Re: [bfcpbis] Ben Campbell's Discuss on draft-ietf-bfcpbis-bfcp-websocket-14: (with DISCUSS and COMMENT)
"Ram Mohan R (rmohanr)" <rmohanr@cisco.com> Thu, 09 February 2017 01:55 UTC
Return-Path: <rmohanr@cisco.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16F1412954A; Wed, 8 Feb 2017 17:55:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xgJhKJFK-lWS; Wed, 8 Feb 2017 17:55:28 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C51A12951D; Wed, 8 Feb 2017 17:55:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=11254; q=dns/txt; s=iport; t=1486605328; x=1487814928; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=YNlL9tM/rtV7XZWl+1HjU/1r4VmUNF4uhvoMFOR25I8=; b=Uu/VHRwzVA4TkTqaRzDsOIP3E75kLiu/ssaetHLGnOhtKRbRkufHGlkT h4JFPqxvX4Slm8OIYcYdAafyCWUmj8K53OWVAU87xYBX81c8urAxNuHcY xVwu2Er0la7O7g0XWYRjb3NlWZ0ahNA9Wp4ZhNgkaUcNtOMtBKD9jHaAu s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0A5AQBVy5tY/5JdJa1dGQEBAQEBAQEBAQEBBwEBAQEBg1GBageDUooIkgmIDIsbgg+CDIYiAhqCVT8YAQIBAQEBAQEBYiiEaQEBAQMBIxE0EQwEAgEGAhEDAQIDAhIUAgICHxEVCAgCBA4FiVwDDQiSX51OgiWHOA2ECgEBAQEBAQEBAQEBAQEBAQEBAQEBAR2BC4dGgmqCUYFfDhYHMQIODIIyLoIxAQSJAgqHfYRLhWQ4AYoMg2yEGYF7hReJc4o0iF4BHzh+TxVNAYRogUh1AYZBDxeBChN5AQEB
X-IronPort-AV: E=Sophos;i="5.35,349,1484006400"; d="scan'208";a="206502437"
Received: from rcdn-core-10.cisco.com ([173.37.93.146]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Feb 2017 01:55:27 +0000
Received: from XCH-RTP-016.cisco.com (xch-rtp-016.cisco.com [64.101.220.156]) by rcdn-core-10.cisco.com (8.14.5/8.14.5) with ESMTP id v191tQbg023846 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 9 Feb 2017 01:55:27 GMT
Received: from xch-rtp-017.cisco.com (64.101.220.157) by XCH-RTP-016.cisco.com (64.101.220.156) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 8 Feb 2017 20:55:25 -0500
Received: from xch-rtp-017.cisco.com ([64.101.220.157]) by XCH-RTP-017.cisco.com ([64.101.220.157]) with mapi id 15.00.1210.000; Wed, 8 Feb 2017 20:55:25 -0500
From: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com>
To: Ben Campbell <ben@nostrum.com>
Thread-Topic: Ben Campbell's Discuss on draft-ietf-bfcpbis-bfcp-websocket-14: (with DISCUSS and COMMENT)
Thread-Index: AQHSceRTe5LJyE53MkeeyUi4LMDL1KFeiFwAgAGu7YCAAIQbAA==
Date: Thu, 09 Feb 2017 01:55:25 +0000
Message-ID: <B4FBD9EF-82B7-4FA7-8B60-1617A64B2487@cisco.com>
References: <148478285523.2190.2128906462944738445.idtracker@ietfa.amsl.com> <AF24E23F-5B3E-444F-9078-45D008448C0C@cisco.com> <08C20901-35F0-4AC8-A0CE-1361E73D25FC@nostrum.com>
In-Reply-To: <08C20901-35F0-4AC8-A0CE-1361E73D25FC@nostrum.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1a.0.160910
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.65.77.146]
Content-Type: text/plain; charset="utf-8"
Content-ID: <AC8A0FC9957B32439DAAFC8E2EEF7447@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/bfcpbis/C_A84gtu48qVco7JtPskADh62TQ>
Cc: "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "draft-ietf-bfcpbis-bfcp-websocket@ietf.org" <draft-ietf-bfcpbis-bfcp-websocket@ietf.org>, The IESG <iesg@ietf.org>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>
Subject: Re: [bfcpbis] Ben Campbell's Discuss on draft-ietf-bfcpbis-bfcp-websocket-14: (with DISCUSS and COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Feb 2017 01:55:31 -0000
Hi Ben, Thanks for your feedback. Please see inline <Ram> -----Original Message----- From: Ben Campbell <ben@nostrum.com> Date: Thursday, 9 February 2017 at 5:02 AM To: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com> Cc: The IESG <iesg@ietf.org>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "draft-ietf-bfcpbis-bfcp-websocket@ietf.org" <draft-ietf-bfcpbis-bfcp-websocket@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org> Subject: Re: Ben Campbell's Discuss on draft-ietf-bfcpbis-bfcp-websocket-14: (with DISCUSS and COMMENT) Resent-From: <alias-bounces@ietf.org> Resent-To: <anton.roman@quobis.com>, <stephane.cazeaux@orange.com>, <gsalguei@cisco.com>, <sergio.garcia.murillo@gmail.com>, <rmohanr@cisco.com>, <victor.pascual.avila@oracle.com> Resent-Date: Thursday, 9 February 2017 at 5:02 AM Thanks for the response. Please see comments inline. I will delete sections that seem to be resolved. (Consider my responses to them as "Okay"). Thanks! Ben. On 7 Feb 2017, at 10:20, Ram Mohan R (rmohanr) wrote: > Hi Ben, > > Sorry for delay. Please see inline <Ram> for my responses > > -----Original Message----- > From: Ben Campbell <ben@nostrum.com> [...] > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > I plan to ballot "yes" for this document, but I have some concerns > about > the security properties that I think need to be resolved first. I > have > followed the discussion resulting from Robert's Gen-ART review > (and will > have comments about that in the "COMMENTS section", but I think I > see an > additional issue that hasn't been covered in that discussion. > > draft-ietf-bfcpbis-rfc4582bis (currently in the RFC Editors queue) > defines some situations where TLS and client authentication are > normatively required. Specifically, section 9 of that draft says > that, if > the signaling channel is authenticated and has confidentiality and > integrity protection, the BFCP client MUST be authenticated. > Section 14 > additionally says that under those circumstances, BFCP