IETF Logo Mail Archive

Re: [nfsv4] AD review of draft-ietf-nfsv4-rpc-tls

Trond Myklebust <trondmy@gmail.com> Mon, 27 April 2020 20:38 UTC

Return-Path: <trondmy@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E9403A0787 for <nfsv4@ietfa.amsl.com>; Mon, 27 Apr 2020 13:38:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0dIFHGVfGHPu for <nfsv4@ietfa.amsl.com>; Mon, 27 Apr 2020 13:38:00 -0700 (PDT)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 150023A0781 for <nfsv4@ietf.org>; Mon, 27 Apr 2020 13:37:59 -0700 (PDT)
Received: by mail-io1-xd36.google.com with SMTP id o127so20441697iof.0 for <nfsv4@ietf.org>; Mon, 27 Apr 2020 13:37:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pfMsakHvUfaDuc1mXaLWCFDlxmE15PEte8gxEoY3wIY=; b=ll5yG/vnBwTxmj6A9pMLflk/0x9U/v449GFAiFjJCi4gVNg+eh33lujaEosPr5rcXz /mwHj4EXNcmQIgrfzwMxO/bsjFW4ZbDOL8lrimeHkw6fdbMIwJ3TvUzkQW09tBdsA+Rc F5KqC1dDmmgxVR0Z0twu+ZrjvNCrzjqDZlyPViSLc7MQndUdRlTEvebUXa/X6IxSbfUh m5GCxrNQKNX/SAwZN1XgzmK/lXk1f0l8a0PcR7AbWQITdcBUgoXVXxDUbsbEWtn/wKud +Qx7gj7mZOrTFRtbp9akm04XwkNUsCbjiVAeUgpcecEr0zJzZLK9lKoa3FY6SDHDIHFM /dIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pfMsakHvUfaDuc1mXaLWCFDlxmE15PEte8gxEoY3wIY=; b=DFD1NSniN70XsO3k74U93EgcKy/7dJ3NwFlbkTFtBjw9Cc+Tm+hkYr4pXJHHqoB/HA HkY8rGsPvGFHqjUvzTzldSU1Mmzo2e85d2sZsrRdVT3KEpPmpqELSOMsabJ39S/WRA3P op4Qe6OZUzv2H44lo9/65b10ytctk0qKBk8Bt/snZ4BNHV7hfceED00BoBf/M2sCxOm0 zj1qqQeZo+dfSuGPfr2y7ku9UnMTyLIaFFEpzXXLt0ZIt24CVxp8T+InUNB0YXaf8b3F m29Nib/XnEiyE0i6mTg5pyC59wSe4vtY6H5wPNuRkDWOTb9zcB04/bSz2NHyBKJ9cpsq LyNA==
X-Gm-Message-State: AGi0PuZNrSvSF/52bJhtBe6gjPdEzJtbaf3IHNxe5/W13HkPbzXOJC4f QWUDhNaQOh2U+w2YuvCYsKtBsAc9ValAs59pBA==
X-Google-Smtp-Source: APiQypJabjwg2cCg0otbuX+qFqzgVpOQAYor4MInHe3G43MtQkqPM+mbXNEm46sAHLE/F1mFiyGAmInPJRzF8dSmba8=
X-Received: by 2002:a02:9f13:: with SMTP id z19mr21636515jal.29.1588019879181; Mon, 27 Apr 2020 13:37:59 -0700 (PDT)
MIME-Version: 1.0
References: <VI1PR0702MB3775838FD12AB8A89392C17B95C90@VI1PR0702MB3775.eurprd07.prod.outlook.com> <FA2D661E-A787-4772-8F9D-A7594AE82F38@oracle.com> <CADaq8jciLWhL_FMmPcsdrVVS=9Gee8SYAsqi36H5v9iuNo7Pgw@mail.gmail.com> <E414F060-532B-4017-AC7E-5869884B2153@oracle.com> <e5796752c6204ffdd78503b1a9c9045cfd761e52.camel@gmail.com> <F9AC44CE-750E-416A-944D-E2382524020E@oracle.com> <19d2513b1093fc71223e361afca90d1a1ad6183a.camel@gmail.com> <E8D24949-C2A3-463A-953F-FAE7F46D4D23@oracle.com> <4e7912c6c55680f50b05aaa2cdc98f59733cd5b2.camel@ericsson.com> <C89BF8F3-7F65-4995-9CDB-CC1673E01463@oracle.com> <7833b21f09aaffdb35e1a578e2a07b533002d318.camel@ericsson.com> <7B26B15B-DE0C-4B6C-BBB0-D8F7B00EF328@oracle.com> <HE1PR0702MB3772D2EF118A844C6527171995D20@HE1PR0702MB3772.eurprd07.prod.outlook.com> <5CC44355-69D5-4C26-A976-FBECB182033D@oracle.com> <6f44c1ed7d6b4889cc2fdf6597fa032c32a98c75.camel@ericsson.com> <3FE13967-9805-4808-90ED-851B5FEF38DD@oracle.com> <0c882df033889200e038e068ba6d6977520072bf.camel@ericsson.com> <BB87D726-1A4C-4BAD-B67E-5869BF147646@oracle.com> <ff05325b40e8be64055af25b8dd22c8323565fd6.camel@ericsson.com> <83499FF8-BF16-46F4-9485-9694E3BB81D5@oracle.com> <CAABAsM5tUauO3tKAmSbqXKQ6zNRRMpM6Gx9BeR1WTDddHLP+og@mail.gmail.com> <94F6D6BE-F62E-4FAA-91E4-D70C6C69C581@oracle.com>
In-Reply-To: <94F6D6BE-F62E-4FAA-91E4-D70C6C69C581@oracle.com>
From: Trond Myklebust <trondmy@gmail.com>
Date: Mon, 27 Apr 2020 16:37:47 -0400
Message-ID: <CAABAsM7w=mMV3XjsbTdHcCZ5QRTSq0BrVdLyqV1Rp-0zX6ObOw@mail.gmail.com>
To: Chuck Lever <chuck.lever@oracle.com>
Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cb83d905a44bb05c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/p_8m0NdkN2elKxts1TjthKBWiqQ>
Subject: Re: [nfsv4] AD review of draft-ietf-nfsv4-rpc-tls
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2020 20:38:03 -0000

