IETF Logo Mail Archive

Re: [Ntp] [Last-Call] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity

tom petch <daedulus@btconnect.com> Tue, 16 February 2021 16:52 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBC473A0E3F; Tue, 16 Feb 2021 08:52:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A0igvHRVyqJr; Tue, 16 Feb 2021 08:52:39 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2128.outbound.protection.outlook.com [40.107.21.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D5DB3A0CF1; Tue, 16 Feb 2021 08:52:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N6QgfRfzuG9Q4raZxJp/mhAdCUUx8a2tPiG4GziOQFiVZfHH2nnJ8lN6N3YWXG9oN2KlAw+OXE3OSfUy1byHMAm9SHe3s77rBRy4Ra/0u5/zBrFCoY8BGkF13jnN34Wp9Th+HwH7zGlmhTEtBzXjqXoLgY1CIhJOm831s8z9KKgXA6lLk60AO2x0ri79iYoQK3hIbmPtCrUdpxMufBbwVFa0oOiTgpnubuPD097VqicXhHzKrAXN3xKqGCt/Nnyyc+GIlEwxK1LdbG5PbH/acv9UczWq3XE3ISPVbWYCqTS7jV3JRE5O7pvYwHIcFBgY8dBvSCYI/nHpDKRJMXl90Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ICOV6oNYQWG7AX5x1Dv1DZtgL+Pks0Nuep8gnyiKBl8=; b=llfGZgomXSX1R09ZxPIGmgDh+gjt0HAfuNiBMFXidBmf8hfR0LOlyCnU07i2/IPmbw7DTSxk5jQKG/15q8GILHOwxpS0Lz0Vt08uua6yT825Wf0z8J0jJy84UB7yyASn0kYWJj76MGzseUvg4skEFqPGul+j9IHAD0ibSUX+98ZLdAbmEyhEPXRIrurErkLVQ+JoPYfafb4ruwgtqoXl9vLuMxoMeEf+rxuH9aD+0AtbghoE3gC07M3/g8KfSuA4Z0+CvHA/pk4M/RblNJxLAqyQT77+YqcCYrpOokGVEuBzgOH1RMjWNFMcKKbXCTm5Qh6o1+9cSx9x53mQAVEOUA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ICOV6oNYQWG7AX5x1Dv1DZtgL+Pks0Nuep8gnyiKBl8=; b=doYmj6Tmd6gDeX3bwo/KRYlvd8ht/S5G3PwrUrRI927tDSQHf2Nw2AAJ/9m7RL0jaf2736fvymAsrP6rmmF656P1j0K3rAYZcVrCYalsdlZl1LaRdoodrrdiCHWouHxsQ8nRZpG8zJYARIYHjuUAXyYM5dLluO4qTGhctYpiNmg=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=btconnect.com;
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8) by VI1PR07MB6703.eurprd07.prod.outlook.com (2603:10a6:800:18f::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.12; Tue, 16 Feb 2021 16:52:24 +0000
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::181c:709a:6f7a:b811]) by VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::181c:709a:6f7a:b811%3]) with mapi id 15.20.3868.025; Tue, 16 Feb 2021 16:52:24 +0000
To: Benjamin Kaduk <kaduk@mit.edu>
References: <161195994417.2651.6499166797756243533@ietfa.amsl.com> <60212265.6020204@btconnect.com> <CAB75xn7tXa1BCHd=KFR9DC=+bA01R1A+X2M4oUbrF-YLx8ExJA@mail.gmail.com> <602262BD.3050708@btconnect.com> <20210215011127.GA21@kduck.mit.edu> <602AB12E.9040701@btconnect.com> <20210215234848.GM21@kduck.mit.edu>
Cc: Dhruv Dhody <dhruv.ietf@gmail.com>, NTP WG <ntp@ietf.org>, last-call@ietf.org, draft-ietf-ntp-yang-data-model@ietf.org, ek.ietf@gmail.com, Dieter Sibold <dsibold.ietf@gmail.com>, ntp-chairs@ietf.org
From: tom petch <daedulus@btconnect.com>
Message-ID: <602BF841.6000409@btconnect.com>
Date: Tue, 16 Feb 2021 16:52:17 +0000
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
In-Reply-To: <20210215234848.GM21@kduck.mit.edu>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [86.146.121.140]
X-ClientProxiedBy: LNXP265CA0055.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:5d::19) To VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [192.168.1.65] (86.146.121.140) by LNXP265CA0055.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.3846.38 via Frontend Transport; Tue, 16 Feb 2021 16:52:23 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 1290e362-497d-4c5e-8db9-08d8d29b3c1f
