Re: [secdir] Secdir review of draft-ietf-nfsv4-rfc5666bis-10
Chuck Lever <chuck.lever@oracle.com> Fri, 24 February 2017 21:37 UTC
Return-Path: <chuck.lever@oracle.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BBB312951E; Fri, 24 Feb 2017 13:37:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.088
X-Spam-Level:
X-Spam-Status: No, score=-6.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-1.887, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oN83oqjtVhoz; Fri, 24 Feb 2017 13:37:46 -0800 (PST)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 735E11294F8; Fri, 24 Feb 2017 13:37:46 -0800 (PST)
Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v1OLbigb014180 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 24 Feb 2017 21:37:45 GMT
Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id v1OLbifv003169 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 24 Feb 2017 21:37:44 GMT
Received: from abhmp0011.oracle.com (abhmp0011.oracle.com [141.146.116.17]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id v1OLbhuR008956; Fri, 24 Feb 2017 21:37:43 GMT
Received: from dhcp-whq-5op-3rd-and-4th-floor-gen-off-10-211-47-189.usdhcp.oraclecorp.com (/10.211.47.189) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 24 Feb 2017 13:37:43 -0800
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Chuck Lever <chuck.lever@oracle.com>
In-Reply-To: <BN6PR03MB2449FFB069D85C913D04EA26A0520@BN6PR03MB2449.namprd03.prod.outlook.com>
Date: Fri, 24 Feb 2017 13:37:41 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <96F6D457-9FCA-4A66-ACCB-4F55EB91DBDD@oracle.com>
References: <B2BB177E-540B-4888-BD58-AB2BAF7AD6E6@inria.fr> <EB6E22D3-B8CF-4440-9B73-244EFCE98E13@oracle.com> <BN6PR03MB2449FFB069D85C913D04EA26A0520@BN6PR03MB2449.namprd03.prod.outlook.com>
To: Tom Talpey <ttalpey@microsoft.com>, Vincent Roca <vincent.roca@inria.fr>
X-Mailer: Apple Mail (2.3124)
X-Source-IP: aserv0022.oracle.com [141.146.126.234]
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/X64ZTM80t2mwvFHOPDQgIx5m0W4>
Cc: IESG <iesg@ietf.org>, "draft-ietf-nfsv4-rfc5666bis.all@ietf.org" <draft-ietf-nfsv4-rfc5666bis.all@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-nfsv4-rfc5666bis-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Feb 2017 21:37:48 -0000
> On Feb 24, 2017, at 1:28 PM, Tom Talpey <ttalpey@microsoft.com> wrote: > > [eliding some lines for brevity] > >> -----Original Message----- >> From: Chuck Lever [mailto:chuck.lever@oracle.com] >> Sent: Friday, February 24, 2017 1:58 PM >> To: Vincent Roca <vincent.roca@inria.fr> >> Cc: IESG <iesg@ietf.org>; secdir@ietf.org; draft-ietf-nfsv4- >> rfc5666bis.all@ietf.org >> Subject: Re: Secdir review of draft-ietf-nfsv4-rfc5666bis-10 >> >> >>> On Feb 24, 2017, at 4:59 AM, Vincent Roca <vincent.roca@inria.fr> wrote: >>> >>> Hello, >>> >>> I have reviewed this document as part of the security directorate’s >>> ongoing effort to review all IETF documents being processed by the >>> IESG. These comments were written primarily for the benefit of the >>> security area directors. Document editors and WG chairs should treat >>> these comments just like any other last call comments. >> ... >> Hi Vincent- >> >> Thanks for your review. >> >> I believe your questions are mostly rhetorical, so I will respond to those by >> saying the authors, shepherd, and AD will attempt to address these issues with >> the next document revision. >> >> There is one remaining comment that IMO needs group discussion, below. >> >> >>> ** Privacy or confidentiality? Throughout section 8, authors mention >> "Privacy" inappropriately IMHO. >>> Privacy refers to PII (Personally identifiable information) which is different. >> For instance in section 8.2, when saying: >>> "However, integrity and privacy services require significant movement of >> data on each endpoint host." >>> the authors really mean confidentiality (this is mentioned just above, >>> when saying that RPCSEC_GSS implements "per-message confidentiality"). >> There are several mistakes of that kind throughout section 8. > > Regarding "privacy", this term is used in the document because all the NFS RFC's use it in this way. For example, RFC 7861 "Remote Procedure Call (RPC) Security Version 3" has this: /// enum rpc_gss_service_t { /// /* Note: The enumerated value for 0 is reserved. */ /// rpc_gss_svc_none /// rpc_gss_svc_integrity /// rpc_gss_svc_privacy /// rpc_gss_svc_channel_prot = 4 /// }; The term "privacy" as used in rfc5666bis comes from RPCSEC. > While I agree with you that there is room for confusion, it would be even wider if we switched terminology here. Perhaps we should consider replacing "per-message confidentiality" ? >> ... >>> ** Last sentence: >>> "To address attacks on RDMA protocols themselves, RDMA transport >> implementations should conform >>> to [RFC5042]." >>> "should" or "SHOULD"? >> >> Lower case "should" is used here because this statement is IMO not an >> interoperability directive. I hope I correctly understand the intent of your >> question. >> >> If there is a security requirement that this be changed to the RFC 2119 term, >> please let us know and that can be done. > > I don't think SHOULD is appropriate here. This statement refers to other protocols, in particular lower layers then this document, and in the case of the relevant IETF RDMA protocols, RFC5042 is already a required conformance. Therefore the statement is informational here, and not an RFC2119 usage. > > Tom. > -- Chuck Lever
- [secdir] Secdir review of draft-ietf-nfsv4-rfc566… Vincent Roca
- Re: [secdir] Secdir review of draft-ietf-nfsv4-rf… Chuck Lever
- Re: [secdir] Secdir review of draft-ietf-nfsv4-rf… Tom Talpey
- Re: [secdir] Secdir review of draft-ietf-nfsv4-rf… Chuck Lever