IETF Logo Mail Archive

Re: [tsvwg] A review of draft-ietf-tsvwg-udp-options-12

Joseph Touch <touch@strayalpha.com> Sun, 13 June 2021 17:21 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC4E23A21EB for <tsvwg@ietfa.amsl.com>; Sun, 13 Jun 2021 10:21:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.318
X-Spam-Level:
X-Spam-Status: No, score=-1.318 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j7mhQZ1iEP00 for <tsvwg@ietfa.amsl.com>; Sun, 13 Jun 2021 10:21:21 -0700 (PDT)
Received: from server217-4.web-hosting.com (server217-4.web-hosting.com [198.54.116.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72CAF3A21E8 for <tsvwg@ietf.org>; Sun, 13 Jun 2021 10:21:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=M231QgOdNVOolt2rj4Tq7o5y5cRjWgt7i2zbV0Ij0lE=; b=b/ZJ2cRp02u+d3SzabHAfjpivK g+SUtZNOPrAiJWFKbI58Bdfz7A+5gjLJmEXvqrFJEOG4Ia6J0Za/k3M7/KuK5SsZoyVZTbb4wUzer fQmln+cu0CLTLGB246pYEzyyLwr0TCp2MIRSJUnOxp789s3qdBl/RjJWJEfDGDVwZF1jRTBp20Bdm UR/mpIWXsgiZNC9UsEb9cyZikCr+AZoUwkuNMxqH5K/FJuVSw3ZRQ23WhXtQZVozk/gGjIX4seJ9y R3izocLejFijrTJwcqqppGThk28rCHuvUVdJqkB4jIz1EPv4jZq7em+IEGvG6aWptz7Vf5Rn2kI5n siDisGdg==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:59241 helo=[192.168.1.14]) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <touch@strayalpha.com>) id 1lsTnQ-000kHl-6U; Sun, 13 Jun 2021 13:21:20 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_284FDC1E-26EE-4920-A58F-120E4F90B4D8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Joseph Touch <touch@strayalpha.com>
In-Reply-To: <CACL_3VGy-Fit+Hy5mwdnjS+Qqm8sEA=oDQPK_kpzsKNBeHjcUw@mail.gmail.com>
Date: Sun, 13 Jun 2021 10:21:14 -0700
Cc: TSVWG <tsvwg@ietf.org>
Message-Id: <B96B9B29-7368-4D12-BCF7-D9854A138A19@strayalpha.com>
References: <CACL_3VGb_9P5SfPGRJtf1ZBvEhgywc2ZEGr-qbgNOMXV20rFeA@mail.gmail.com> <CACL_3VHyoRr5ju8203DiLTUo-658DCj7ud+1dQE2o0hUPVhF0A@mail.gmail.com> <7D766992-AEEB-434F-BB1D-3817EE07DE61@strayalpha.com> <CACL_3VGy-Fit+Hy5mwdnjS+Qqm8sEA=oDQPK_kpzsKNBeHjcUw@mail.gmail.com>
To: "C. M. Heard" <heard@pobox.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
X-OutGoing-Spam-Status: No, score=-0.5
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/nmz9gXz19eQEzqPQYnsurLilZqs>
Subject: Re: [tsvwg] A review of draft-ietf-tsvwg-udp-options-12
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Jun 2021 17:21:26 -0000

Hi, Mike,

> On Jun 13, 2021, at 10:08 AM, C. M. Heard <heard@pobox.com> wrote:
> 
> - regarding AE being safe
>         This is not considered unsafe for two reasons:
>         1. A(authentication) isn’t unsafe
>         2. Encryption should only be used when sending packets to a party that is keyed; that can/should be known or checked before use anyway.
>         i.e., there’s never a case where you send encrypted text to a party you don’t know should be ready.
> 
> 
> I do not agree that this behaviour is optimum ... I'm of the opinion that authentication should be a contract between the two ends. TC-AO could not have done anything else because unknown TCP options are ignored. UDP-AE can do better. That being said, if there is consensus in the WG for what's in the -12 draft I can live with it.

FWIW, we don’t have any stateful handshake inside of UDP options - that’s deliberate. We COULD add that sort of thing - in the spirit of a zero-byte packet with an option check list (a new option where you list the option codepoints you want to support), but we’ve resisted that because we didn’t want to bake statefulness into the options themselves. In a sense, that state is at the endpoint user layer in how it interprets options only.

It might be sufficient to say that:

	- when AE is used as auth, it has no other restrictions
	- when AE is used as encryption, it MUST be used as an unsafe option, i.e., only as a post-reassembly option on FRAG-buried data

That way users who don’t support encryption wouldn’t get bad data.

Joe

v2.23.0 | Report a Bug | By Email