[martini] #46: Security Directorate review of draft-ietf-martini-reqs-07.txt
"martini issue tracker" <trac@tools.ietf.org> Sun, 27 June 2010 18:40 UTC
Return-Path: <trac@tools.ietf.org>
X-Original-To: martini@core3.amsl.com
Delivered-To: martini@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9A32C3A691B for <martini@core3.amsl.com>; Sun, 27 Jun 2010 11:40:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.036
X-Spam-Level:
X-Spam-Status: No, score=-101.036 tagged_above=-999 required=5 tests=[AWL=-1.263, BAYES_50=0.001, NO_RELAYS=-0.001, SARE_SUB_OBFU_Q1=0.227, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yEbvVhl-wfis for <martini@core3.amsl.com>; Sun, 27 Jun 2010 11:40:16 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (unknown [IPv6:2001:1890:1112:1::2a]) by core3.amsl.com (Postfix) with ESMTP id B1A523A696E for <martini@ietf.org>; Sun, 27 Jun 2010 11:40:16 -0700 (PDT)
Received: from localhost ([::1] helo=zinfandel.tools.ietf.org) by zinfandel.tools.ietf.org with esmtp (Exim 4.72) (envelope-from <trac@tools.ietf.org>) id 1OSwmD-00073M-N3; Sun, 27 Jun 2010 11:40:21 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: martini issue tracker <trac@tools.ietf.org>
X-Trac-Version: 0.11.7
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.11.7, by Edgewall Software
To: john.elwell@siemens-enterprise.com, ho@alum.mit.edu
X-Trac-Project: martini
Date: Sun, 27 Jun 2010 18:40:21 -0000
X-URL: http://tools.ietf.org/martini/
X-Trac-Ticket-URL: https://trac.tools.ietf.org/wg/martini/trac/ticket/46
Message-ID: <057.f6f86a244cf71c330f658826f6f7debc@tools.ietf.org>
X-Trac-Ticket-ID: 46
X-SA-Exim-Connect-IP: ::1
X-SA-Exim-Rcpt-To: john.elwell@siemens-enterprise.com, ho@alum.mit.edu, martini@ietf.org
X-SA-Exim-Mail-From: trac@tools.ietf.org
X-SA-Exim-Scanned: No (on zinfandel.tools.ietf.org); SAEximRunCond expanded to false
Cc: martini@ietf.org
Subject: [martini] #46: Security Directorate review of draft-ietf-martini-reqs-07.txt
X-BeenThere: martini@ietf.org
X-Mailman-Version: 2.1.9
List-Id: Discussion of en-mass SIP PBX registration mechanisms <martini.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/martini>, <mailto:martini-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/martini>
List-Post: <mailto:martini@ietf.org>
List-Help: <mailto:martini-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/martini>, <mailto:martini-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jun 2010 18:40:17 -0000
#46: Security Directorate review of draft-ietf-martini-reqs-07.txt
-----------------------------------+----------------------------------------
Reporter: ho@… | Owner: john.elwell@…
Type: defect | Status: new
Priority: minor | Milestone: milestone1
Component: reqs | Version: 1.0
Severity: Submitted WG Document | Keywords:
-----------------------------------+----------------------------------------
Do not be alarmed. I have reviewed this document as part of the
security directorate's ongoing effort to review all IETF documents
being processed by the IESG. These comments were written primarily
for the benefit of the security area directors. Document editors and
WG chairs should treat these comments just like any other last call
comments.
The abstract:
This document states requirements for a standardized SIP registration
mechanism for multiple addresses of record, the mechanism being
suitable for deployment by SIP service providers on a large scale in
support of small to medium sized Private Branch Exchanges (PBXs).
The requirements are for a solution that can, as a minimum, support
AORs based on E.164 numbers.
There are 21 requirements, and two of them address security.
I think requirement 14 leaves out a couple of things:
REQ14 - The mechanism MUST be able to operate over a transport that
provides integrity protection and confidentiality.
It should probably require "end-to-end" integrity protection and
confidentiality between the two entities (SIP-PBX and the SSP).
And I think requirement 15 should say something about how the two
entites are expected to agree on an authentication method, and that
the authentication should apply to every registration message
exchanged by the entities. That is, once they have authenticated,
then that information should be tied to requirement 14 and ensure that
the integrity and/or confidentiality is defined between the two
entities (by use of, for example, an authenticated key exchange
protocol) on all subsequent messages between the two.
REQ15 - The mechanism MUST support authentication of the SIP-PBX by
the SSP and vice versa.
I'd also add that it MUST support termination of authenticaton and
re-authentication.
Minor non-security things:
Requirement 4 has a triple negative ("not" "prevent" "without"), and
I'm not sure what the heck it means.
Requirement 5 has a typo, probably "internally" for "internal".
Hilarie
--
Ticket URL: <https://trac.tools.ietf.org/wg/martini/trac/ticket/46>
martini <http://tools.ietf.org/martini/>
- [martini] #46: Security Directorate review of dra… martini issue tracker
- Re: [martini] #46: Security Directorate review of… martini issue tracker