IETF Logo Mail Archive

[Emu] RE: Draft liaison response for IEEE 802.11u EAP method for emergency calls

"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Tue, 02 October 2007 16:20 UTC

Return-path: <emu-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IckTg-00089l-IH; Tue, 02 Oct 2007 12:20:08 -0400
Received: from emu by megatron.ietf.org with local (Exim 4.43) id 1IckTe-00085y-Pu for emu-confirm+ok@megatron.ietf.org; Tue, 02 Oct 2007 12:20:06 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IckTe-00085p-DO for emu@ietf.org; Tue, 02 Oct 2007 12:20:06 -0400
Received: from sj-iport-1-in.cisco.com ([171.71.176.70] helo=sj-iport-1.cisco.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IckTc-0000cI-Uk for emu@ietf.org; Tue, 02 Oct 2007 12:20:06 -0400
X-IronPort-AV: E=Sophos;i="4.21,220,1188802800"; d="scan'208";a="21136287"
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-1.cisco.com with ESMTP; 02 Oct 2007 09:20:04 -0700
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l92GK4xL029799; Tue, 2 Oct 2007 09:20:04 -0700
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id l92GJvmS026288; Tue, 2 Oct 2007 16:20:02 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 2 Oct 2007 09:19:53 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 02 Oct 2007 09:20:00 -0700
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE50494A0C7@xmb-sjc-225.amer.cisco.com>
In-Reply-To: <BAY117-F29277C2A62996E50BD31EC93BF0@phx.gbl>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Draft liaison response for IEEE 802.11u EAP method for emergency calls
Thread-Index: Acf5TwtBXk2NctmqRfSXyzsFVC9ydwLvK0vw
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: Bernard Aboba <bernard_aboba@hotmail.com>, emu@ietf.org
X-OriginalArrivalTime: 02 Oct 2007 16:19:53.0236 (UTC) FILETIME=[105F5D40:01C80510]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=8660; t=1191342004; x=1192206004; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey@cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey@cisco.com> |Subject:=20RE=3A=20Draft=20liaison=20response=20for=20IEEE=20802.11u=20E AP=20method=20for=20emergency=20calls |Sender:=20; bh=pGVdGKF7pDs8l4JqL7RvZEw9KX9YhPyj0n8qRGv7hqk=; b=SrqbkiHQX5C6LYyYF5p6RzL0J6hkgb+xbhjbKdjvZEnCPJwrJPxO+Qf0Ltgumc/yqiVY6O9D nPqQiYkrc+5MmSg6BhvogFxW9/LuE6sDSeZxj4bLojyllYdtE7YyXtkV;
Authentication-Results: sj-dkim-2; header.From=jsalowey@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f2984bf50fb52a9e56055f779793d783
Cc: ecrit-chairs@tools.ietf.org
Subject: [Emu] RE: Draft liaison response for IEEE 802.11u EAP method for emergency calls
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org

 

> -----Original Message-----
> From: Bernard Aboba [mailto:bernard_aboba@hotmail.com] 
> Sent: Monday, September 17, 2007 10:20 AM
> To: Joseph Salowey (jsalowey); emu@ietf.org
> Cc: ecrit-chairs@tools.ietf.org; Bernard_Aboba@hotmail.com
> Subject: RE: Draft liaison response for IEEE 802.11u EAP 
> method for emergency calls
> 
> It is not clear to me whether the requirements do in fact 
> prohibit server-side authentication.  As you note, without 
> server-side authentication man-in-the-middle attacks are 
> possible;  however, even with server-side authentication, 
> additional requirements may need to be imposed in order to 
> provide the desired level of security.
> 
> Requirement #1 is "No Pre-configured trust relationship".  
> This could refer to pre-configuration of the server with 
> respect to the expected client credential (PSK or 
> certificate), or it could refer to pre-configuration of the 
> client with respect to the server, (such trust anchors).  The 
> text seems focused on the former more than the latter.  
> Assuming that clients can be pre-configured with trust 
> anchors, then TLS-based EAP methods could meet the requirement.

[Joe] I agree, that if "No pre-configured trust relationship" refers to
configuration of client on the server then we are in a better position.
However it seems that in you discussion below that the peer does not
typically have enough information to validate the server. 
> 
> Requirement #2 is "Small" number of messages.  While this 
> requirement clearly excludes long exchanges, it is not clear 
> to me that TLS-based methods are excluded, particularly if 
> the method is to be implemented on the AP itself, which 
> potentially would result in lower round-trip times and 
> eliminate the possibility of AAA-based frame loss.
> 
[Joe] the requirement is a bit unclear, however I agree that it is worth
including text about this. 

