IETF Logo Mail Archive

[OPSAWG] AD review draft-ietf-opsawg-mud-tls-12

Paul Wouters <paul.wouters@aiven.io> Fri, 19 January 2024 22:25 UTC

Return-Path: <paul.wouters@aiven.io>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FDFDC14F707 for <opsawg@ietfa.amsl.com>; Fri, 19 Jan 2024 14:25:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=aiven.io
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nc8xuy3Jutt3 for <opsawg@ietfa.amsl.com>; Fri, 19 Jan 2024 14:25:03 -0800 (PST)
Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24B59C14F706 for <opsawg@ietf.org>; Fri, 19 Jan 2024 14:25:02 -0800 (PST)
Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-a28da6285c1so242128266b.0 for <opsawg@ietf.org>; Fri, 19 Jan 2024 14:25:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aiven.io; s=google; t=1705703101; x=1706307901; darn=ietf.org; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=cVVJEeETRm8ZW8bpVw/a/ZPvRFOqVPssRpsalophugU=; b=EIx+L4IyAfc2abqaPHn5JP5UA5uArsTwZtGequRbpB7uY1MZ8SCXLXz9TutZf6iJfo NU6JjEMPktU2E3A/HJsYOlvo8bKzW5vXbksANo1ZyTc6lZJOPuComQkAxU/Cvt0ONO/2 1DxA5NWp3xQX1ypchMK5zk58W6BtvjbUpqDDI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705703101; x=1706307901; h=cc:to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=cVVJEeETRm8ZW8bpVw/a/ZPvRFOqVPssRpsalophugU=; b=AjPzTKDyDyvX2kft6SdRWKpmyPQvTh3WCqKkTKsNITccBYxae/VZ4Wa4IBaPnsB9uY cJZbA86X29qtljAq/MG7UlVFMoHVVDgPhGzCJLd1y9hmBPpq1ENYKqNZlGQxwmg+mSTL nwHPHPN6LY9IhlCSNZ3v0mctpH+z/k0LICk3J3X7SGvydt1Qjq/XGmZzdRfyjES6Y0Dq rnX1erWFtfhoYz1JBVITq5pY9gFrp+e8L5uNULdHeTq/fCsRt2AM4ojj8sBMfsOKDl4b wal/Ha3qH8lTCGhQinrOSleuez3ejwFr+ka7irD51fhpNblxdmY2VWQpIPr7zbTS4YjU jZpw==
X-Gm-Message-State: AOJu0YynYCJQm3xfv83RR0RFf25n93Q6ukfiU7ME7pLqjjbtQ7zrmYco TZKAt7YM/zqfjZCQKRoslGMdhfxFzzg76c5kqzmXTZVUx4L7rp/0kVnakxEoQKizR18Ph0OBqZf hmTRQdh6nzFGS8SpWANxCA0mXDmUyq5+fTddC4g==
X-Google-Smtp-Source: AGHT+IGvBOeoi0A3MCkCXG8JKL9cDdeMy92GBqCrfVy/x2Uy8/JXbL2WQCVADhG+ASlDjmPSFu96n3XEHIkTjUAMtlc=
X-Received: by 2002:a17:906:cd1:b0:a2e:d042:9993 with SMTP id l17-20020a1709060cd100b00a2ed0429993mr1633326ejh.23.1705703100698; Fri, 19 Jan 2024 14:25:00 -0800 (PST)
MIME-Version: 1.0
From: Paul Wouters <paul.wouters@aiven.io>
Date: Fri, 19 Jan 2024 17:24:49 -0500
Message-ID: <CAGL5yWYg92ZWZ+7dOpXwt_HVBrSi5Tas2uPR0SyN+k_2gXEcFA@mail.gmail.com>
To: danwing@gmail.com, blake.anderson@cisco.com, tirumal reddy <kondtir@gmail.com>
Cc: opsawg@ietf.org
Content-Type: multipart/alternative; boundary="0000000000006964a5060f53f367"
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/fmHn_I9YgQqV0rkCUmbqO-JD100>
Subject: [OPSAWG] AD review draft-ietf-opsawg-mud-tls-12
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jan 2024 22:25:07 -0000

Hi,

I am assisting Rob Wilton with some documents, as so I am the (temporary)
responsible AD for draft-ietf-opsawg-mud-tls

I have reviewed this document and have a few questions and comments. I
think the document generally is clear.

I can see the MUD use case for using endpoint recognition based on TLS
properties (eg SNI, ClientHello in TLS 1.2, IP addresses and hostnames. I
don't have as much faith in using MUD to identify rogue TLS connections
based on their cryptographic or extension properties (eg ciphersuites). I
would expect that ciphersuites would change, and that an IoT device would
mostly only implement the one or two ciphersuites (and TLS extensions) it
supports. Malware would have to ensure their C&C can talk all kinds of
ciphersuites and extensions to allow all kinds of limited implementation
IoT devices to connect to it. So I don't think those parts would likely to
trigger a MUD security rule. But there is no harm in trying.

Some specific questions:

   +--rw supported-tls-version*        ianatp:tls-version
          +--rw supported-dtls-version*       ianatp:dtls-version
          +--rw cipher-suite* [cipher hash]
          |  +--rw cipher    ianatp:cipher-algorithm
          |  +--rw hash      ianatp:hash-algorithm
          +--rw extension-type*
          |       ianatp:extension-type
          +--rw accept-list-ta-cert*
          |       ct:trust-anchor-cert-cms
          +--rw psk-key-exchange-mode*
          |       ianatp:psk-key-exchange-mode
          |       {tls13 or dtls13}?
          +--rw supported-groups*
          |       ianatp:supported-group

It seems for TLS 1.3, "cipher" is the AEAD cipher. But for TLS 1.2
this could be a non-AEAD cipher in a ciphersuite that includes the
DH part in the ciphersuite. How would those be expressed? I
know the documents point to advise to use only AEAD for TLS 1.2,
but that does not mean it does not need to be able to express it here?
eg how to express the TLS 1.2 ciphersuit TLS_DH_DSS_WITH_AES_128_CBC_SHA
in this model? See also the "supported groups" entry (I assume this is
about DH groups?)


          +--rw application-protocol*

Is ALPN meant here? Perhaps using "alpn" instead of "application-protocol"
would be clearer? But I'm okay with whatever the WG / authors deem better.

Section 9:

        An attacker cannot read the MUD URL and identify the IoT device.

Should this be "so that an attacker ....." ?

It could use a more inclusive term for "man-in-the-middle", eg "on path
attacker" or "machine-in-the-middle"

Once the above questions are answered and possibly resolved with new text,
I think the document is ready for IETF LC.

Paul

v2.46.0 | Report a Bug | By Email | System Status