[secdir] SECDIR Review of draft-ietf-nfsv4-umask-03
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 18 May 2017 16:15 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F22D212AF77; Thu, 18 May 2017 09:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.301
X-Spam-Level:
X-Spam-Status: No, score=0.301 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O_KNYoNl0MAl; Thu, 18 May 2017 09:15:19 -0700 (PDT)
Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A712129AF1; Thu, 18 May 2017 09:10:03 -0700 (PDT)
Received: by mail-oi0-x22d.google.com with SMTP id b204so60209487oii.1; Thu, 18 May 2017 09:10:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to; bh=xMSMYPjx9hnV07u+1cxjiqByA+D/cXAoGT3KL2CFMMg=; b=LdO5nTp/zUxAo2MVsA2uLRgV2/a6UJG/oB7sWcdOneAamKGNM96zeCWDZwMwEde9Sr 4T/TnxnhcbMYFbnoPx99TCPKgFlISfXc6C+XTU+pcb9UdgNQ6jNAT7v6Htq1NyYqGcUX BLcgx0Xh+UkIgiQ1iJgmdN/hVLYVSPa5nUIJ87Vkx08XGawE/FPduqThJadzo2Az2ONK 0iiD0KwvwdpZBs+9VTnX4bW6RmqFHTL5A6PKS7qOvqQvmTeb/YNYq9MCS88Oq4Sd2Rbp 3zSsIiBPTUiRd1b1M5RFrfRoIyhXj8q0aKWFPZsA0kUvQJYamWaHnqRaDnfKfshTPOmi 1Pfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=xMSMYPjx9hnV07u+1cxjiqByA+D/cXAoGT3KL2CFMMg=; b=CvpQAdgT7tw6GeFypIc0XJ+6rmUFhWRpDwwbuIvqXpG2vz81sBenCcspEo+aOGyecT clqoab8+xpBbEkr8PzIKVp924EYWN+DhMn25JyLHIP7Gij8iWkiEjwr3CxNN9IMM6pCf EZkaOVcZs2Tr+hw0oW2iJkTmTDlAW+K7Y6pcv3xJQ8awrsLp6UIjYVJhluRgKc1nRCWk 106mvYCFLVR2QKttOopU/uEkF7pvtw0LUW0teewE8dJKZ/AidZ3rURQTCHJXb4Ed9Myi hwKVsYF5+uLNpOxhwLQWLa84KhMzaFtUITxYJFqDvy5S7mb3rfw9X+RZ7P1lnc82vpaB yfqA==
X-Gm-Message-State: AODbwcAcfGdIOysaaBt5pcUspACT6SGhP+XF7ovIYokH79Zk/BbCIKYo r479vSBS80D36JZ0g0drOUNstbFapwiA
X-Received: by 10.157.25.25 with SMTP id j25mr2908327ota.112.1495123802441; Thu, 18 May 2017 09:10:02 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.157.17.34 with HTTP; Thu, 18 May 2017 09:10:01 -0700 (PDT)
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 18 May 2017 12:10:01 -0400
X-Google-Sender-Auth: qyYwXBZ4yh373lKGMsoFIZLSomY
Message-ID: <CAMm+Lwh+E+BsATQmmX6ccJou-sz1XNtFHxQZikohYCeT0qkfdQ@mail.gmail.com>
To: "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-nfsv4-umask.all@ietf.org, IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="f4030435b94823ce08054fcea385"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/I4dbwwb8Xao1BLtvs8NEO00ejWQ>
Subject: [secdir] SECDIR Review of draft-ietf-nfsv4-umask-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 May 2017 16:15:22 -0000
Reviewer: Phillip Hallam-Baker Review result: OK but... I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. Document: Review of draft-ietf-nfsv4-umask-03 Reviewer: Phillip Hallam-Baker Review result: OK but... This particular draft looks OK to me. Aligning the semantics of NFS with the semantics of the file system seems to me to be absolutely the way to go forward. I am not sufficiently experienced in the semantics of NFS or Unix as deployed to be able to offer an opinion on whether the draft achieves that. However it appears that the author does. What is problematic here is that the Security Considerations in the draft are essentially relying on those in rfc7530 which are woefully inadequate given the critical role of NFS in Internet security. They are not so much a security plan as a collection of random thoughts jotted down in haphazard fashion. There is clearly no coherent model of what NFS security should achieve, what the threats are, what controls are deployed to control them. Also note that the main reason this review is late is that I have been dealing with issues arising from WannaCry which used an SMB:1 exploit. Re-reading RFC7530 in the light of that experience gives me grave concern.
- [secdir] SECDIR Review of draft-ietf-nfsv4-umask-… Phillip Hallam-Baker
- Re: [secdir] SECDIR Review of draft-ietf-nfsv4-um… Spencer Dawkins at IETF
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… David Noveck
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Watson Ladd
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Phillip Hallam-Baker
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Nico Williams
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Nico Williams
- [secdir] RPCSEC_GSS analysis (was Re: [nfsv4] SEC… Nico Williams
- Re: [secdir] [nfsv4] RPCSEC_GSS analysis (was Re:… Nico Williams
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… David Noveck
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… David Noveck
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Nico Williams
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Spencer Dawkins at IETF
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… David Noveck
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Phillip Hallam-Baker
- Re: [secdir] [nfsv4] SECDIR Review of draft-ietf-… Spencer Dawkins at IETF