On Mon, 27 Apr 2020 at 11:45, Chuck Lever <chuck.lever@oracle.com> wrote:

>
>
> > On Apr 27, 2020, at 11:11 AM, Trond Myklebust <trondmy@gmail.com> wrote:
> >
> >
> >
> > On Mon, 27 Apr 2020 at 10:21, Chuck Lever <chuck.lever@oracle.com>
> wrote:
> > Hi Magnus-
> >
> > > On Apr 27, 2020, at 4:47 AM, Magnus Westerlund <
> magnus.westerlund@ericsson.com> wrote:
> > >
> > > Hi,
> > >
> > > I think that text works. However, that now recommends using a non-zero
> > > connection ID. From my perspective which have no implementation stake
> into this,
> > > this is fine. However, I would note that this backtracks on what was
> said just a
> > > few messages ago.
> >
> > It's always possible I've gotten something wrong. However, I realized
> that RPC
> > on UDP permits an RPC server to use a different network path to send a
> Reply
> > than the path the client used to send the matching Call. IIUC a
> substantial CID
> > is needed to deal correctly with that situation.
> >
> >
> > I don't think that matters. The server should always authenticate to the
> client during the D/TLS handshake, so there should be no ambiguity about
> the source of the replies.
>
> The server is free to reply via any of its network interfaces. In other
> words, it can perform the handshake using one 5-tuple, then send replies
> via another (or send them via a mix of 5-tuples).
>
> A CID is needed to handle NAT rebinding in any case. But IIUC rebinding
> would look like the client's 5-tuple changing, not the server's.
>
> The question in mind is whether a DTLS session will be perturbed by the
> server's or client's 5-tuple changing. Magnus, can you elaborate on your
> earlier request for a clear statement about this in this section? Is this
> no longer a concern now that the REQUIREMENT to drop an out-of-session
> RPC Call?
>
>
>   For RPC-on-DTLS, each DTLS handshake MUST include the connection_id
>   extension described in Section 9 of [I-D.ietf-tls-dtls13].  RPC-on-
>   DTLS peer endpoints SHOULD provide a ConnectionID with a non-zero
>   length.  Endpoints implementing RPC programs that expect a
>   significant number of concurrent clients should employ ConnectionIDs
>   of at least 4 bytes in length.
>
> Also, I'm not certain if SHOULD is correct here. Instead, "should" or
> "MUST" might be less ambiguous. However, if we all agree the statement is
> totally unnecessary, it can be replaced or dropped.
>
>
I'm saying that it doesn't matter from what network interface, or indeed
which breed of carrier pigeon the server chooses, The client can still
authenticate the reply as being genuine from the fact that the server
authenticated to it at the start of the DTLS session. As long as this is
still the same session, then the client can ignore any changes to the
network topology.


