[tsvwg] Re: Erik Kline's No Objection on draft-ietf-tsvwg-sctp-zero-checksum-10: (with COMMENT)

Michael Tuexen <michael.tuexen@lurchi.franken.de> Mon, 03 June 2024 12:37 UTC

Return-Path: <michael.tuexen@lurchi.franken.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 93BEEC14F6F0; Mon, 3 Jun 2024 05:37:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.627
X-Spam-Status: No, score=-1.627 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.259, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id d_BFjxmTpWFM; Mon, 3 Jun 2024 05:37:39 -0700 (PDT)
Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B740C14F6E3; Mon, 3 Jun 2024 05:37:35 -0700 (PDT)
Received: from smtpclient.apple (unknown [IPv6:2a02:c6a0:3052:202:426:f94f:5ea9:b622]) (Authenticated sender: lurchi) by mail-n.franken.de (Postfix) with ESMTPSA id C7322721E2806; Mon, 3 Jun 2024 14:37:30 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\))
From: Michael Tuexen <michael.tuexen@lurchi.franken.de>
In-Reply-To: <171737624829.19878.7808025887159359811@ietfa.amsl.com>
Date: Mon, 03 Jun 2024 14:37:30 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <05A540E5-C89B-41C4-9292-20976C65FDCB@lurchi.franken.de>
References: <171737624829.19878.7808025887159359811@ietfa.amsl.com>
To: Erik Kline <ek.ietf@gmail.com>
X-Mailer: Apple Mail (2.3774.600.62)
X-MailFrom: michael.tuexen@lurchi.franken.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tsvwg.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-tsvwg-sctp-zero-checksum@ietf.org, tsvwg-chairs <tsvwg-chairs@ietf.org>, tsvwg@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [tsvwg] Re: Erik Kline's No Objection on draft-ietf-tsvwg-sctp-zero-checksum-10: (with COMMENT)
List-Id: Transport Area Working Group <tsvwg.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/zszKHC4O1sqPFAJNAQ-gFAqph5o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Owner: <mailto:tsvwg-owner@ietf.org>
List-Post: <mailto:tsvwg@ietf.org>
List-Subscribe: <mailto:tsvwg-join@ietf.org>
List-Unsubscribe: <mailto:tsvwg-leave@ietf.org>

> On 3. Jun 2024, at 02:57, Erik Kline via Datatracker <noreply@ietf.org> wrote:
> Erik Kline has entered the following ballot position for
> draft-ietf-tsvwg-sctp-zero-checksum-10: No Objection
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
> for more information about how to handle DISCUSS and COMMENT positions.
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-tsvwg-sctp-zero-checksum/
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> # Internet AD comments for draft-ietf-tsvwg-sctp-zero-checksum-10
> CC @ekline
> * comment syntax:
>  - https://github.com/mnot/ietf-comments/blob/main/format.md
> * "Handling Ballot Positions":
>  - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/
> ## Comments
> ### S7
> * Should (SHOULD?) there be a section about considerations for the TAPS API?
Hi Eric,

in general this is an interesting question. Right now, SCTP related documents
have socket API considerations and some TCP related ones, too. This is always
based on some implementation experience. Unfortunately, I don't know if there
is some open source TAPS implementation available, which supports SCTP.
Focussing on your question to this specification: I think there is no
need to expose this to the TAPS user. Right now, the TAPS API contains in
properties related to the checksum coverage. In my view, this is important since
the upper layer needs to specify if the user data needs the protection provided
be a checksum. However, this document specifies a way to use incorrect checksums
of zero if there is an alternate error detection method. So using this feature
does not weaken the error protection provided. Therefore, the application does
not need to know, if this feature is used or not. Within the TAPS implementation,
if can be decided, if alternate error detection methods are used and then not
do the CRC32c computations.
> ### S9
> * Is a DoS attack possible via a downgrade attack style mechanism?
>  I.e., if a sender does not include this option but an on-path attacker
>  is able to inject it, I suppose the worst that happens is that incorrectly
>  zero-valued checksum packets are dropped all over the place.
I thought about this. In the particular case of SCTPoverDTLS this is not possible,
since the SCTP handshake runs over a protected channel and an on-path attacker
can not modify the SCTP packets.
In general, for future alternate error detection methods an on-path attacker can
do this. However, the result will be that packets are dropped by an endpoint,
which expects correct CRC32c values, but gets 0 instead. From the sender side,
this looks like as if there is a middlebox, which can't deal with incorrect
checksums of zero and the sender has already to deal with this and after 2 RTOs
switch to using a correct CRC32c. So this impact of such an attack is limited.
An on-path attacker can insert incorrect CRC32c already in the base protocol and
the receiver will compute the CRC32c just to see that the packet will be dropped.
So I don't see there any substantial new attack surface, but if you would prefer,
I can suggest some text to make this clear.

Best regards
>  Nevertheless, is such a thing possible?