Re: [mile] Ben Campbell's Discuss on draft-ietf-mile-xmpp-grid-09: (with DISCUSS and COMMENT)
Ben Campbell <ben@nostrum.com> Mon, 25 March 2019 13:54 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6755120470; Mon, 25 Mar 2019 06:54:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.679
X-Spam-Level:
X-Spam-Status: No, score=-1.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QX2qZFYM7Zvh; Mon, 25 Mar 2019 06:54:34 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E43A120475; Mon, 25 Mar 2019 06:54:30 -0700 (PDT)
Received: from dhcp-9259.meeting.ietf.org (dhcp-9259.meeting.ietf.org [31.133.146.89]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x2PDraAq016256 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 25 Mar 2019 08:53:42 -0500 (CDT) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1553522068; bh=JdlvUOsmCDhgr7SqZYh06/hk4UxEfsALU4ugfgs2hVE=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=dv//ajUecsmZ4s8YMdI9dZm2yGNiinCzagF3Bvmi0m8CvRO8liT0HCjM2zutAywEd 8tDR0RpLAVPi27jZJDchfcCVJZk6kXNJrcmwtal7D8CS8n+Y5RjEIclznp3oTDFVXf 3gphVHeusHG/EYUK/aiqA69J+kROfIGXh69nOjY8=
From: Ben Campbell <ben@nostrum.com>
Message-Id: <D6708F32-5073-4CB8-84EF-0E2035D5323A@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_01ACBAE0-5D31-42A4-86F5-17288A7FF5EC"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Mon, 25 Mar 2019 14:53:32 +0100
In-Reply-To: <1d13de82-402c-a22c-c6af-8f12af72a389@mozilla.com>
Cc: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, The IESG <iesg@ietf.org>, "draft-ietf-mile-xmpp-grid@ietf.org" <draft-ietf-mile-xmpp-grid@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "mile-chairs@tools.ietf.org" <mile-chairs@tools.ietf.org>, Takeshi Takahashi <takeshi_takahashi@nict.go.jp>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>
To: Peter Saint-Andre <stpeter@mozilla.com>
References: <154821326562.13271.17282561556237229622.idtracker@ietfa.amsl.com> <4BD85B49-9F10-4724-B5C7-B4257D8A83CD@cisco.com> <8125411B-783D-4469-B60B-422FA4E447FF@cisco.com> <50DCB5B2-8045-4878-ACA2-A9BE1246DFF1@cisco.com> <C92CD6AF-CC03-4734-8CB4-2FACD071EBFC@cisco.com> <840D870A-36F9-4B32-918B-8F4A3D04EBDF@cisco.com> <7F9B5B96-D304-44B4-88D3-A598450477FF@nostrum.com> <2cee29b8-99ce-2053-6044-2c2e4c501557@mozilla.com> <1d13de82-402c-a22c-c6af-8f12af72a389@mozilla.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/W4V1kxXRvpOghN6jfxeQ7vErSa0>
Subject: Re: [mile] Ben Campbell's Discuss on draft-ietf-mile-xmpp-grid-09: (with DISCUSS and COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 13:54:40 -0000
Looks good, thanks! I have cleared. Ben. > On Mar 25, 2019, at 2:52 PM, Peter Saint-Andre <stpeter@mozilla.com> wrote: > > On 3/24/19 3:14 PM, Peter Saint-Andre wrote: >> On 3/24/19 1:32 PM, Ben Campbell wrote: >>> Hi, apologies for not getting back to this sooner. I’m trying to close >>> or clarify my DISCUSS points prior to stepping down from the IESG this >>> week. Please see inline: >>> >>> Thanks! >>> >>> Ben. >>> >>>> On Mar 4, 2019, at 6:49 PM, Nancy Cam-Winget (ncamwing) >>>> <ncamwing@cisco.com <mailto:ncamwing@cisco.com>> wrote: >>>> >>>> Hi Ben, >>>> Thanks for the careful review and comments, please see answers below: >>>> >>>> On 1/22/19, 19:14, "Ben Campbell" <ben@nostrum.com >>>> <mailto:ben@nostrum.com>> wrote: >>>> >>>> > > <snip/> > >>>> 2) The security considerations suggest that the use of TLS >>>> mitigates all of >>>> the "network attacks". However, the potential or eavesdropping >>>> or data >>>> modification are only mentioned in terms of such "network >>>> attacks". It is also >>>> possible for the controller (aka XMPP server) to do those >>>> things unless some >>>> sort of e2e protection is used. This is not discussed in the >>>> sections about how >>>> the controller is trusted, nor is it discussed in the >>>> countermeasures sections. >>>> There is a mention of e2e protection in the privacy >>>> considerations, but I think >>>> that really needs treatment under the security considerations. >>>> [NCW] Section 8.2.3 does try to delineate the controller attacks, >>>> but we can add the >>>> Notion of eavesdropping and modification attacks there as well. >>>> As to the considerations, >>>> We can add in 8.3.3 a sentence to the effect of using e2e >>>> protection to address this attack. >>> >>> Unless you expect to really have e2e protection, it’s more important to >>> discuss the effects of not having it. >> >> True. I'll draft text about that (probably later today). > > I propose adding a new subsection under "Countermeasures": > > 8.3.6. End-to-End Encryption of Messages > > Because it is expected that there will be a relatively large number > of Consumers for every Topic, for purposes of content discovery and > scaling this document specifies a "one-to-many" communications > pattern using the XMPP Publish-Subscribe extension. Unfortunately, > there is no standardized technology for end-to-end encryption of one- > to-many messages in XMPP. This implies that messages can be subject > to eavesdropping, data injection, and data modification attacks > within a Broker or Controller. If it is necessary to mitigate > against such attacks, implementers would need to select a messaging > pattern other than [XEP-0060], most likely the basic "instant > messaging" pattern specified in [RFC6121] with a suitable XMPP > extension for end-to-end encryption (such as [RFC3923] or a more > modern method such as [XEP-0384]). The description of such an > approach is out of scope for this document. > > Peter
- [mile] Ben Campbell's Discuss on draft-ietf-mile-… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Nancy Cam-Winget (ncamwing)
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Florian Schmaus
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Dave Cridland
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Florian Schmaus
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Peter Saint-Andre