[Dime] unexpected consequence of deprecating E2E security in RFC 3588 bis

Glen Zorn <glenzorn@gmail.com> Wed, 26 September 2012 10:46 UTC

Return-Path: <glenzorn@gmail.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D367F21F87FF for <dime@ietfa.amsl.com>; Wed, 26 Sep 2012 03:46:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.369
X-Spam-Level:
X-Spam-Status: No, score=-3.369 tagged_above=-999 required=5 tests=[AWL=0.230, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id olniYXS9JMqx for <dime@ietfa.amsl.com>; Wed, 26 Sep 2012 03:46:40 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id 605F021F87C8 for <dime@ietf.org>; Wed, 26 Sep 2012 03:46:40 -0700 (PDT)
Received: by pbbro8 with SMTP id ro8so1716023pbb.31 for <dime@ietf.org>; Wed, 26 Sep 2012 03:46:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :content-type:content-transfer-encoding; bh=A7odtgnqtbtdxhJHsh8Uppfvzin7iBpSSRm1oB29BFk=; b=lB6PS8Cxf9T45Zxu7webTQHFuvb20IOZPSyb9d2FR0VUnbtnAtJAZFhMEGiyX3R2vk ZsjzHPShiWZr76vx68wAfiSkOlCt0S1hjeooKX0N3GUEPKmDiDRtW3mxOyt5cIh4OqPs kQMOPi/hD+auD/BiZtzN2TaurIlOf8Pq3Jvum2Ii2DUA95HD+VhTBipgHHmU7cfVn8zF 2SLh9afbQ/dhu5lNXYC1vMqnnOwYV+6yIUy1VUKQscUkmYUmsxoFs2WqGnZT+y6Uqjuw WNiicae37PqnnT6GHJZc/ekP110KvaLeafWgdLUD7MgiEK3on5gcGEGH6bQE+Qa+BFJw IXVw==
Received: by 10.66.81.201 with SMTP id c9mr36203pay.80.1348656400152; Wed, 26 Sep 2012 03:46:40 -0700 (PDT)
Received: from [192.168.0.102] (ppp-124-120-218-82.revip2.asianet.co.th. [124.120.218.82]) by mx.google.com with ESMTPS id nz6sm1880825pbb.50.2012.09.26.03.46.37 (version=SSLv3 cipher=OTHER); Wed, 26 Sep 2012 03:46:39 -0700 (PDT)
Message-ID: <5062DD0C.2080300@gmail.com>
Date: Wed, 26 Sep 2012 17:46:36 +0700
From: Glen Zorn <glenzorn@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120830 Thunderbird/15.0
MIME-Version: 1.0
To: draft-ietf-dime-rfc3588bis <draft-ietf-dime-rfc3588bis@tools.ietf.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: dime mailing list <dime@ietf.org>
Subject: [Dime] unexpected consequence of deprecating E2E security in RFC 3588 bis
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Sep 2012 10:46:40 -0000

Section 4.5 of RFC 3588 says:
    The following table describes the Diameter AVPs defined in the base
    protocol, their AVP Code values, types, possible flag values and
    whether the AVP MAY be encrypted.  For the originator of a Diameter
    message, "Encr" (Encryption) means that if a message containing that
    AVP is to be sent via a  Diameter agent (proxy, redirect or relay)
    then the message MUST NOT be sent unless there is end-to-end security
    between the originator and the recipient and integrity /
    confidentiality protection is offered for this AVP OR the originator
    has locally trusted configuration that indicates that end-to-end
    security is not needed.  Similarly, for the originator of a Diameter
    message, a "P" in the "MAY" column means that if a message containing
    that AVP is to be sent via a  Diameter agent (proxy, redirect or
    relay) then the message MUST NOT be sent unless there is end-to-end
    security between the originator and the recipient or the originator
    has locally trusted configuration that indicates that end-to-end
    security is not needed.

The corresponding section of 3588bis says:
    The following table describes the Diameter AVPs defined in the base
    protocol, their AVP Code values, types, and possible flag values.

Considerable information (and normative guidance) seems to have been 
lost here: in particular, the statements that "the message MUST NOT be 
sent unless... the originator has locally trusted configuration that 
indicates that end-to-end security is not needed" would seem to be valid 
even in the absence of an E2E security solution.