is REQUIRED > to use > the mandated cryptographic algorithm. But bfcp-websocket only says > that > WSS and client authentication are RECOMMENDED. > > <Ram> Agree. That’s a reasonable ask. > > I think this could be fixed by requiring WSS, and the web-based > client > authentication techniques described in this draft whenever the > signaling > protocol is secured. The simplest way to describe that might be to > say > that BFCP-websocket must use at least as strong protections as the > signaling channel. > <Ram> I will add the following line to the security consideration > section > NEW: > “Secure WebSocket (WSS) MUST be used for BCP when the signalling > channel used to exchange the BFCP parameters is secured. “ > > Is this ok ? That's moving in the right direction. However, the second paragraph of section 9 of draft-ietf-bfcpbis-rfc4582bis offers a little more precision. Perhaps something like the following: "If the signaling or control protocol traffic used to set up the conference is authenticated and confidentiality and integrity protected, Secure WebSocket (WSS) MUST be used, and the floor control server MUST authenticate the client." <Ram> Proposed text looks good to me. I will use this. > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I appreciate the author's efforts in resolving the security > considerations issues from Robert's Gen-ART review, but I don't > think the > current text is quite there yet. Version 14 added the text to say > that, > when using websockets, the websocket security mechanisms are used > instead > of those from draft-ietf-bfcpbis-rfc4582bis. But Robert also asked > for > the draft to describe how that change impacts the security > analysis in > draft-ietf-bfcpbis-rfc4582bis. I don't see text that does that. > I'd like > to see, for each of the attacks described in > draft-ietf-bfcpbis-rfc4582bis, text that says describes how (or > if) a > similar attack would be mitigated using websocket. > <Ram> Here is the text I plan to add the security considerations as a > separate paragraph > > EXISTING: > When using BFCP over websockets, the security mechanisms defined in > [draft-ietf-bfcpbis-rfc4592bis] are *not used*. Instead, the > application > is required to build and rely on the security mechanisms in > [RFC6455] > > NEW: > “When using BFCP over websockets, the security mechanisms defined in > [draft-ietf-bfcpbis-rfc4592bis] are *not used*. Instead, the > application > is required to build and rely on the security mechanisms in > [RFC6455] > > This section analyses the threats described in Section 14 of > [draft-ietf-bfcpbis-rfc4582bis] when WebSocket is > used as transport protocol for BFCP. > > An attacker attempting to impersonate a floor control server is > avoided by having servers accept BFCP messages over > Secure WebSocket (WSS) only. As with any other web connection, the > clients will verify the servers certificate. > The floor control WebSocket client MUST follow the procedures in > [RFC7525] (including hostname verification > as per section 6.1 in [RFC7525]) while setting up TLS connection with > floor control webSocket server. > > An attacker attempting to impersonate a floor control client is > avoided by having servers accept BFCP messages > over WSS only. As described in Section 10.5 of [RFC6455] the floor > control server can use any client authentication > mechanism and follow the steps in Section 8 of this document. > > Attackers may attempt to modify messages exchanged by a client and a > floor control server. This can be prevented by having WSS between > client and server. > > An attacker trying to replay the messages is prevented by > having floor control servers check that messages arriving over a > given WSS connection use an authorized user ID. > > Attackers may attempt to pick messages from the network to get access I'm not sure what you mean by "pick messages". Are we talking about eavesdropping? Yes. It is eavesdropping. How about this: NEW: Attackers may eavesdrop on the network to get access to confidential information between the floor control server and a [………] Regards, Ram > to confidential information between the floor control server and a > client (e.g., why a floor request was denied). In order to ensure > that > BFCP users are getting the level of protection that they would get > using > the BFCP protocol directly, applications need to have a way to > control the websocket libraries to use encryption algorithms specified > in Section 7 > of [draft-ietf-bfcpbis-rfc4582bis. Since the WebSocket API does not > have a way to > allow an application to select the encryption algorithm to be used, > the protection > level provided when WSS is used is limited to the underlying TLS > algorithm used by WebSocket library.” > > Other than the minor comment above, that looks good to me. [...]
- [bfcpbis] Ben Campbell's Discuss on draft-ietf-bf… Ben Campbell
- Re: [bfcpbis] Ben Campbell's Discuss on draft-iet… Ram Mohan R (rmohanr)
- Re: [bfcpbis] Ben Campbell's Discuss on draft-iet… Ben Campbell
- Re: [bfcpbis] Ben Campbell's Discuss on draft-iet… Ram Mohan R (rmohanr)
- Re: [bfcpbis] Ben Campbell's Discuss on draft-iet… Ben Campbell
- Re: [bfcpbis] Ben Campbell's Discuss on draft-iet… Ram Mohan R (rmohanr)
- Re: [bfcpbis] Ben Campbell's Discuss on draft-iet… Ben Campbell