> It may be possible that requirements #1 and #2 are compatible 
> with proposals involving unauthenticated client access 
> combined with server authentication. 
>    However, due to lack of a pre-configured network access 
> profile, this scenario presents additional threats that are 
> worthy of further discussion.
> 
> The presentation refers to the desire to for confidentiality 
> (presumably at L2, rather than using SRTP).  Where 
> confidentiality is desirable, it will also presumably be 
> important for the client to determine that it has connected 
> to a legitimate network.
> 
> Where a pre-configured network access profile exists, the 
> binding between a validated server certificate and an 
> advertised SSID is pre-configured.  
> However, where there is no pre-configured network access 
> profile, the binding may be difficult to establish without 
> imposition of additional requirements.
> 
> For example, the server certificate/SSID binding cannot be 
> determined solely via verification of the server certificate. 
>  An attacker could obtain a valid server certificate for 
> "example.com"; does this entitle them to advertise an SSID of 
> "Emergency Network" or even "Example"?  Since SSIDs are not 
> globally unique, there is no verifiable mapping between a 
> Server-Id and an allowed set of SSIDs. In general, a CA has 
> no way of determining whether a server has the rights to a 
> particular SSID or not, so that a CA cannot in practice vouch 
> for an RFC 4334 SSID extension within a server certificate.
> 
[Joe] If this is the case then I don't think there is a valid trust
relationship for the peer to validate the server. 


> Therefore verification of a binding between the server 
> identity and the advertised network would only seem to be 
> possible by requiring the advertised network name to match 
> the Server-Id advertised in the server certificate.  This in 
> turn would require restricting the allowable SSIDs, or adding 
> another field to the IEEE 802.11 Beacon/Probe Response.
> 
[Joe] It seems like there are at least two possibilities here:

1. Have a CA that only issues emergency services certificates and an
indication in the beacon/probe of which SSIDs are emergency services.

2. Have a CA that issues different types of certificates and have
specific SSIDs and names in the certificates to create the authorization
linkage.  

> 
> 
> 
> 
> 
> 
> >From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
> >To: <emu@ietf.org>
> >CC: <ecrit-chairs@tools.ietf.org>, "Bernard Aboba" 
> ><bernard_aboba@hotmail.com>
> >Subject: Draft liaison response for IEEE 802.11u EAP method for 
> >emergency calls
> >Date: Sun, 16 Sep 2007 22:26:36 -0700
> >
> >The EMU working group has a liaison request from IEEE 802.11u on EAP 
> >methods for emergency calls.  The liaison request can be 
> found on the 
> >liaison statement page, https://datatracker.ietf.org/liaison/ (May 
> >2007).  We had a presentations and discussion of this topic at the 
> >Chicago EMU meeting.  Below is a draft response based on the 
> discussion 
> >in the meeting.  It would be good to have comments on or approval of 
> >the text by Monday, October 1, so a revised response can be 
> created to 
> >be sent as a response to the IEEE.
> >
> >==============================================================
> >
> >802.11u Liaison response for EAP Methods for Emergency Communications
> >
> >We have had discussion of EAP method for Emergency services 
> at the last 
> >IETF meeting in Chicago.  The following is a summary of 
> working group 
> >discussion on this topic.
> >
> >Currently there are no standards track EAP methods that meet the 
> >requirements as understood by the EMU working group.  There 
> are several 
> >possible candidates of existing EAP methods that may meet or be 
> >slightly modified to meet some of the 802.11u requirements for 
> >emergency services, especially if minimal latency is not the 
> strongest 
> >requirement.  TTLS (draft-funk-eap-ttls-v0-01.txt) and EAP-FAST
> >(RFC4851) are TLS based methods that can support server only 
> >authentication.  It was also pointed out that EAP-TLS
> >(draft-simon-emu-rfc2716bis-11.txt) could be modified to 
> create a new 
> >EAP method that only requires server side authentication.  
> In order to 
> >truly support emergency services these methods would need to forego 
> >server certificate validation which negates much of the security they
> >provide by allowing man-in-the-middle attacks.   These TLS 
> based methods
> >also require a significant number of round trips that may not be 
> >acceptable for emergency communication.
> >
> >There were also several questions raised in the working group during 
> >the discussion that might help in further determining the 
> best approach.
> >These are summarized below:
> >
> >1) It is not clear how to make the tradeoff between security and 
> >low-latency.  If there is not existing trust relationship there are 
> >limits as to what security properties can be provided.  What 
> security 
> >properties are desirable and what is the tolerance for extra-round 
> >trips for the communication?
> >
> >2) PSK was described as having worse DOS resistance 
> properties that EAP.
> >It seems that in many cases EAP would have worse DOS resistance that 
> >PSK, which cases is EAP better?
> >
> >3) It seems that most public access networks already provide an open 
> >access network, why couldn't this network be used for emergency 
> >communication?
> >
> >4) What regulatory requirements are driving the need for encryption?
> >This creates some conflicts because encryption without 
> authentication 
> >does not satisfy most useful security requirements.
> >
> >As the 802.11u group is certainly aware, there are other 
> groups within 
> >the IETF that are looking at unauthenticated emergency services.  In 
> >particular, the ECRIT group within the IETF has ongoing work in this
> >area:
> >
> >http://tools.ietf.org/html/draft-schulzrinne-ecrit-unauthenti
> cated-acce
> >s
> >s-00
> >
> >We encourage IEEE working group members to continue the 
> discussion with 
> >the IETF in the EMU and the ECRIT working groups.
> 


_______________________________________________
Emu mailing list
Emu@ietf.org
https://www1.ietf.org/mailman/listinfo/emu

v2.23.0 | Report a Bug | By Email