Re: [tsvwg] Ambiguities in RFC 4895: Auth chunks for SCTP
Nagesh shamnur <nagesh.shamnur@huawei.com> Thu, 06 June 2019 06:30 UTC
Return-Path: <nagesh.shamnur@huawei.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE25512019D for <tsvwg@ietfa.amsl.com>; Wed, 5 Jun 2019 23:30:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e7e_LdENsNN7 for <tsvwg@ietfa.amsl.com>; Wed, 5 Jun 2019 23:30:08 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D0EA12019C for <tsvwg@ietf.org>; Wed, 5 Jun 2019 23:30:08 -0700 (PDT)
Received: from LHREML713-CAH.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 5FADBB0E87F4B90A1B15; Thu, 6 Jun 2019 07:30:06 +0100 (IST)
Received: from dggeme712-chm.china.huawei.com (10.1.199.108) by LHREML713-CAH.china.huawei.com (10.201.108.36) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 6 Jun 2019 07:30:05 +0100
Received: from dggeme761-chm.china.huawei.com (10.3.19.107) by dggeme712-chm.china.huawei.com (10.1.199.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1591.10; Thu, 6 Jun 2019 14:30:03 +0800
Received: from dggeme761-chm.china.huawei.com ([10.6.66.35]) by dggeme761-chm.china.huawei.com ([10.6.66.35]) with mapi id 15.01.1591.008; Thu, 6 Jun 2019 14:30:03 +0800
From: Nagesh shamnur <nagesh.shamnur@huawei.com>
To: "tsvwg@ietf.org" <tsvwg@ietf.org>, "michael.tuexen@lurchi.franken.de" <michael.tuexen@lurchi.franken.de>, "ekr@rtfm.com" <ekr@rtfm.com>, "randall@lakerest.net" <randall@lakerest.net>
CC: Ashutosh prakash <ashutosh.prakash@huawei.com>
Thread-Topic: Ambiguities in RFC 4895: Auth chunks for SCTP
Thread-Index: AdUVXbvsbLksbc5hRieYTlR/mpOx6AG0ksrQ
Date: Thu, 06 Jun 2019 06:30:03 +0000
Message-ID: <506fb3f39eaf4940a00a1970d61cbb8e@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.18.156.80]
Content-Type: multipart/alternative; boundary="_000_506fb3f39eaf4940a00a1970d61cbb8ehuaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/uBVvpLq8JfctCpPT1IoFtgH6eps>
Subject: Re: [tsvwg] Ambiguities in RFC 4895: Auth chunks for SCTP
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2019 06:30:14 -0000
Dear All,
Any thoughts on the below mail regarding SCTP RFC 4895 issues?
Regards,
Nagesh S
From: Nagesh shamnur
Sent: 28 May 2019 19:39
To: 'tsvwg@ietf.org' <tsvwg@ietf.org>
Cc: Ashutosh prakash <ashutosh.prakash@huawei.com>
Subject: Ambiguities in RFC 4895: Auth chunks for SCTP
Hi Group,
Greetings. While going the RFC 4895: Auth chunks for SCTP, I found there are some discrepancies which might have been encountered by everyone who have implemented this RFC. So, for the benefit of all, I have listed all the issues which I found has problem and how to address these issues. Request all to check and provide your feedback on the same.
Considering the count, I feel, it calls for a bis document.
Issue-1:
--------
Type: Technical
3.1. Random Parameter (RANDOM)
Issue text:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type = 0x8002 | Parameter Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
\ Random Number /
/ +-------------------------------\
| | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Random Number: n bytes (unsigned integer)
This value represents an arbitrary Random Number in network byte
order.
Modified to:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type = 0x8002 | Parameter Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
\ Random Number (32 bytes) /
/ \
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Random Number: 32 bytes (unsigned integer)
This value represents a 32 bytes of Random Number in network byte
order.
Notes:
The parameter random in the section 3.1 mentions that the length of
the random parameter is of variable length and so padding bytes are
required, whereas in section 6, it clearly says that the length of
the random parameter needs to be exactly 32 bytes. Both the sections
are contradicting each other and hence needs to be synchronized.
Issue-2:
--------
Type: Technical
Handling of invalid or unsupported chunks
Issue text:
RFC 4895 doesn't explain the handling of invalid or unsupported chunks.
which can be received in the Chunk List Parameter (CHUNKS) (sec 3.2).
Modified to:
While handling the parameter Chunk List Parameter (CHUNKS), if a
chunk type is unknown or unrecognized chunk, then the receiver
MUST ignore this chunk and don't need to add it to AUTH chunk list.