X-MS-TrafficTypeDiagnostic: VI1PR07MB6703:
X-Microsoft-Antispam-PRVS: <VI1PR07MB67032692C8391B788D429EB2C6879@VI1PR07MB6703.eurprd07.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: l9aGFknrWs4TeSYziFwGEHgjo0qjrSAwYhfYrghC+ZuOxsqOwrF6e7Fn3Rqq3tJHyRhvHJXAjD7fpmCrcTWGZbRZUyDTEuysZ6XAGawvlDyF6Om41Wq13k8q0HMmz073KYrCk0POWctdkRM0yiaP+UQG7Q4Tnl+p/AC3A/uKOKWXMioXJOvx+GXw/HdBSmNcrUV3mqqTOj3uLEp9HMdw1NeiJQUkhfSyi+BmlQoZnxZwvkShe1VNlIhURhKl5ZTqYt23nPppoKnvOzvVjLFE5tD0ronTZofwnumFr7Bz3t0MCA1+s50GXu3LNYk5y9z46IOvsXOTSQPg56vv8IU8dtKsz60daNjr8HMByj8bfPmUR3T8AW7tnEWciMeJtEGLNMiCPuTqd/aoNyIMcqU8Jp55H3/wHnxWgTNw7Nro7NVUEsTaHNSunJchKIoP+Bk0VAOZpyxXL5N0bpkO/WtHNUwl7iEMjancYChAFGzAxaRlE4PUe8rVn6iwYjKrKEAwQn4aWs2JXRMtGS+n3u7X7WsTfg8wTX78hzA1XSeYItWbsl1stn3AcR8PfonfziaOkFMsFaVAd0QNeyz07L8OZyPcvdpghFgCvgebuJQJp/8=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB6704.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(39850400004)(396003)(136003)(376002)(346002)(26005)(2906002)(316002)(2616005)(186003)(83380400001)(36756003)(478600001)(53546011)(4326008)(16576012)(956004)(16526019)(86362001)(54906003)(66476007)(8936002)(66556008)(66946007)(8676002)(6666004)(5660300002)(6486002)(966005)(87266011)(52116002)(33656002)(6916009); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: 35Mw0oxaUQSVNBWsCTkhJvK1akmRoS6DBoJutDLs8sbjSzrxThTcEBd1/tzsNu7V+uznhYX/tYvSpNyyKaOwvdkzhwV4/rjpWbwhBRNTlA9jkZe+lZs3MDeE+F5Syh22EfNc7yBt9CT8uHnqrTMcFaTz5b4YMqzyj14ZHV9S1UNg9uxxRGgI6wfvlZ0YVVvtMO8kaL1w5BqvDwWEjKEEdJe40ZHn6jiWFbVrN4DIB3SgYlAifg9JSuX5J0dUQHyg9FNzTpSEwYV2fW5VPzAgixpy1QC83xZES9FDDnlcHH7Vb6A/GBQ643EBVMWj/nRcR/XyQ5rxHHGZUtwORrgEP6WuNx+GLiQSN7A94XI18ynwLGowfQV+/hrLcFX48R19XUjZbGVIAIpzfqfBDElAsPEuh8QXPiof1/1aVANuPOCzvkCnJBuhyW2wZkb5hzPmccLE4u7ntyqkmtgNpOlFP2NJJXt72VaLOqBS0c0ywKjbCZgd/oXb6UXzZEnKlKSIy2qwLB0tnoF+DdoT/AswTdhuGhDW6kDsFYmXmXv6INE+a/MX8aVZ8fr13U2YyRdkUbxpk4CjXKuqypSA3/m25VmUsymqY/5h8w9996eki44GNnTVR3wEa45fN0UW2DGpvuPQW/snK1YHQytyYD1drWfIVNOI4J11n96/JxvBZmTPTeFcDS/j6KW1wxbWAs6cBnw3tGuHAI4Aj+q34cbowLpSGeq8AcB0Zg170pInnzLet+gPYlKa98QjCsv+cIcmDoyJy7t+CnnFk4CAah3ZY5hqO5DQsUlPkXa9fy7d2qeZuuRvh5x4vOFAx7WqK5rS6NTIZkeKY8EVq+7P0fKhnokoHiAlD/FTiyuYxWkyUZzC4EgYM/XjQY6HPWXAhv4vbXERZNZu8+67yargi32wmFm3s09cK1fKWcVeonqU+KmoE5PdsZ+3RiSUW/50WxdG6GsVx6Z3dT2wyfGuD5m5/MT60zOGE+RSfS9bOLNiLW/V6FcQcHArBQKzW70Bsb2J+idmpbKvtguuu1HJV+HaKHwXRmA5DnXHYnLmaR20+1r81DgtQMp3uPA/D/f0GH3cXRB/aSMIFmYXQei52o9u+DtN9Yos1gP4peiOQ7yctAaEtbi2PTpZBboojtjobHOTSCqMsBpjqfX8ilzBVyw2CdX3aAC1EyRz1CYmQwLNh7aQZX6QuP2yj6qeeVx24pNFyvlHLENbnmjWDIHm339/82K1bLiw2MBV1myZhwd1HmeitB0g+cmdfRaCPnJDx32aAPfBisRbaQnzmF0MVhOj/EEyXJe9HeX3ih/TH3VDQk2wjjrNlKD747fDkpW1leS6
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1290e362-497d-4c5e-8db9-08d8d29b3c1f
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB6704.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Feb 2021 16:52:24.7043 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: iv3FAtgvT2FJsZV9+gcdF8uDRlYmDutH1+rwuiA+keWgZ40G2zKYgAhyx5HbCGA2PTUFz29vXjYa1JJcl1r/cA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB6703
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/EpbYhZPrbfFcBoZvP9LjvoGe75Y>
Subject: Re: [Ntp] [Last-Call] Last Call: <draft-ietf-ntp-yang-data-model-10.txt> (A YANG Data Model for NTP) to Proposed Standardsecurity
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2021 16:52:48 -0000

