[martini] FW: review of draft-ietf-martini-reqs-07.txt
"Elwell, John" <john.elwell@siemens-enterprise.com> Tue, 22 June 2010 07:36 UTC
Return-Path: <john.elwell@siemens-enterprise.com>
X-Original-To: martini@core3.amsl.com
Delivered-To: martini@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 052893A6452 for <martini@core3.amsl.com>; Tue, 22 Jun 2010 00:36:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.631
X-Spam-Level:
X-Spam-Status: No, score=-0.631 tagged_above=-999 required=5 tests=[AWL=-0.859, BAYES_50=0.001, SARE_SUB_OBFU_Q1=0.227]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id avJ4BYClbVDM for <martini@core3.amsl.com>; Tue, 22 Jun 2010 00:36:50 -0700 (PDT)
Received: from ms01.m0019.fra.mmp.de.bt.com (m0019.fra.mmp.de.bt.com [62.180.227.30]) by core3.amsl.com (Postfix) with ESMTP id D329C3A6959 for <martini@ietf.org>; Tue, 22 Jun 2010 00:36:49 -0700 (PDT)
Received: from senmx12-mx ([62.134.46.10] [62.134.46.10]) by ms01.m0020.fra.mmp.de.bt.com with ESMTP id BT-MMP-586512 for martini@ietf.org; Tue, 22 Jun 2010 09:36:53 +0200
Received: from MCHP063A.global-ad.net (unknown [172.29.37.61]) by senmx12-mx (Server) with ESMTP id 5D6DC23F0278 for <martini@ietf.org>; Tue, 22 Jun 2010 09:36:53 +0200 (CEST)
Received: from MCHP058A.global-ad.net ([172.29.37.55]) by MCHP063A.global-ad.net ([172.29.37.61]) with mapi; Tue, 22 Jun 2010 09:36:53 +0200
From: "Elwell, John" <john.elwell@siemens-enterprise.com>
To: "martini@ietf.org" <martini@ietf.org>
Date: Tue, 22 Jun 2010 09:36:51 +0200
Thread-Topic: review of draft-ietf-martini-reqs-07.txt
Thread-Index: AcsRrNf3iQcBLAwuSGGCporU9M2CQwAJhl5wAAKp2RA=
Message-ID: <A444A0F8084434499206E78C106220CAE7C4CE9A@MCHP058A.global-ad.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [martini] FW: review of draft-ietf-martini-reqs-07.txt
X-BeenThere: martini@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of en-mass SIP PBX registration mechanisms <martini.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/martini>, <mailto:martini-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/martini>
List-Post: <mailto:martini@ietf.org>
List-Help: <mailto:martini-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/martini>, <mailto:martini-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jun 2010 07:36:51 -0000
> -----Original Message----- > From: Elwell, John > Sent: 22 June 2010 07:44 > To: 'Hilarie Orman'; secdir@ietf.org > Cc: Bernard_Aboba@hotmail.com; spencer@wonderhamster.org; > gonzalo.camarillo@ericsson.com; rjsparks@nostrum.com; > hkaplan@acmepacket.com > Subject: RE: review of draft-ietf-martini-reqs-07.txt > > Hilarie, > > Thanks for your review. See responses below: > > > -----Original Message----- > > From: hilarie@purplestreak.com > > [mailto:hilarie@purplestreak.com] On Behalf Of Hilarie Orman > > Sent: 22 June 2010 02:49 > > To: secdir@ietf.org > > Cc: Bernard_Aboba@hotmail.com; spencer@wonderhamster.org; > > gonzalo.camarillo@ericsson.com; rjsparks@nostrum.com; Elwell, > > John; hkaplan@acmepacket.com > > Subject: review of draft-ietf-martini-reqs-07.txt > > > > Security review of draft-ietf-martini-reqs-07.txt, > > Multiple AOR reachability in SIP > > > > Do not be alarmed. I have reviewed this document as part of the > > security directorate's ongoing effort to review all IETF documents > > being processed by the IESG. These comments were written primarily > > for the benefit of the security area directors. Document > editors and > > WG chairs should treat these comments just like any other last call > > comments. > > > > The abstract: > > This document states requirements for a standardized SIP > registration > > mechanism for multiple addresses of record, the mechanism being > > suitable for deployment by SIP service providers on a > large scale in > > support of small to medium sized Private Branch Exchanges (PBXs). > > The requirements are for a solution that can, as a minimum, support > > AORs based on E.164 numbers. > > > > There are 21 requirements, and two of them address security. > > > > I think requirement 14 leaves out a couple of things: > > REQ14 - The mechanism MUST be able to operate over a > transport that > > provides integrity protection and confidentiality. > > It should probably require "end-to-end" integrity protection and > > confidentiality between the two entities (SIP-PBX and the SSP). > [JRE] In the next version I will change it to: > "The mechanism MUST be able to operate over a transport that > provides end-to-end integrity protection and confidentiality > between the SIP-PBX and the SSP." > > > > > And I think requirement 15 should say something about how the two > > entites are expected to agree on an authentication method, and that > > the authentication should apply to every registration message > > exchanged by the entities. That is, once they have authenticated, > > then that information should be tied to requirement 14 and > ensure that > > the integrity and/or confidentiality is defined between the two > > entities (by use of, for example, an authenticated key exchange > > protocol) on all subsequent messages between the two. > [JRE] I am reluctant to make any changes here. We don't > anticipate any new security mechanism, and indeed the > solution that is moving forward in the WG allows use of TLS, > which is already allowed for in SIP. For authentication it > allows both TLS mutual authentication or SIP digest > authentication + TLS server authentication, again, in line > with what is already allowed in SIP. SIP has a wealth of > material in this area, including aspects of RFC 3263 and RFC > 3329. I don't think it worthwhile adding a bunch of > requirements that in the end will not lead to any new > mechanisms or influence use of existing mechanisms. REQ14 and > REQ15 I think are sufficient pointers to needs in this area. > > > REQ15 - The mechanism MUST support authentication of the > SIP-PBX by > > the SSP and vice versa. > > I'd also add that it MUST support termination of authenticaton and > > re-authentication. > [JRE] I am not sure exactly what you are looking for here. Is > this referring to what happens when a certificate expires, > say? Again, I would doubt we really need to add anything > here, since we don't anticipate new security mechanisms. > > > > > Minor non-security things: > > > > Requirement 4 has a triple negative ("not" "prevent" "without"), and > > I'm not sure what the heck it means. > [JRE] Yes, in the next version I will change it to: > "The mechanism MUST allow UAs attached to a SIP-PBX to > register with the SIP-PBX for AORs based on assigned > telephone numbers, in order to receive requests targeted at > those telephone numbers, without needing to involve the SSP > in the registration process." > > > > > Requirement 5 has a typo, probably "internally" for "internal". > [JRE] It intentionally says "internally" at present - an > adverb modifying the verb "handle". I am not sure how to > reword it to prevent misinterpretation. > > John > > > > > > Hilarie > >
- [martini] FW: review of draft-ietf-martini-reqs-0… Bernard Aboba
- [martini] FW: review of draft-ietf-martini-reqs-0… Elwell, John
- Re: [martini] review of draft-ietf-martini-reqs-0… Bernard Aboba
- Re: [martini] review of draft-ietf-martini-reqs-0… Gonzalo Camarillo