upper
> > > > layer using the new RPC flavor, which in turn might impact the portmapper.
> > > > Note, it may also have implications on the proposed negotiation. If TLS is
> > > > a "done deal", negotiating the auth flavor may be moot.
> > >
> > > We could create a new netid for this purpose.
> > >
> > > Advertise an RPC program with this new netid, and no STARTTLS would
> > > be needed. The client simply connects and begins TLS negotiation.
> >
> > But, the current draft proposes using a new AUTH_TLS exchange, which
> > if successful allows the client to perform a STARTTLS. If you define a netid
> > and/or port number, the client would simply start in TLS, prior to even
> > sending its first RPC.
> >
> > Would that not simply make the whole draft unnecessary?
>
> Anything advertised by the portmapper is as vulnerable to man in the
> middle attacks as the current proposal. If your attacker can intercept
> connections to the NFS server, then they can do the exact same thing
> to the portmapper. Furthermore, using the portmapper doesn't pass
> Tigran's requirement for fast discovery because it may require the
> setup of a second TCP connection (unless you are using UDP) and it
> definitely requires an extra RPC call.
>
> The proposal just to use a different well known port would work,
> however it messes up pNFS for us because the MDS would have to
> advertise both ports to the client if it wants to ensure that the
> client can connect.

BTW: The netid proposal does resolve the issue of quick NFSv4.x
migration/replication/referral connections and for pNFS. Assuming your
fs_locations or LAYOUTGET call to the main NFSv4 server is already TLS
protected, then there are no issues with man in the middle. One
downside is that you would presumably then have to define netids for
all protocols that you need to support RPC/TLS.

v2.23.0 | Report a Bug | By Email