[Emu] RE: Revised liaison response for IEEE 802.11u EAP method for emergency calls
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Tue, 30 October 2007 18:29 UTC
Return-path: <emu-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Imvpy-0002XQ-9p; Tue, 30 Oct 2007 14:29:14 -0400
Received: from emu by megatron.ietf.org with local (Exim 4.43) id 1Imvpx-0002X0-ET for emu-confirm+ok@megatron.ietf.org; Tue, 30 Oct 2007 14:29:13 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Imvpx-0002Ws-2S for emu@ietf.org; Tue, 30 Oct 2007 14:29:13 -0400
Received: from sj-iport-5.cisco.com ([171.68.10.87]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Imvpv-0004je-Vh for emu@ietf.org; Tue, 30 Oct 2007 14:29:12 -0400
X-IronPort-AV: E=Sophos;i="4.21,348,1188802800"; d="scan'208";a="183749314"
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-5.cisco.com with ESMTP; 30 Oct 2007 11:29:03 -0700
Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l9UIT3KV013463; Tue, 30 Oct 2007 11:29:03 -0700
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id l9UIT3Jr004551; Tue, 30 Oct 2007 18:29:03 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 30 Oct 2007 11:29:01 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 30 Oct 2007 11:29:16 -0700
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE504BF8E74@xmb-sjc-225.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Revised liaison response for IEEE 802.11u EAP method for emergency calls
Thread-Index: AcgPZscPji/sJWf/ToynicK9zpyQywACIl3gAuteSQA=
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>, Bernard Aboba <bernard_aboba@hotmail.com>, emu@ietf.org
X-OriginalArrivalTime: 30 Oct 2007 18:29:01.0916 (UTC) FILETIME=[BE8319C0:01C81B22]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=7924; t=1193768943; x=1194632943; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey@cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey@cisco.com> |Subject:=20RE=3A=20Revised=20liaison=20response=20for=20IEEE=20802.11u=2 0EAP=20method=20for=20emergency=20calls |Sender:=20; bh=eSv3S8aYLViYg98SAKIyJFOMJl0+3JY94Shghp9w098=; b=ElUuXqtycOkofjEBPsWREuU/kFVWstGS0ISlopQb6RIsmMkzqkfoepoKH7QaITqz5RfZdo2d vFjQZxgkAvy8oMHe+ceN/9vG9bEOpO0jlWFuaVWonhTh8EempufdzcqU;
Authentication-Results: sj-dkim-2; header.From=jsalowey@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f2984bf50fb52a9e56055f779793d783
Cc: ecrit-chairs@tools.ietf.org
Subject: [Emu] RE: Revised liaison response for IEEE 802.11u EAP method for emergency calls
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Errors-To: emu-bounces@ietf.org
Below is an updated liaison response to 802.11u reflecting comments received so far. I think this is reasonably close. I would like to send a reply next week so please respond with any comments by next Tuesday 11/6. Thanks, Joe ======================================================================== ====================== 802.11u Liaison response for EAP Methods for Emergency Communications We have had discussion of EAP method for Emergency services at the last IETF meeting in Chicago. The following is a summary of working group discussion on this topic. Currently there are no standards track EAP methods that exactly meet the requirements as understood by the EMU working group. EAP-TLS is probably closest since it is allowable for EAP-TLS (draft-simon-emu-rfc2716bis-11.txt) implementations to support modes that only require server side authentication. There are several other possible existing EAP methods that may meet or be slightly modified to meet some of the 802.11u requirements for emergency services. TTLS (draft-funk-eap-ttls-v0-01.txt) and EAP-FAST (RFC4851) are TLS based methods that can support server only authentication. If the peer can validate the server then it is possible to mitigate many man-in-the-middle attacks against the authentication, however if the peer cannot validate the server then this would leave the protocol open to man-in-the-middle attacks. These TLS based methods require a significant number of round trips, however this may not be an issue, especially if the emergency authentication is terminated locally instead of in a home server. There were also several questions raised in the working group during the discussion that might help in further determining the best approach. These are summarized below: 1) It is not clear what security properties are desirable. Is it important for the emergency services network to be authenticated? Is it possible for the peer to have a trust root for emergency services network? Is there expected to be an existing profile with a specific SSID that needs to be authorized? Is there another use for the authenticated identity? 2) What regulatory requirements are driving the need for encryption? This creates some conflicts because encryption without authentication does not satisfy most useful security requirements. 3) Will the authentication for emergency services be terminated locally or in a remote network? What is the tolerance for delay before network connectivity is established? 