Re: [Nbd] [PATCH] Improve documentation for TLS

To: Eric Blake <eblake@...696...>
Cc: "nbd-general@lists.sourceforge.net" <nbd-general@lists.sourceforge.net>, Wouter Verhelst <w@...112...>, "Daniel P. Berrange" <berrange@...696...>, "qemu-devel@...530..." <qemu-devel@...530...>
Subject: Re: [Nbd] [PATCH] Improve documentation for TLS
From: Alex Bligh <alex@...872...>
Date: Thu, 7 Apr 2016 16:52:07 +0100
Message-id: <EA137221-2268-4066-9E58-D9691F855A4B@...872...>
In-reply-to: <57067E49.8010608@...696...>
References: <1460028959-59091-1-git-send-email-alex@...872...> <20160407115159.GE19932@...696...> <4B431A9F-94A5-4F35-BE43-8C1E5767D0E3@...872...> <97F7DE7A-30CA-49C0-8122-51B3FD71B7E3@...872...> <57067E49.8010608@...696...>

Eric,

(this crossed with v2)

On 7 Apr 2016, at 16:35, Eric Blake <eblake@...696...> wrote:

> On 04/07/2016 06:36 AM, Alex Bligh wrote:
>> 
>> On 7 Apr 2016, at 13:13, Alex Bligh <alex@...872...> wrote:
>> 
>>> I guess it's worth documenting
>>> this, though I thought it was obvious.
>> 
>> The next version will have this section:
>> 
>> ### Downgrade attacks
>> 
>> A danger inherent in any scheme	relying	on the negotiation
> 
> too much space

Yeah the paste between emacs and OS-X Mail probably has
tabs in. I checked version 2 with hexdump -C and
that line is OK.

>> * The MitM hijacks a session and impersonates the client
>>  (possibly by proxying	it) claiming not to support TLS. In
>>  this manner the server is confused into oeprating in a plain-text
> 
> s/oeprating/operating/

thx

>>  manner with the MitM (with the session being possibly
>>  proxied to the server with the method above).
> 
> s/server/client/

thx

>> 
>> With regard to the first, any client that does not wish
>> to be subject to potential downgrade attack SHOULD ensure
>> that if	a TLS endpoint is specified by the client, it
>> ensures	that TLS is negotiated prior to	sending	or
>> requesting sensitive data. To recap, yhe client MAY send
> 
> s/yhe/the/

thx

>> `NBD_OPT_STARTTLS` at any point	during option haggling,
>> and MAY	disconnect the session if `NBD_REP_ACK`	is not
>> provided.
> 
> Probably want to add: "but the client SHOULD strongly consider sending
> `NBD_OPT_STARTTLS` as its first option"

That's now elsewhere, but I've expanded that anyway in v2.

>> With regard to the second, any server that does	not wish
>> to be subject to a potential downgrade attack SHOULD either
>> used FORCEDTLS mode, or	should force TLS on those exports
>> it is concerned about using SELECTIVE mode and TLS-only
>> exports. It is not possible to avoid downgrade attacks
>> on exports which are may be served either via TLS or
>> in plain text.
> 
> Probably want to add: "OPTIONALTLS mode SHOULD NOT be used if there is a
> potential for man-in-the-middle attacks"

I've said "where man-in-the-middle attacks are a concern".

These will all be in v3.

--
Alex Bligh

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Reply to:

References:
- [Nbd] [PATCH] Improve documentation for TLS
  - From: Alex Bligh <alex@...872...>
- Re: [Nbd] [PATCH] Improve documentation for TLS
  - From: "Daniel P. Berrange" <berrange@...696...>
- Re: [Nbd] [PATCH] Improve documentation for TLS
  - From: Alex Bligh <alex@...872...>
- Re: [Nbd] [PATCH] Improve documentation for TLS
  - From: Alex Bligh <alex@...872...>
- Re: [Nbd] [PATCH] Improve documentation for TLS
  - From: Eric Blake <eblake@...696...>

Prev by Date: Re: [Nbd] [PATCH v2] doc: Add NBD_CMD_BLOCK_STATUS extension
Next by Date: Re: [Nbd] [PATCH] Document NBD_CMD_CLOSE
Previous by thread: Re: [Nbd] [PATCH] Improve documentation for TLS
Next by thread: Re: [Nbd] [PATCH] Improve documentation for TLS
Index(es):
- Date
- Thread