>
> > > I think other WG paricipants should provide input here.
> >
> > I agree, comments welcome.
> >
> >
> > > Cheers
> > >
> > > Magnus
> > >
> > > On Thu, 2020-04-23 at 11:48 -0400, Chuck Lever wrote:
> > >>> On Apr 23, 2020, at 3:27 AM, Magnus Westerlund <
> > >>> magnus.westerlund@ericsson.com> wrote:
> > >>>
> > >>> Hi,
> > >>>
> > >>> With the additional
> > >>>
> > >>> On Wed, 2020-04-22 at 15:49 -0400, Chuck Lever wrote:
> > >>>> After reviewing Section 9 of tls-dtls37, IMO:
> > >>>>
> > >>>> - the explicit reference to tls-dtls-connection-id can be removed
> > >>>> - the discussion of connectionless operation should be dropped
> > >>>> - the strong RECOMMENDATION to use connected operation should be
> dropped
> > >>>> - rpc-tls should REQUIRE the use of the CID extension for
> RPC-on-DTLS
> > >>>
> > >>> To try to clarify this REQUIRE a bit. I think what you mean is that
> the
> > >>> proposal
> > >>> is: It is mandatory to implement CID. Which implies that client
> include the
> > >>> CID
> > >>> extension in the handshake. However if that indicates a CID non-zero
> value,
> > >>> or a
> > >>> zero-length value indicating support but no desire to use it in
> server to
> > >>> client
> > >>> direction is up to the client. Simular it will be up to the server to
> > >>> actually
> > >>> use it.
> > >>>
> > >>>> - rpc-tls should provide implementation guidance to RPC server
> > >>>> implementers
> > >>>> to use large CIDs for popular RPC services.
> > >>>>
> > >>>> Does that sound right? If so I will propose replacement text here
> on list.
> > >>
> > >> For completion, here is the current text of Section 5.1.2:
> > >>
> > >>
> > >> 5.1.2.  Protected Operation on UDP
> > >>
> > >>   RPC over UDP is protected using the Datagram Transport Layer
> Security
> > >>   (DTLS) protocol [I-D.ietf-tls-dtls13].
> > >>
> > >>   Using DTLS does not introduce reliable or in-order semantics to RPC
> > >>   on UDP.  Each RPC message MUST fit in a single DTLS record.  DTLS
> > >>   encapsulation has overhead, which reduces the effective Path MTU
> > >>   (PMTU) and thus the maximum RPC payload size.  The use of DTLS
> record
> > >>   replay protection is REQUIRED when transporting RPC traffic.
> > >>
> > >>   As soon as a client initializes a UDP socket for use with an RPC
> > >>   server, it uses the mechanism described in Section 4.1 to discover
> > >>   DTLS support for an RPC program on a particular port.  It then
> > >>   negotiates a DTLS session.
> > >>
> > >>   For RPC-on-DTLS, each DTLS handshake MUST include the connection_id
> > >>   extension described in Section 9 of [I-D.ietf-tls-dtls13].  RPC-on-
> > >>   DTLS peer endpoints SHOULD provide a ConnectionID with a non-zero
> > >>   length.  Endpoints implementing RPC programs that expect a
> > >>   significant number of concurrent clients should employ ConnectionIDs
> > >>   of at least 4 bytes in length.
> > >>
> > >>   Sending a TLS Closure Alert terminates a DTLS session.  Subsequent
> > >>   RPC messages exchanged between the RPC client and server are no
> > >>   longer protected until a new DTLS session is established.
> > >>
> > >>
> > >> --
> > >> Chuck Lever
> > >>
> > >>
> > >>
> > > --
> > > Cheers
> > >
> > > Magnus Westerlund
> > >
> > >
> > > ----------------------------------------------------------------------
> > > Networks, Ericsson Research
> > > ----------------------------------------------------------------------
> > > Ericsson AB                 | Phone  +46 10 7148287
> > > Torshamnsgatan 23           | Mobile +46 73 0949079
> > > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
> > > ----------------------------------------------------------------------
> >
> > --
> > Chuck Lever
>
> --
> Chuck Lever
>
>
>
>

v2.23.0 | Report a Bug | By Email