4) PSK was described as having worse DOS resistance properties that EAP. It seems that in many cases EAP would have worse DOS resistance that PSK, which cases is EAP better? 5) It seems that most public access networks already provide an open access network, why couldn't this network be used for emergency communication? As the 802.11u group is certainly aware, there are other groups within the IETF that are looking at unauthenticated emergency services. In particular, the ECRIT group within the IETF has ongoing work in this area: http://tools.ietf.org/html/draft-schulzrinne-ecrit-unauthenticated-acces s-00 We encourage IEEE working group members to continue the discussion with the IETF in the EMU and the ECRIT working groups. > -----Original Message----- > From: Joseph Salowey (jsalowey) > Sent: Monday, October 15, 2007 2:30 PM > To: 'Bernard Aboba'; emu@ietf.org > Cc: ecrit-chairs@tools.ietf.org > Subject: RE: Revised liaison response for IEEE 802.11u EAP > method for emergency calls > > > > > -----Original Message----- > > From: Bernard Aboba [mailto:bernard_aboba@hotmail.com] > > Sent: Monday, October 15, 2007 1:06 PM > > To: Joseph Salowey (jsalowey); emu@ietf.org > > Cc: ecrit-chairs@tools.ietf.org > > Subject: RE: Revised liaison response for IEEE 802.11u EAP > method for > > emergency calls > > > > >TTLS (draft-funk-eap-ttls-v0-01.txt) and EAP-FAST > (RFC4851) are TLS > > >based methods that can support server only authentication. > > It was also > > >pointed out that EAP-TLS (draft-simon-emu-rfc2716bis-11.txt) > > >could be modified to create a new EAP method that only > > requires server > > >side authentication. > > > > In general, in TLS-based EAP methods the TLS client authentication > > policy is determined by the server. That is, the server decides > > whether to request a client certificate; RFC 2716 > recommends but does > > not require inclusion of a certificate request in the Server hello > > message; in the examples in RFC 2716 the > certificate-request field is > > not shown as mandatory. By not including a certificate request, an > > EAP-TLS server can support anonymous clients. It is my > understanding > > that existing EAP-TLS peer implementations support server-side only > > authentication. > > > [Joe] OK, how about modifying the above sentence to: > > "It is possible for EAP-TLS > (draft-simon-emu-rfc2716bis-11.txt) implementations to > support modes that only require server side authentication." > > > >If the peer can validate the server then it is possible to > mitigate > > >many man-in-the-middle attacks against the authentication, > > however if > > >the peer cannot validate the server then this would leave the > > >protocol open to man-in-the-middle attacks. > > These TLS > > >based methods require a significant number of round trips, > > however this > > >may not be an issue especially if the emergency authentication is > > >terminated locally instead of in a home server. > > > > > >There were also several questions raised in the working > group during > > >the discussion that might help in further determining the > > best approach. > > >These are summarized below: > > > > > >1) It is not clear what security properties are desirable. Is it > > >important for the emergency services network to be > > authenticated? Is > > >it possible for the peer to have a trust root for > emergency services > > >network? Is there expected to be an existing profile with > a specific > > >SSID that needs to be authorized? Is there another use for the > > >authenticated identity? > > > > > >2) What regulatory requirements are driving the need for > encryption? > > >This creates some conflicts because encryption without > > authentication > > >does not satisfy most useful security requirements. > > > > > >3) Will the authentication for emergency services be > > terminated locally > > >or in a remote network? What is the tolerance for delay > > before network > > >connectivity is established? > > > > > >4) PSK was described as having worse DOS resistance > > properties that EAP. > > >It seems that in many cases EAP would have worse DOS > resistance that > > >PSK, which cases is EAP better? > > > > > >5) It seems that most public access networks already > provide an open > > >access network, why couldn't this network be used for emergency > > >communication? > > > > > >As the 802.11u group is certainly aware, there are other > > groups within > > >the IETF that are looking at unauthenticated emergency > services. In > > >particular, the ECRIT group within the IETF has ongoing > work in this > > >area: > > > > > >http://tools.ietf.org/html/draft-schulzrinne-ecrit-unauthenti > > cated-acce > > >s > > >s-00 > > > > > >We encourage IEEE working group members to continue the > > discussion with > > >the IETF in the EMU and the ECRIT working groups. > > > _______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu
- [Emu] Revised liaison response for IEEE 802.11u E… Joseph Salowey (jsalowey)
- [Emu] RE: Revised liaison response for IEEE 802.1… Bernard Aboba
- [Emu] RE: Revised liaison response for IEEE 802.1… Joseph Salowey (jsalowey)
- [Emu] RE: Revised liaison response for IEEE 802.1… Joseph Salowey (jsalowey)