IETF Logo Mail Archive

Re: [bfcpbis] Benjamin Kaduk's No Objection on draft-ietf-bfcpbis-rfc4583bis-26: (with COMMENT)

"Charles Eckel (eckelcu)" <eckelcu@cisco.com> Wed, 05 December 2018 22:47 UTC

Return-Path: <eckelcu@cisco.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11E30130E03; Wed, 5 Dec 2018 14:47:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.961
X-Spam-Level:
X-Spam-Status: No, score=-15.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VlDnsTGUdtS2; Wed, 5 Dec 2018 14:47:47 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A2FE130E14; Wed, 5 Dec 2018 14:47:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5946; q=dns/txt; s=iport; t=1544050067; x=1545259667; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=w++vtX/IEQzmsGlcUnUhOxqXOln05GZss2HJAt0bfNw=; b=aI0BakN6OUIZGMukzbCu0uqVlTXXZbLIL4Zs4e3TRpumbYZiwi5DTgjP PIDiqw0ICYZ/XYIGt4eDbEcU1I7Kz1FVLXEZIu6iuDUo5Fggxzm9z3kOq uSwEoRrFHbQB7UP/hUmM0J7r2AeSMgKpVi94bKGja4cFtf3Krbc+WGoag o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ADAABWVAhc/5tdJa1iAg4LAQEBAQEBAQEBAQEBBwEBAQEBAYFRBAEBAQEBCwGCA2aBAicKg2+IGYwNgg2JEo46gXoLAQEYC4QDRgIXgnoiNAkNAQMBAQIBAQJtHAyFPAEBAQEDAQEhEToLDAQCAQgRAwECAwISFAICAh8GCxUICAIEAQ0FgyEBgWkDFQ+mG4EviAMNghcFgQuLExeBf4ERJx+CTIJXRwEBgWFIDIIwMYImApVpihgnLgkCjhKDLhiRL4kJhXaJWAIRFIEnHziBVXAVOyoBgkGCUIhMhQQ7QTEBiRqBH4EfAQE
X-IronPort-AV: E=Sophos;i="5.56,319,1539648000"; d="scan'208";a="407369571"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Dec 2018 22:47:46 +0000
Received: from XCH-RCD-020.cisco.com (xch-rcd-020.cisco.com [173.37.102.30]) by rcdn-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id wB5MlkZF029878 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 5 Dec 2018 22:47:46 GMT
Received: from xch-aln-018.cisco.com (173.36.7.28) by XCH-RCD-020.cisco.com (173.37.102.30) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 5 Dec 2018 16:47:45 -0600
Received: from xch-aln-018.cisco.com ([173.36.7.28]) by XCH-ALN-018.cisco.com ([173.36.7.28]) with mapi id 15.00.1395.000; Wed, 5 Dec 2018 16:47:45 -0600
From: "Charles Eckel (eckelcu)" <eckelcu@cisco.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>, Benjamin Kaduk <kaduk@mit.edu>
CC: "mary.ietf.barnes@gmail.com" <mary.ietf.barnes@gmail.com>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-bfcpbis-rfc4583bis@ietf.org" <draft-ietf-bfcpbis-rfc4583bis@ietf.org>
Thread-Topic: [bfcpbis] Benjamin Kaduk's No Objection on draft-ietf-bfcpbis-rfc4583bis-26: (with COMMENT)
Thread-Index: AQHUjDeNJYj0YvLoRkeeWdulSFyGfaVwFdUAgAGmQwA=
Date: Wed, 05 Dec 2018 22:47:45 +0000
Message-ID: <4E5CA82F-AB2F-4DE0-BADF-FB48B911FF79@cisco.com>
References: <4809F8B5-F43F-49B0-A638-68935FC5BC5B@cisco.com> <CF3B0A92-4497-41F1-8E8F-66C6327BA46E@ericsson.com>
In-Reply-To: <CF3B0A92-4497-41F1-8E8F-66C6327BA46E@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.13.0.181109
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.70.232.227]
Content-Type: text/plain; charset="utf-8"
Content-ID: <A913CC23AB9DEA45AAA54CAE83DCF5E3@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Outbound-SMTP-Client: 173.37.102.30, xch-rcd-020.cisco.com
X-Outbound-Node: rcdn-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/bfcpbis/5JJymKmtscaHlJSXaTeL8VSSjC0>
Subject: Re: [bfcpbis] Benjamin Kaduk's No Objection on draft-ietf-bfcpbis-rfc4583bis-26: (with COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Dec 2018 22:47:50 -0000

