IETF Logo Mail Archive

Re: [MMUSIC] Input wanted for draft-ietf-mmusic-sdp-uks

Martin Thomson <martin.thomson@gmail.com> Wed, 04 July 2018 00:39 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89EF2130E77 for <mmusic@ietfa.amsl.com>; Tue, 3 Jul 2018 17:39:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mmWw2OUMTASK for <mmusic@ietfa.amsl.com>; Tue, 3 Jul 2018 17:39:52 -0700 (PDT)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63A5F130E1B for <mmusic@ietf.org>; Tue, 3 Jul 2018 17:39:52 -0700 (PDT)
Received: by mail-oi0-x22a.google.com with SMTP id d189-v6so7442930oib.6 for <mmusic@ietf.org>; Tue, 03 Jul 2018 17:39:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=OIYabmfOVdW8GogkNxTaafMUWwArEIXnAomUlhtkhrE=; b=GBUgFlhG+qRY7EA+KMhXFyJ1J5kbZa7GC9kdfp1vWxNl5/nTvMs64RwGtaqNTPxz2t 39TxX1QfOPSLXA2SmY5brbOUnvcwsyspQE1WkyqvQPu2M13SpFGaIJzMbJy9qWKoeDRy TrKBFjMzvHeOg7Sw+kIfY+a028UkTfldoOXR30e6prhJ/TMlywZSmj2e1Xa9D+jwZM4W 0QIlqBTSOUf16qWfwZWRto6jQUQllzpogAKBGquM7XTufpxOpUQ2XJsG9CGCaLSQoH/K i9E2Ms1Er9iD8C5z/PnM7n3JxdV9icDOnJhvXCtoCYl6B4AfKlgZBxOhOZymA94V1HDC 1jjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=OIYabmfOVdW8GogkNxTaafMUWwArEIXnAomUlhtkhrE=; b=atFbQK2uVDCMw9XFW8UjswXY7MB+wI+uQpZTDEIEIMjZLVmTW3BD4xW2guqjQRdxPZ +ZFd6aYhrZYLENZpo7wi010w87NEk8Cy54ZvYNaH6J8SKXWQwW6U6B0CumetGozUY388 9FHpcql8piECWbxNS2zZMJzqSywDonZQJDQIdJ77fC6LOrYE7PYxGM/z4nnekv0UBxrn pZPWxq/OX1jpQIu/grwDaSeIKBexbI1RHV7sKmmGLOJ1dgk8FzO5C/RUFCvIQ6QxueJW TBghfLZMwrVx3yEIyT6BsQAAYEKGgOat10Dbk4kLdIo9t61R5qVxljhqd5fp3dY139bZ EyrQ==
X-Gm-Message-State: APt69E2Q4pqIcHq6tspK989A+FaVWbhGp48KqrDN0AHjr/oBJ0Lvt9Iw /VYrjeLpnMgHh+7tcWaa0jUEhwxE9cGx0J7OhVTmYDtI
X-Google-Smtp-Source: AAOMgpfIfNxZlDWXVA3qo3WoIgAaazDR3IPwS3nvkWlQA7dys4oWjvDlYtVQVeLYGi26YY1azoKrOY3gPDFQf4VswOg=
X-Received: by 2002:aca:3d43:: with SMTP id k64-v6mr21949389oia.166.1530664791534; Tue, 03 Jul 2018 17:39:51 -0700 (PDT)
MIME-Version: 1.0
References: <DB7PR07MB3850C6167834ABFD35D598988D950@DB7PR07MB3850.eurprd07.prod.outlook.com> <871sd0deh3.fsf@hobgoblin.ariadne.com> <CABkgnnW-FkmUZueatA855ZPYvmorTcNV3UWXWtpyZGUise7RRA@mail.gmail.com> <b0ecfffca20f41239469c3358a843011@ericsson.com> <CABkgnnUbycfVydjsSpG1ywaejK9E7RG=4sdZAvW8czHLZDO+hA@mail.gmail.com> <e26a6bb7-5040-d4be-d3d3-55431020fe05@alum.mit.edu>
In-Reply-To: <e26a6bb7-5040-d4be-d3d3-55431020fe05@alum.mit.edu>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 04 Jul 2018 10:39:39 +1000
Message-ID: <CABkgnnWtUcWLDCUaXjZ4Q1jv3=DzAqb6Lhi2d9OA2e5Nmm+Lcw@mail.gmail.com>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
Cc: mmusic@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/9VxR8sHIjTwohjYjvYprB8gHcVE>
Subject: Re: [MMUSIC] Input wanted for draft-ietf-mmusic-sdp-uks
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2018 00:39:55 -0000

On Wed, Jul 4, 2018 at 12:40 AM Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:
> It is an important feature to give up. When security causes a reduction
> in functionality it is often the security that is given up.

Unfortunately, it's still a choice (people could choose not to deploy
this mitigation because they are too attached to 3PCC).  However, I
think that is fine, but this document doesn't need to do anything
other than mention its effect on 3PCC.  I've had an attempt at that
here:

https://github.com/martinthomson/sdp-uks/pull/4

This also attempts to make the identity-related aspects of this
clearer.  But, as the draft already said:

When the identity of communicating peers is established by higher-layer
signaling constructs, such as those in SIP {{?RFC4474}} or WebRTC
{{!WEBRTC-SEC}}, this allows an attacker to bind their own identity to a session
with any other entity.

v2.23.0 | Report a Bug | By Email