Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcrypt

"Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net> Sat, 30 September 2017 08:02 UTC

Return-Path: <ietf@kuehlewind.net>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 753B71344AF for <tcpinc@ietfa.amsl.com>; Sat, 30 Sep 2017 01:02:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); domainkeys=pass (1024-bit key) header.from=ietf@kuehlewind.net header.d=kuehlewind.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UyvJ48C4KiOT for <tcpinc@ietfa.amsl.com>; Sat, 30 Sep 2017 01:02:10 -0700 (PDT)
Received: from kuehlewind.net (kuehlewind.net [83.169.45.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B44071344A7 for <tcpinc@ietf.org>; Sat, 30 Sep 2017 01:02:09 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=kuehlewind.net; b=RGjYeHYGT1N3W2wwYWm5w2lxo2SfDY8V4lMUzO2AGAWxG+SEdi18V04gLrorDXwN19nCfo+IM9J/N5uy70PaUJHAs56qKj7rIkPnNG8ZhQrtiaDlHCb+C9bkyrPlqVeEgUi+L2n5OBN7ZcUdvN09lHSRsMJpCIOexy25Ff7agVE=; h=Received:Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-PPP-Message-ID:X-PPP-Vhost;
Received: (qmail 17558 invoked from network); 30 Sep 2017 10:02:06 +0200
Received: from pd9e11848.dip0.t-ipconnect.de (HELO ?192.168.178.33?) (217.225.24.72) by kuehlewind.net with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 30 Sep 2017 10:02:06 +0200
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: "Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net>
In-Reply-To: <20170929203434.GA73214@scs.stanford.edu>
Date: Sat, 30 Sep 2017 10:02:06 +0200
Cc: draft-ietf-tcpinc-tcpcrypt.all@ietf.org, tcpinc <tcpinc@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D78092B0-4C01-47D6-9B5D-9DB1DA5EFA83@kuehlewind.net>
References: <D38E22E9-FBB6-40D1-BF85-D5A77F5C2365@kuehlewind.net> <20170830223758.GA73969@scs.stanford.edu> <3a8ac0e0-cd41-57c8-85a4-79c5f179385f@kuehlewind.net> <20170929203434.GA73214@scs.stanford.edu>
To: Daniel B Giffin <dbg@scs.stanford.edu>
X-Mailer: Apple Mail (2.3273)
X-PPP-Message-ID: <20170930080206.17552.29437@lvps83-169-45-111.dedicated.hosteurope.de>
X-PPP-Vhost: kuehlewind.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/ZC9pzvscI696K9AL1nakMKPrtNU>
Subject: Re: [tcpinc] AD review of draft-ietf-tcpinc-tcpcrypt
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Sep 2017 08:02:13 -0000

Hi Daniel,

see below.

> Am 29.09.2017 um 22:34 schrieb Daniel B Giffin <dbg@scs.stanford.edu>du>:
> 
> Hi Mirja (et al.),
> 
> Below I've tried to address the concerns you last raised.
> We're ready to submit the tcpcrypt and ENO documents as soon
> as we're all happy with these last few details.
> 
> Mirja wrote:
>> The assignment should only be made in one of the documents and I think this
>> one it the right one. So that should be removed from
>> draft-ietf-tcpinc-tcpeno.
> 
> Ok, great ... we will strip those assignments from ENO.

Okay.

> 
>> So in RFC793, if I recognize correctly, abort is rather something like a
>> silent close. Is this what you want, or would it make sense to send a reset?
> 
> You're right, this wasn't clear.  I've inserted this paragraph
> at the end of Section 3.3:
> 
>   Throughout this document, to "abort the connection" means to issue
>   the "Abort" command as described in [RFC793], Section 3.8.  That is,
>   the TCP connection is destroyed, RESET is transmitted, and the local
>   user is alerted to the abort event.

Good.

> 
>> No, what I meant is maybe to say this:
>> 
>> "A host MUST NOT resume with a session secret if it has already failed
>>    to negotiated resumption in the past with the same secret,
>>    in either role."
>> 
>> Is that still what you wanted to say? If so, I think that's more clear.
> 
> Not quite; I've changed the wording of that paragraph (in Section 3.5) to be
> more straitforward:
> 
>   A session secret may not be used to secure more than one TCP
>   connection.  To prevent this, a host MUST NOT resume with a session
>   secret if it has ever enabled encryption in the past with the same
>   secret, in either role.  In the event that two hosts simultaneously
>   send SYN segments to each other […]

Ah, I think I actually missed the word session previously. But adding this sentence makes it even more clear. Thanks.

> 
> Lastly, concerning FIN/FINp in Section 3.7:
> 
>> I would rather state this the other way around:
>> 
>> "If the TCP FIN is set (on the last segment), the sender MUST set the "FINp"
>> bit on the last frame that is send in that segment (unless it aborts the
>> connection). A sender MUST NOT set the "FINp" bit except when the TCP FIN
>> flag is set on the segment carrying that frame."
>> 
>> I know that sounds a bit confusing and maybe you can phrase it better. The
>> point is you should not re-define (normatively) when the TCP FIN flag must
>> be set, as this is defined in RFC793 and it is not good practice to define
>> things twice in different documents.
> 
> Got it.  I've amended it to this, which avoids any
> redefinition of FIN usage:
> 
>   A sender MUST set the "FINp" bit on the last frame it sends in the
>   connection (unless it aborts the connection), and on no other frame.
> 
>   A receiver MUST NOT report the end-of-file condition to the
>   connection's local user until receiving a frame with the "FINp" bit
>   set.  If a host receives a segment with the TCP FIN flag set but the
>   received datastream including this segment does not contain a frame
>   with "FINp" set, the host SHOULD abort the connection and raise an
>   error condition distinct from the end-of-file condition; however, if
>   there are unacknowledged segments whose retransmission could
>   potentially result in a valid frame, the host MAY instead drop the
>   segment with the TCP FIN flag set.
> 
> Does that seem better?

Yes, it’s better. It doesn't redefines what to do with the FIN, so that’s good. For the first sentence it now sounds like this is independent of the FIN in the regular TCP. Is there a reason why you don’t want to go for a phrasing as I proposed where you say something like if TCP would set the FIN (as defined in RFC793) you also have to set the FINp?

Anyway that’s not a big issue. Please just make a decision about what's the right thing to do here and resubmit as soon as possible. I really would like to start the IETF Last call soon, however, I would also like to start it together with the tcpeno draft.

Mirja



> 
> d
>