Notes:
Since these chunks are unrecognized chunks, the local node would
not send these chunks to peer and hence situation doesn't arise
for sending these chunks in an authenticated way to peer node.
It is better to be present in the RFC explicitly stating the action
to be taken, when such a case arises.
Issue-3:
--------
Type: Technical
4.1. Unsupported HMAC Identifier Error Cause
Issue text:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code = 0x0105 | Cause Length = 6 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HMAC Identifier | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Modified to:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code = 0x0105 | Cause Length = 6 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HMAC Identifier 1 | HMAC Identifier 2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ /
\ ... \
/ /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HMAC Identifier n | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Notes:
Though currently only 2 HMAC algorithms are supported SHA-1 and SHA-256,
but for extensibility, in future new HMAC algorithms might be registered.
In such case, the current packet format, doesn't support such an
extension.
Also, even when only 2 HMAC algorithms (SHA-1 and SHA-256) is currently
supported, sec 3.3 (HMAC-ALGO) still supports more than 2 identifiers,
the same format can be even extended to unsupported HMAC Identifier Error
cause.
Issue-4:
--------
Type: Technical
AUTH negotiation Procedure
Issue text:
Authenticated chunks negotiation sub-section is not present, due to
which negotiation procedure is not well explained and documented thus
leading to ambiguities in association states between local and remote
nodes.
Modified to:
Need to add a sub-section "Authenticated chunks negotiation" as a part
of section 6 which explains the AUTH negotiation procedure.
Notes:
If the local node supports AUTH and peer doesn't support AUTH, then
the AUTH related parameters sent in INIT by local node will be ignored
by peer node since the upper 2 bits for AUTH related parameters is 10
which as per RFC 4960, needs to ignore and continue processing with other
parameters in the INIT/INIT-ACK chunk.
Eventually association would get established but meaningful data transfer
wouldn't happen since one endpoint would be expecting data in an
authenticated way but the other endpoint would be sending the in un-AUTH
mode, resulting in association getting closed eventually.
Presence of this sub-section is required, absence of this sub-section
is leading to ambiguity with respect to association capability at local
and remote node (one side will be AUTH enabled and other side isn't). Also
both the endpoints of the association should know this by the time association
establishment procedure is completed and thus both sides needs to switch
to non-AUTH mode for compatibility.
Issue-5:
--------
Type: Editorial
Order of concatenation of parameters to form byte vectors
Issue text:
The RANDOM parameter, the CHUNKS parameter, and the HMAC-ALGO
parameter sent by each endpoint are concatenated as byte vectors.
Modified to:
The RANDOM parameter, the CHUNKS parameter, and the HMAC-ALGO
parameter sent by each endpoint are concatenated as byte vectors in
the same order as given.
Notes:
Section 6.1: Establishment of an Association Shared Key though explains
that the creation of key vectors by appending RANDOM, chunks parameter
and HMAC-ALGO parameter which is sent by each endpoint. But it doesn't
explicitly states the order in which the same needs to be encoded. Though
all the implantations are encoding the same in the order of the text in the
RFC, it is thus better to state it explicitly to avoid different
interpretations by the implementers
Subsequent paragraph mentions the order of concatenation of shared key,
shorter key vector and larger key vector, but it doesn't clearly mandates
the encoding order for parameter to generate key vector thus making room
for discrepancies.
Issue-6:
--------
Type: Technical
Inclusion and handling of EXTENSION parameter as defined in RFC 5061
Issue text:
The current RFC 4895 doesn't mandates the sending and processing of
EXTENSION parameter (RFC 5061 sec 4.2.7).
Modified to:
Add the requirement to send and receive EXTENSION parameter in
INIT/INIT-ACK chunk, if endpoints requires AUTH to be supported.
Notes:
The endpoint supporting both RFC 4895 and RFC 5061 send EXTENSION
parameter when it sends INIT/INIT-ACK and also expects peer to send
the same. lksctp has mandated such a behavior. So, to ensure
inter-operability, it was discussed in mailing list in the past to
include this parameter, when supporting only AUTH to ensure
inter-operability.
https://sourceforge.net/p/lksctp/mailman/message/20743069/
Regards,
Nagesh S
- [tsvwg] Ambiguities in RFC 4895: Auth chunks for … Nagesh shamnur
- Re: [tsvwg] Ambiguities in RFC 4895: Auth chunks … Nagesh shamnur
- Re: [tsvwg] Ambiguities in RFC 4895: Auth chunks … Michael Tuexen
- Re: [tsvwg] Ambiguities in RFC 4895: Auth chunks … Nagesh shamnur
- Re: [tsvwg] Ambiguities in RFC 4895: Auth chunks … Nagesh shamnur