Re: [Atoca] Remarks on the security discussion today

Art Botterell <acb@incident.com> Thu, 31 March 2011 19:42 UTC

Return-Path: <artbotterell@gmail.com>
X-Original-To: earlywarning@core3.amsl.com
Delivered-To: earlywarning@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D97E528C0E1 for <earlywarning@core3.amsl.com>; Thu, 31 Mar 2011 12:42:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FJI6-ltUZs+j for <earlywarning@core3.amsl.com>; Thu, 31 Mar 2011 12:42:51 -0700 (PDT)
Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by core3.amsl.com (Postfix) with ESMTP id 1BFD428C0D8 for <earlywarning@ietf.org>; Thu, 31 Mar 2011 12:42:51 -0700 (PDT)
Received: by iye19 with SMTP id 19so3150931iye.31 for <earlywarning@ietf.org>; Thu, 31 Mar 2011 12:44:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:content-type:mime-version:subject:from :in-reply-to:date:content-transfer-encoding:message-id:references:to :x-mailer; bh=DRJ5LPHfvMMWDe20BrIbSoI7/VS3Y+r3fntYYhJ5sXg=; b=m09ddFU1aDX74dpQhdy9V/+vUhuAIehOt8ypHYQ/aRDF6TN/E7tkWMIhLvH1ShN6/3 fLV7waA2CP68OcTusKGXPvkpk4TICuSJoEoGgOXdUmeR5tlD+nYD/k3dxh+LNgJFCosX 85/mmHcjPEF6oYkHKCobumJPF/jLBNnJX7ag4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer; b=ch1ddnkTe30NlpRLvNJWjmnYfS/LRtMRvIwMJuYNzIiv/xFOvoYiAFG719iktGKnaE L5zb4+Jvmm6NhfqdVa1D6ozCwDgBN9ehFqnxMSPV7EAbefwbZgacCKatr/rlOSsAEfyS JXyV5v2c0zkh34xGE6bDlDgbfSItGr4l7t+2g=
Received: by 10.43.54.71 with SMTP id vt7mr3848144icb.225.1301600670869; Thu, 31 Mar 2011 12:44:30 -0700 (PDT)
Received: from [192.168.1.14] (99-182-125-96.lightspeed.frokca.sbcglobal.net [99.182.125.96]) by mx.google.com with ESMTPS id 8sm927333iba.38.2011.03.31.12.44.29 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 31 Mar 2011 12:44:30 -0700 (PDT)
Sender: Art Botterell <artbotterell@gmail.com>
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Apple Message framework v1084)
From: Art Botterell <acb@incident.com>
In-Reply-To: <AB512223-EEE5-4105-99C9-305603FEE080@gmx.net>
Date: Thu, 31 Mar 2011 12:44:28 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <C3FDEA30-C3ED-4A36-B032-4A9182364321@incident.com>
References: <AB512223-EEE5-4105-99C9-305603FEE080@gmx.net>
To: earlywarning@ietf.org
X-Mailer: Apple Mail (2.1084)
Subject: Re: [Atoca] Remarks on the security discussion today
X-BeenThere: earlywarning@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Discussion list for the IETF Authority-to-Citizen Alert \(atoca\) working group." <earlywarning.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/earlywarning>, <mailto:earlywarning-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/earlywarning>
List-Post: <mailto:earlywarning@ietf.org>
List-Help: <mailto:earlywarning-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/earlywarning>, <mailto:earlywarning-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2011 19:42:51 -0000

On Mar 31, 2011, at 12:35 PM, Hannes Tschofenig wrote:

> In the area of end-to-end security it was noticed that the deployment reality of SIP (and XMPP) with regard to e2e security is rather weak. Security at the alert level was seen as OK but XMLDSIG was not acceptable. 

Hannes, could please you say a bit more about that?  In particular, what was meant by "OK" and "not acceptable"?

On a related note, I'd suggest that digital signatures may sometimes be useful even in transitive trust regimes in order to make the certification of an alert, wherever it occurred, provably persistent over time for auditing and forensic purposes.

- Art