Revert "sm: implement post-CER/CEA TLS upgrade" (#243)#244
Conversation
This reverts commit 64dabe9.
Apology and ClarificationFirst, I want to apologize for the incorrect RFC citation in the original PR. The quote I attributed to RFC 6733 §6.2 was wrong — §6.2 covers "Diameter Answer Processing," not TLS. That was my mistake, likely from confusing RFC 3588 language with RFC 6733, and I should have verified the reference before submitting. I'm sorry for the confusion this caused. That said, I'd like to revisit the conclusion that post-CER/CEA TLS upgrade is "removed/deprecated behavior that should not have landed," because the RFC tells a more nuanced story. MUST vs SHOULD vs NOT RECOMMENDED (RFC 2119)RFC 6733 §1.1.2 states that keywords are interpreted per RFC 2119. That document defines:
These are not interchangeable. The RFC authors deliberately chose SHOULD over MUST in the relevant sections. What RFC 6733 actually says (verified quotes)§5.6 — Peer State Machine (page 69):
This is SHOULD, not MUST. The RFC explicitly allows exceptions. §5.6 — Backward compatibility scenario (same paragraph, page 69):
This describes a scenario where TLS is initiated after CER/CEA (i.e., in the open state), but does not itself specify the signaling mechanism. §13 — Security Considerations (page 140) provides the signaling requirement:
§5.6 describes when you may do it (backward compatibility with RFC 3588 peers). §13 describes how to do it correctly (Inband-Security-Id in CER/CEA, TLS handshake after open state is reached). Together they define the post-CER/CEA TLS upgrade mechanism with MUST-level requirements for correct implementation. §6.10 — Inband-Security-Id AVP (page 84):
NOT RECOMMENDED, not MUST NOT. §1.1.3 — Changes from RFC 3588 (page 11):
The RFC explicitly states the old method is retained. §2.1 — Transport (page 22):
MAY, with an acknowledged tradeoff — not a prohibition. §11.3.13 — IANA Considerations (page 138):
"Deprecated" in IETF context means discouraged for new use, not removed or prohibited. Important constraint: plain connections onlyReading §2.1 and §5.6 together, the post-CER/CEA TLS upgrade path applies to plain TCP/SCTP connections when interoperating with RFC 3588 peers. Per §2.1, a Diameter node "MUST always be prepared to receive connections on port 3868" and RFC 6733 nodes should also accept on port 5658 for TLS. An RFC 3588 peer only accepts connections on 3868 (plain). The initiator connecting to such a peer establishes a plain TCP/SCTP connection, then uses Inband-Security-Id in CER/CEA to negotiate TLS upgrade. The flow is:
The implementation constraint is: only offer/accept Inband-Security-Id=TLS upgrade on connections that are not already TLS-protected. If TLS is already active, the AVP is meaningless. This is a guard the implementation should enforce. Summary
What I think the right path forward isI acknowledge the original PR had real problems: the wrong RFC citation, and the implementation issues raised in review. But the feature itself — post-CER/CEA TLS upgrade for backward compatibility with RFC 3588 peers — is defined across §5.6 and §13 of RFC 6733 with normative text describing both when it applies and how to do it correctly. I'd be happy to resubmit with:
All citations verified against the full text of RFC 6733 and RFC 2119. Also as a clarification may of the PR's I have submitted is due to finding running a compliance suite thats very detailed and has 25 plus years evolution. |
|
First I will just admit right away that I didn't fully read all the above, because there are way too many things to follow and my brain hurts while trying to weigh everything in 😝 (I'm getting old...). Pasting all the arguments into my AI-buddy might help, but... I won't... So I just wanted to say that I made the observation primarily because I implemented TLS and D-TLS in my stack (also Go-lang) and I remembered it starting before CEx, so a simpler just-transport topic. Hence this was a potential incompatibility, which I just wanted to verify against my mental model, as well as for interoperability. And a few more short points, maybe they help:
@tridentsx Could you maybe share what that compliance suite is? I would be interested in checking it out a bit, but as you could probably tell, I'm not much for strict compliance, rather would be more practical. Of course, I would also understand if this is some private telecom stuff, which you can't share. |
|
For the suite I cant share it proprietary. The standard though is not ambigous it clearly states in the RFC that should work but is not the preferred way , so the question is what is the goal of this project to be RFC compliant or not ? Is this affecting your application in any way ? Not having it does affect mine ! When it comes to arguments about age of standards we still use ss7 signalling established in early 1980's, diameter is a telco protocol and telocs are extremly conservative and there are more products out there compliant to old 3588 spec than 6733 This document obsoletes RFC 3588 but is fully backward compatible o Deprecated the use of the Inband-Security AVP for negotiating |
|
Like I said: if there is even a single stack which does that and you need to interconnect with it, of course, you must go for it. I'm not against you, was just bringing up the philosophical point about better security and all that blah-blah-blah of "newer" options. And I might be biased, because in my experience with Diameter dating back to 2004, I never saw in-prod RFC3588 stacks using TLS. Which doesn't mean that it wasn't supported or used somewhere maybe. If it is RFC6733 compliant too, it's not affecting me or anyone else, of course. Yes, telcos are backwards and cheap in sooo many ways 🙃, including in keeping their SS7 mindbogglingly exploits, such that Diameter still feels modern... Well, at least we don't have to do this in COBOL 🤣! |
…x#243)" (fiorix#244) This reverts commit 64dabe9.
…x#243)" (fiorix#244) This reverts commit 64dabe9.
…x#243)" (fiorix#244) This reverts commit 64dabe9.
Summary
Why
@vingarzan pointed out on #238 that the PR was based on a misreading
of RFC 6733:
after CER/CEA. The pre-existing TLS-on-listen path already implements
this and is the spec-compliant approach.
original PR description was fabricated.
The merged code implements removed/deprecated behavior and should not
have landed. Reopening #238 for further discussion if a legitimate
need surfaces.
Test plan
go test ./...passes after revert