On 15/02/2021 23:48, Benjamin Kaduk wrote:
> On Mon, Feb 15, 2021 at 05:36:46PM +0000, tom petch wrote:
>> On 15/02/2021 01:11, Benjamin Kaduk wrote:
>>> Hi Tom,
>>>
>>> On Tue, Feb 09, 2021 at 10:23:57AM +0000, tom petch wrote:
>>>> On 08/02/2021 17:05, Dhruv Dhody wrote:
>>>>> Hi Tom,
>>>>>
>>>>> Thanks for your detailed review. Lets discuss the security first -
>>>>>
>>>>> On Mon, Feb 8, 2021 at 6:07 PM tom petch <daedulus@btconnect.com> wrote:
>>>>>>
>>>>>> This is my second response to this Last Call, about a possible security
>>>>>> issue.
>>>>>>
>>>>>> RFC8573 seems clear that MD5 must not be used to effect security for NTP
>>>>>> but this I-D imports iana-crypt-hash which allows MD5 without any
>>>>>> restriction, so is MD5 allowed or not?
>>>>>
>>>>> Good question. While it is easy to restrict the use of MD5 by adding a
>>>>> must statement, I want to check if it is a good idea. The YANG model
>>>>> is written in such a way that it supports older versions of NTP as
>>>>> well. Would barring MD5 configuration be an issue if there are older
>>>>> implementations in the network still? I think perhaps adding a warning
>>>>> in the description is a good idea. I did a quick search and dont see
>>>>> other YANG models doing a check either. Would be good to get some
>>>>> guidance on this.
>>>>
>>>> Dhruv
>>>>
>>>> After many years, Security (AD, secdir, advisor) still have the power to
>>>> surprise me but I would still be surprised if Security were happy with
>>>> an I-D which places no constraint on MD5 when the IETF has published RFC
>>>> deprecating its use and NTP has RFC8573 which specifically deprecates it.
>>>>
>>>> Yet Security may not realise this from reading this I-D since the
>>>> unrestricted use of MD5 is not immediately apparent so my post was aimed
>>>> at bringing this to the attention of Security.  As to whether this needs
>>>> a note in Security Considerations or enforcing by YANG or both I am less
>>>> clear on - that is up to Security.  If the YANG is to deprecate it, then
>>>> the features in ianach make that possible.
>>>>
>>>> Whether or not MD5 is widely used in the field is irrelevant.  The IETF
>>>> consensus it to deprecate its use and I am sure that the IESG will want
>>>> this I-D to do just that.
>>>
>>> Thanks for flagging the issue; it's good to have many eyes looking out for
>>> these things.
>>>
>>> That said, I think recent practice has been to not take a strict hard line
>>> that MD5 cannot be used ever, and that non-cryptographic uses for legacy
>>> compatibility can be retained, when accompanied by a disclaimer that the
>>> use of MD5 is not for cryptographic purposes and that MD5 is not a secure
>>> cryptographic hash function.
>>>
>>> There is an example of this buried in my remarks at
>>> https://datatracker.ietf.org/doc/draft-ietf-extra-imap4rev2/ballot/ that
>>> resulted in the text now found at
>>> https://tools.ietf.org/html/draft-ietf-extra-imap4rev2-29#section-11.6 .
>>
>> Ben
>>
>> Thank you for noticing:-)
>> The -10 that I reviewed had
>> - MD5 is used to turn an IPv6 address into a 32-bit identifier
>> - MD5 can be used for authentication without constraint
>> - AES-CMAC cannot be used for authentication.
>> I do not have a view on the first but see the second and third as
>> contradicting RFC8573 and so in need of change.  Allowing AES-CMAC I see
>> as not controversial but do not have a view as to what to do with MD5
>> used for authentication e.g.
>> - allow without constraint
>> - allow, but deprecated, in the YANG
>> - allow with a note in Security COnsiderations
>> - do not allow in the YANG
>> etc.
>> I am still sitting on the fence on that issue, lacking the secuirty
>> insight as to what would be acceptable, to you and the IESG.
>
> I would mostly have expected the MD5 authentication option to be split off
> into a separate YANG module that aguments the base one, or maybe hidden
> behind a YANG feature, in order to give implementations the ability to "do
> the right thing" (that is, expose only the modern crypto) while remaining
> compliant with the primary YANG module.  As far as I know, either of those
> options would still make it pretty trivial to also expose the MD5
> functionality for legacy compatibility (which is in some different sense
> also "the right thing to do", at least for now), but would make it clear
> that it's not endorsed by the IETF to the same level.

Ben

Thank you for the suggestions.  I will pursue it with Dhruv and see what 
he wants to do.  YANG feature would seem the simpler option to me but 
either sound fine.

Tom Petch

> -Ben
> .
>

v2.23.0 | Report a Bug | By Email