Re: [apps-discuss] APPSDIR review of draft-ietf-insipid-session-id-reqts-08
"Paul E. Jones" <paulej@packetizer.com> Wed, 25 September 2013 00:47 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AD9D11E819B; Tue, 24 Sep 2013 17:47:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f+kRwrRrj6pG; Tue, 24 Sep 2013 17:47:12 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) by ietfa.amsl.com (Postfix) with ESMTP id 9212211E819A; Tue, 24 Sep 2013 17:47:12 -0700 (PDT)
Received: from [192.168.1.20] (rrcs-98-101-148-48.midsouth.biz.rr.com [98.101.148.48]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id r8P0l6Z0007371 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 24 Sep 2013 20:47:07 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1380070028; bh=n73/Ip7dNOFO6M3kpDsWJR6CEt4YGheX8PbrRenKq3Y=; h=From:To:Subject:Cc:Date:Content-Transfer-Encoding:Content-Type: In-Reply-To:Message-Id:Mime-Version:Reply-To; b=iI9I8LrX1vPEBWFbuix0N2UWV86PMIJlp4UC+Hnvtr1F3nL2PWTdAMs0pkuCKnFGe L98wcyqoCeElq2Z0n74GB4PQYH5S5JqG+BUkSQjn3YvGNKg+gzgUBEsdMPgohSfJeu qGPAjdiILAvQ/3uwpYdM/hsPGBaGKjRegpZvrm4E=
From: "Paul E. Jones" <paulej@packetizer.com>
To: "Vijay K. Gurbani" <vkg@bell-labs.com>
Date: Wed, 25 Sep 2013 00:47:12 +0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; format="flowed"; charset="utf-8"
In-Reply-To: <52405E5B.7080207@bell-labs.com>
Message-Id: <em88c5753f-e9a3-4d3e-89bc-69e8596ba6dc@sydney>
Mime-Version: 1.0
User-Agent: eM_Client/5.0.18661.0
Cc: draft-ietf-insipid-session-id-reqts.all@tools.ietf.org, 'James Polk' <jmpolk@cisco.com>, 'IESG IESG' <iesg@ietf.org>, apps-discuss@ietf.org
Subject: Re: [apps-discuss] APPSDIR review of draft-ietf-insipid-session-id-reqts-08
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2013 00:47:17 -0000
Vijay, Thanks for the additional feedback. I will consult with a few of the folks in the WG to see how we can best address your points. Paul ------ Original Message ------ From: "Vijay K. Gurbani" <vkg@bell-labs.com> To: "Paul E. Jones" <paulej@packetizer.com> Cc: draft-ietf-insipid-session-id-reqts.all@tools.ietf.org; "'James Polk'" <jmpolk@cisco.com>; "'IESG IESG'" <iesg@ietf.org>; apps-discuss@ietf.org Sent: 9/23/2013 11:29:31 AM Subject: Re: [apps-discuss] APPSDIR review of draft-ietf-insipid-session-id-reqts-08 >On 09/20/2013 04:07 PM, Paul E. Jones wrote: >>Vijay, >> >>(My email client did not format that well. Let me try to correct >>that...) >> >>I apologize for taking so long to get back to you. This has been an >>extremely busy week for me. > >Paul: No problem. Please see inline. > >>I understand. I wasn't trying to be combative. Rather, I'm just >>stating that I'm not sure what more is needed. Please don't assume I >>was being argumentative, as that certainly was not the intent. > >No worries; I just wanted to make sure that if you made any changes, >they would be driven by what you would also consider actual problems, >and not driven by just trying to placate me :-) > >>I cannot recall who introduced that language into that text, but the >>desire would be prevent two things: [...] >>The proposed remedies in that paragraph are to mandate REQ6 and >>encourage encryption. > >Right, it is the "encourage encryption" part that I think should garner >some attention. One way to do so is suggested below. > >>REQ5 does not, in itself, assume or require some kind of security. In >>a >>trusted service provider network, for example, the value might be >>inserted at the edge by an SBC and no encryption used through the >>service provider domain. > >SIP has developed this notion of a trust domain as a set of SIP nodes, >including B2BUAs, that are trusted to exchange some private information >among (and between) themselves. This function goes by the wonderful >name of Spec(T) and is fully defined in rfc3324. Other pieces of work >[1,2] that forsee a need to define a trust domain simply use the >Spec(T) function to do so. > >>The required security differs based on the environment. As I mentioned >>above, a service provider domain may have minimal internal security >>requirements, placing all security at the edge. Likewise, the issues >>related to the Session-ID are not unlike those of the Call-ID. In >>fact, >>an attack on the Call-ID or "To" header in SIP is far more problematic >>than an attack on the Session-ID. So, while I think most real-world >>implementations of SIP (ignoring Session-ID) should use TLS, at the >>very >>least, we cannot insert a requirement for use of any particular >>security >>mechanism. > >The Spec(T) mechanism at least allows you to state that you have >thought of the security ramifications of the header being sent out in >cleartext, and therefore, domains that wish to exchange the header in >non cleartext format should comply to Spec(T). You can define Spec(T) >as is done in [1], without having to delve into the mandating TLS or >choosing cipher specs for TLS. > >It seems appropriate that if we know that usurping the session >identifier will lead to problems then we at least try to provide a way >to mitigate these problems without mandating specific security >policies. >I think Spec(T) allows you to do so. > >Regarding the statement that an attack on the Call-ID or "To" header >being more disruptive than an attack on Session-ID, sure I agree. But >at least we have rfc4474 to mitigate that (I understand it is not used >widely, but it *is* there). > >>I do not disagree, but I cannot insert a requirement into this text >>that >>says TLS must be used. There may be folks who would oppose that. I >>think the particular means through which the requirements are met >>should >>be spelled out only in the solution text. If you really disagree, we >>can go back to the WG and raise the point. I certainly have no >>objection to that. > >I am not privy to the discussions that happened in the working group >along making TLS mandatory. But from your description it seems that >the working group does not want to mandate it. Maybe couching the >security aspects in terms of Spec(T) will suffice? > >[1] See Section 5.4 of >http://tools.ietf.org/html/draft-ietf-soc-load-control-event-package-09 >[2] >http://tools.ietf.org/html/draft-vanelburg-dispatch-private-network-ind-02 > >Thanks, > >- vijay >-- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent >1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA) >Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani@alcatel-lucent.com >Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq
- [apps-discuss] APPSDIR review of draft-ietf-insip… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Paul E. Jones
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Paul E. Jones
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… James Polk
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Paul E. Jones
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Paul E. Jones
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Paul E. Jones
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Gonzalo Camarillo
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Vijay K. Gurbani
- Re: [apps-discuss] APPSDIR review of draft-ietf-i… Gonzalo Camarillo