From: Eric Blake <eblake@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>,
Alex Bligh <alex@alex.org.uk>
Cc: "nbd-general@lists.sourceforge.net"
<nbd-general@lists.sourceforge.net>, Wouter Verhelst <w@uter.be>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] [PATCH] Improve documentation for TLS
Date: Thu, 7 Apr 2016 08:33:49 -0600 [thread overview]
Message-ID: <57066FCD.20602@redhat.com> (raw)
In-Reply-To: <20160407115159.GE19932@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 2517 bytes --]
On 04/07/2016 05:51 AM, Daniel P. Berrange wrote:
>> +
>> +There are four modes of operation for a server. The
>> +server MUST support one of these modes.
>> +
>> +* The server operates entirely without TLS ('NOTLS'); OR
>> +
>> +* The server makes TLS available (for all exports) and
>> + it is available at the option of the client ('OPTIONALTLS'); OR
>> +
>> +* The server insists upon TLS, and forces the client to
>> + upgrade by erroring any NBD options other than `NBD_OPT_STARTTLS`
>> + with `NBD_REP_ERR_TLS_REQD` ('FORCEDTLS'); this in practice means
>> + that all option negotiation (apart from the `NBD_OPT_STARTTLS`
>> + itself) is carried out with TLS; OR
>> +
>> +* The server provides TLS, and it is mandatory on zero or more
>> + exports, and is available at the client's option on all
>> + other exports ('SELECTIVETLS'). The server does not force
>> + the client to upgrade to TLS during option haggling (as
>> + if the client ultimately chose a non-TLS-only export,
>> + stopping TLS is not possible). Instead it permits the client
>> + to upgrade as and when it chooses, but unless an upgrade to
>> + TLS has already taken place, the server errors attempts
>> + to enter transmission mode on TLS-only exports, MAY
>> + refuse to provide information about TLS-only exports
>> + via `NBD_OPT_INFO`, and MAY refuse to provide information
>> + about non-existent exports via `NBD_OPT_INFO`.
>
> IMHO, we should not permit what you call OPTIONALTLS or SELECTIVETLS,
> because these open possibilities for a MITM to perform downgrade
> attacks, where the MITM runs TLS to the real server, but runs no-TLS
> to the real client.
On a safe interface (like loopback) where there cannot be a MitM attack,
they still make sense. I think the protocol should discourage, but not
forbid, their use (and I think the followup mail does this, by
documenting pitfalls of downgrade attacks).
>
> Both the QEMU NBD server and NBD clients only implement FORCEDTLS.
which is fine. You don't have to implement all four server modes to be
compliant to the protocol, implementing just one is okay.
> ie you tell the client to use TLS and it will refuse to talk to a
> server which doesn't support TLS, and you tell the server to use
> TLS and it will refuse to talk to a client which does not request
> TLS
>
> Regards,
> Daniel
>
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
next prev parent reply other threads:[~2016-04-07 14:33 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-07 11:35 [Qemu-devel] [PATCH] Improve documentation for TLS Alex Bligh
2016-04-07 11:51 ` Daniel P. Berrange
2016-04-07 12:13 ` Alex Bligh
2016-04-07 12:36 ` Alex Bligh
2016-04-07 15:35 ` Eric Blake
2016-04-07 15:52 ` Alex Bligh
2016-04-07 13:56 ` Daniel P. Berrange
2016-04-07 14:08 ` Alex Bligh
2016-04-09 9:50 ` [Qemu-devel] [Nbd] " Wouter Verhelst
2016-04-09 10:05 ` Alex Bligh
2016-04-09 10:29 ` Wouter Verhelst
2016-04-07 14:33 ` Eric Blake [this message]
2016-04-07 14:31 ` [Qemu-devel] " Eric Blake
2016-04-07 14:57 ` Alex Bligh
2016-04-09 9:55 ` [Qemu-devel] [Nbd] " Wouter Verhelst
2016-04-09 10:06 ` Alex Bligh
2016-04-09 9:36 ` Wouter Verhelst
2016-04-09 10:04 ` Alex Bligh
2016-04-09 10:33 ` Wouter Verhelst
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57066FCD.20602@redhat.com \
--to=eblake@redhat.com \
--cc=alex@alex.org.uk \
--cc=berrange@redhat.com \
--cc=nbd-general@lists.sourceforge.net \
--cc=qemu-devel@nongnu.org \
--cc=w@uter.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).