IETF Logo Mail Archive

Re: [Uta] back to smtp-sts-04

Daniel Margolis <dmargolis@google.com> Sat, 22 April 2017 17:35 UTC

Return-Path: <dmargolis@google.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C793A1294FE for <uta@ietfa.amsl.com>; Sat, 22 Apr 2017 10:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rildOGFsKsFe for <uta@ietfa.amsl.com>; Sat, 22 Apr 2017 10:35:29 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AE5F1294F7 for <uta@ietf.org>; Sat, 22 Apr 2017 10:35:28 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id k87so149398685ioi.0 for <uta@ietf.org>; Sat, 22 Apr 2017 10:35:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=8eo+1GbALeLis8+GNJ5viXKmiz34i6BeQrdfoU2rico=; b=Jsvswyf5UKrWTRMXaOSaryOJlhnDwKJhO4M2yL2q9pPePDh9nPr5tSEWctxI2gwAkW fpWySpezjThxkvRO+Y6x5JMxApCd+9PwyBrfIuvDVYfcxp679PTKQSNA2SwmAhZ3Us3X MiVE/M6EDFW+GTjGd2RNlT2nUNfJb8fl2yZguBP6km9UGbF25bLr4r4f6DpdU7BeO5sP 1yhvfRg5BouD5fSl2O0Erq+05n/qWduLDLTyqx00v/SfPlFyrBhmzUZpgMVKYO8IG/2e JZvMoUn2k9xGd8n4XBoiiBOCCUlyW5Ymovn7fQS4PjwkMnKNHNdUyCQR1mmprlXxNl/B VIeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=8eo+1GbALeLis8+GNJ5viXKmiz34i6BeQrdfoU2rico=; b=XWmLvEw77LWgpecLlkZ5DDIK4GdxrviSiRRmwACKqfLlhziK7g1Ped2w01P/yw6ctu WPJlaKQNNPazHJp1N3vcpxi3uStLDcISrv+GDDClJqMHylHpIiZSREUoGK7y9bO4wlYM DoWof/ex/DKlogv9bEsdghb13lfTkqe9UdrG2MBumD3FDS3QhadqOpVLTmrw1icOs+sI 2T2BxyjK1/dAfCIl0V4DCJfiYtTJjsg/bUk4wOpK71LvjgMUlPZ+hh/CtV6V70/bwsiy tRcM1rmfJ9Pp3362Df+PWBG22dlNPsrKtbTTpb9JdsTZ3LXopQWpyJyCVPiddTpTA5Ew jWwQ==
X-Gm-Message-State: AN3rC/6CIdQ1hh7K/Roga1NJJok2aD/6bPDS+X5r9fIFV5y+diXKNafS 0ZZUWtvPiHHRGIfJy3hcNFjJGzAQMiMq8swVGg==
X-Received: by 10.107.170.163 with SMTP id g35mr2583049ioj.101.1492882527619; Sat, 22 Apr 2017 10:35:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.36.111.11 with HTTP; Sat, 22 Apr 2017 10:35:26 -0700 (PDT)
In-Reply-To: <CE55E42E-9845-46A6-B0AA-F56CE56F2936@dukhovni.org>
References: <52dde16a-a3bb-5844-7daa-a349def85049@wizmail.org> <80676A32-78CB-4FFA-AEE4-94DA95102B98@dukhovni.org> <a2a6e5f5-ff3b-272b-abda-b49fe23a485d@wizmail.org> <605FE793-3D82-4C4F-9F93-D50DF4320DF5@dukhovni.org> <9402ac0a4990432f994656ddaf94b9e2@COPDCEX19.cable.comcast.com> <CE55E42E-9845-46A6-B0AA-F56CE56F2936@dukhovni.org>
From: Daniel Margolis <dmargolis@google.com>
Date: Sat, 22 Apr 2017 19:35:26 +0200
Message-ID: <CANtKdUevHbQaUga2=X0tFy4K=po=DL=pKUn-2KZQgRUPTtYAig@mail.gmail.com>
To: uta@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="001a11426222cace0b054dc4ccc4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/oun6kKnotJEOo7RNgr_DG15efZo>
Subject: Re: [Uta] back to smtp-sts-04
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Apr 2017 17:35:32 -0000

On Thu, Apr 6, 2017 at 4:11 PM, Viktor Dukhovni <ietf-dane@dukhovni.org>
wrote:

>
> > On Apr 6, 2017, at 9:17 AM, Brotman, Alexander <
> Alexander_Brotman@comcast.com> wrote:
> >
> > With regard to the JSON policy (though that's STS, not TLSRPT).
> > It's a small file, which given the JSON requirement, should
> > be properly formatted.  I would think this should be relatively
> > easy to parse with standard C string functions.
>
> Here are the line counts for the "*.[ch]" files from what appears
> to be a popular JSON parsing API for C:
>
> $ git clone https://github.com/json-c/json-c.git
> $ cd json-c
> $ wc -l *.[ch] | sort -n
>       11 strdup_compat.h
>       19 json_inttypes.h
>       20 json_c_version.c
>       22 json_c_version.h
>       25 random_seed.h
>       26 libjson.c
>       31 math_compat.h
>       34 json.h
>       35 bits.h
>       45 vasprintf_compat.h
>       55 json_object_private.h
>       63 arraylist.h
>       71 debug.h
>       83 debug.c
>       89 json_util.h
>       91 json_visit.h
>      114 printbuf.h
>      115 json_pointer.h
>      133 json_visit.c
>      143 arraylist.c
>      154 printbuf.c
>      168 json_object_iterator.c
>      208 json_tokener.h
>      238 random_seed.c
>      239 json_object_iterator.h
>      326 json_pointer.c
>      326 json_util.c
>      366 linkhash.h
>      690 linkhash.c
>      901 json_object.h
>      978 json_tokener.c
>     1195 json_object.c
>     7014 total
>
> That does not jive with relatively easy to parse...
>
> JSON supports comments, elements that are integers, strings,
> arrays or associative arrays (nested JSON objects).  JSON
> strings are UTF-8 and allow embedded NUL octets.
>
> Your JSON reference is to the obsolete RFC4627, the non-obsolete
> reference is RFC7159.
>

Thanks. Fixed.


> Speaking of the policy, what should be done if the HTTPS policy
> contains multiple JSON objects, no JSON objects, or broken JSON?
>

   "If a valid TXT record is found but no policy can be fetched via
   HTTPS, and there is no valid (non-expired) previously-cached policy,
   senders MUST treat the recipient domain as one that has not
   implemented MTA-STS."

If you can't parse it, it's not a valid policy, so you fall back to
cached-non-expired or none.

Same as if there's an HTTP timeout, an HTTPS cert validation error, etc.


> Is there a size limit a parser can reasonably impose on the policy
> data to avoid resource exhaustion parsing absurdly large JSON input?
> Could we say for example that a valid STSv1 JSON object must fit in
> 16K bytes or 64K bytes?
>

It's certainly very reasonable to do so in an implementation, to be sure.
Since we already have this text on timeouts:

  "Senders MAY impose a timeout on the HTTPS GET to avoid long delays
   imposed by attempted policy updates.  A suggested timeout is one
   minute; policy hosts SHOULD respond to requests with a complete
   policy body within that timeout"

we could also say the same for a maximum size on the response. As you say,
even a very small limit like 64Kb is "absurdly large", so I am not
convinced we need to specify a hard limit (in the sense that a very
conservative--from the perspective of RAM usage--limit still provides a
huge buffer for valid policies!).

I have added some text to the above paragraph.


> How does a domain get rid of its STS policy?  I thought we had discussed
> using "max_age = 0" for this, which after being in place long enough to
> assure that all previously cached policies have expired can be removed.
> Or might just "404" suffice?
>

Yes, I remember discussing this. But I am not sure such a mechanism is
needed.

1. Domains can publish a "report" policy (with or without a TLSRPT record!)
with a low expiration
2. They have to keep this policy published until "last time the old policy
was published" + "old policy's max_age"

The knock-on effects of this are fairly limited: a) extra record in the
sender's policy cache, and b) maybe some extra CPU cycles spent on starting
any reporting path before discovering there's no TLSRPT record to report
to.

Let's consider in comparison an implementation with a special "opt out"
mechanism (however it works). Would it avoid the above two knock-on
effects, or be easier to publish?

I think for publishing (i.e. the duration required in #2 above) the answer
is "no"; obviously the "opt out" must be published in the same way (i.e.
for the same duration) as any new policy. Similarly, because it must be
published as (effectively) a new policy, senders must still cache it (or
else hit the endpoint every time), so we're still talking about knock-on
effect (a).*

So I think the only argument for adding an explicit opt-out--which I think
is otherwise extra complexity to be avoided--is to avoid (b), i.e., to
avoid any cost of a "report-only" policy which has no reporting endpoint
defined. And I suspect that cost is low, and does not justify even the
minimal additional complexity of an "opt out".

But I may be missing something here, as usual. ;)


* In fact, you could design a behavior where the TXT record indicates if
the new policy is an "opt out" one or not, such that senders who do not
have a cached policy for the domain can be told via DNS-only not to lookup
the new policy, but senders who do have a policy MUST look it up to
determine if it is an authenticated "opt out." But the extra complexity
here is high--making the system quite hard to reason about by introducing a
new variant of the lookup flow--with limited real value.


>
> --
>         Viktor.
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta
>

v2.23.0 | Report a Bug | By Email