-----Original Message-----
From: bfcpbis <bfcpbis-bounces@ietf.org> on behalf of Christer Holmberg <christer.holmberg@ericsson.com>
Date: Wednesday, December 5, 2018 at 7:37 PM
To: Charles Eckel <eckelcu@cisco.com>, Benjamin Kaduk <kaduk@mit.edu>
Cc: Mary Barnes <mary.ietf.barnes@gmail.com>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-bfcpbis-rfc4583bis@ietf.org" <draft-ietf-bfcpbis-rfc4583bis@ietf.org>
Subject: Re: [bfcpbis] Benjamin Kaduk's No Objection on draft-ietf-bfcpbis-rfc4583bis-26: (with COMMENT)

    Hi,
            
            ....
            
                >>>>> An attacker able to view the SDP exchanges can determine which media flows
                >>>>> contain which content, which could exacerbate existing metadata leakage
                >>>>> channels in some circumstances.
                >>>>>     
                >>>>> I am not sure how that is related to the BFCP SDP negotiation?
                >>>>
                >>>> exchange but the actual media flows are secured with (D)TLS and not visible
                >>>> to the attacker.  The (D)TLS flows will leak some information via packet
                >>>> size/timing, perhaps allowing for traffic analysis to determine what sorts
                >>>> of media flows are going where.  The new attributes in the BFCP SDP
                >>>> negotiation can make this sort of traffic analysis more effective.  I would
                >>>> be fairly receptive if you wanted to say that this is not more noteworthy
                >>>> than for normal SDP security considerations, though.
                >>>
                >>> In general I agree with you that non-protected SDP attributes can help in traffic analysis, but 
                >>> the BFCP attributes only provide information about the BFCP stream itself - they don't even indicate which 
                >>> media streams will be controlled by BFCP to begin with (that is negotiated on BFCP level).
                >>
                >> But, I could add something like:
                >>
                >> "The SDP attributes defined in this specification do not add additional security considerations to the generic 
                >> security considerations for protecting SDP attributes [RFC3264]. The attributes do not reveal information 
                >> about the content of individual BFCP controlled media streams, nor do they reveal which media streams 
                >> will be BFCP controlled." 
                >
                >[cue] I don't think I agree with this last part. The info in SDP does indicate which media streams will be 
                >controlled using BFCP. For example,
                >
                > m=application 50000 TCP/TLS/BFCP *
                > a=setup:actpass
                > a=connection:new
                > a=fingerprint:sha-256 \
                > 19:E2:1C:3B:4B:9F:81:E6:B8:5C:F4:A5:A8:D8:73:04: \
                > BB:05:2F:70:9F:04:A9:0E:05:E9:26:33:E8:70:88:A2
                > a=floorctrl:c-only s-only
                > a=confid:4321
                > a=userid:1234
                > a=floorid:1 mstrm:10
                > a=floorid:2 mstrm:11
                > a=bfcpver:1 2
                > m=audio 50002 RTP/AVP 0
                > a=label:10
                > m=video 50004 RTP/AVP 31
                > a=label:11
                >
               > The combination of floorid/mstrm and label attributes indicate that the corresponding audio and 
               > video m-lines are to be controlled via BFCP.
    
    You are right.
    
    So, something like:
    
            "The generic security considerations associated with SDP attributes are defined in [RFC3264]. While the 
              defined in this specification do not reveal information about the content of individual BFCP controlled 
              media streams, they do reveal which media streams will be BFCP controlled."

Yes, except s/While the defined/While those defined

Cheers,
Charles
            
            Regards,
            
            Christer    
    
    _______________________________________________
    bfcpbis mailing list
    bfcpbis@ietf.org
    https://www.ietf.org/mailman/listinfo/bfcpbis

v2.23.0 | Report a Bug | By Email