Re: [MMUSIC] WGLC on draft-ietf-mmusic-sdp-uks-03

Paul Kyzivat <pkyzivat@alum.mit.edu> Sat, 04 May 2019 00:18 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 793791202EC for <mmusic@ietfa.amsl.com>; Fri, 3 May 2019 17:18:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wAFxU4UQaLh9 for <mmusic@ietfa.amsl.com>; Fri, 3 May 2019 17:18:17 -0700 (PDT)
Received: from outgoing-alum.mit.edu (outgoing-alum.mit.edu [18.7.68.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2874412025F for <mmusic@ietf.org>; Fri, 3 May 2019 17:18:16 -0700 (PDT)
Received: from PaulKyzivatsMBP.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id x440IFj1026153 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for <mmusic@ietf.org>; Fri, 3 May 2019 20:18:15 -0400
To: mmusic@ietf.org
References: <ec74675d-c576-f728-0481-c9488fb13beb@cisco.com> <ea61540a-20c7-0c3d-1f7d-4d702d9a5332@cisco.com> <e17042ae-af33-4b86-8a99-086290a1e8c0@www.fastmail.com> <f28a5698-d7bd-b39a-b307-fc8ced708ad3@cisco.com> <69e1ed84-7bae-4258-897b-a6d36716c261@www.fastmail.com> <718ce899-166c-b793-c7d4-84bb5fcceea5@cisco.com> <HE1PR07MB32592AA35C2183A0F1EB34BC8D550@HE1PR07MB3259.eurprd07.prod.outlook.com> <ea80d50b-9463-4bb4-ac89-862987a94585@www.fastmail.com> <4a6a7d47-bd49-ed20-561e-ed4223f2d190@cisco.com> <0de3648b-e750-41a7-819d-59d1bbf5ad70@www.fastmail.com> <d94aa49b-048f-59f4-3351-80d4d0af7eb2@cisco.com> <0cdf21b5-40ce-473c-86be-4d024ecb18a8@www.fastmail.com> <03e4c115-21be-2d09-b64c-77e358cff8e0@cisco.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <55c83fd9-3a11-91a9-ba42-d534eb30cf6c@alum.mit.edu>
Date: Fri, 3 May 2019 20:18:15 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <03e4c115-21be-2d09-b64c-77e358cff8e0@cisco.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/N545RzhOC35K9Dy585dK1QwK6rg>
Subject: Re: [MMUSIC] WGLC on draft-ietf-mmusic-sdp-uks-03
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 May 2019 00:18:20 -0000

Perhaps slightly off topic for *this* draft, but ISTM it is a problem if 
some form of authenticated identity can't be used with 3PCC. Perhaps 
this needs to be treated as a separate problem to be solved.

I think, for a click to dial case it may be necessary that initially 
each participant gets the identity of the server. Then, a subsequent 
step might be for another round of signaling to convey identity end to end.

	Thanks,
	Paul

On 5/3/19 5:28 PM, Flemming Andreasen wrote:
> 
> 
> On 4/23/19 12:29 AM, Martin Thomson wrote:
>> On Mon, Apr 22, 2019, at 08:07, Flemming Andreasen wrote:
>>>> Right.  What is relevant here is the offers and answers, not the SIP requests.  RFC 3725 shows only inconsequential offers being generated by the controller.
>>> This is where we differ. In the SIP case, the attack you describe is predicated on a mismatch between the Identity information provided in the SIP request and the (assumed) identity of the SDP in an offer, thus the SIP requests are indeed very relevant to the discussion.
>> I see your point below.  I missed the bit in RFC 8224 where it has to be a request. I was concentrating on the properties of the assertions, not the protocol integration.  I agree that it's important.
>>
>> If 3PCC as described in RFC 3725 never produces a scenario where a request is bound to valid SDP, then 8224 + 3725 won't ever intersect.  Looking again with that constraint in mind (that it has to be a request), I see no scenario where 8224 and 3725 could be used together unless the controller is also the authorization service.  That arrangement would rule the controller out as an attacker we care about, because it has to be trusted by definition.   (More below.)
> Agreed.
>> This doesn't invalidate the other aspects of the attack, just that this attack isn't valid when both 8224 and 3725 are used.  SIP identity can be used on calls without 3PCC and the text here applies to those uses.
> With the clarificiations discussed in mind, I'll take another look at 
> the update for the chair comments you referred me to separately 
> (https://martinthomson.github.io/sdp-uks/chair-review/draft-ietf-mmusic-sdp-uks.html)
> 
>>    Or 3PCC can be used without SIP identity (maybe the WebRTC identity is used) and the attack would be relevant.
> Can WebRTC identity be used with regular SIP ? That's not the impression 
> I got from 
> https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-18 (where 
> WebRTC identity is defined), nor do I think it should be since that would:
> a) Be redundant with the SIP Identiy information defined in RFC 8224 and 
> hence require further treatment in terms of how you deal with 
> discrepancies between the two.
> b) Conflate session signaling (SIP) with media signaling (SDP).
> 
> In any case, this is probably something that should be clarified in 
> draft-ietf-rtcweb-security-arch-18 (might as well do that now, since you 
> will ultimately get an SDP designated expert review from me on that one 
> that will ask the same).
> 
>> It might be good to categorically say that 3PCC - as described in RFC 3725 - is incompatible with RFC 8224.  Would that help clarify this bit?
>>
> I believe so.
>> On the specific flows:
>>
>> Flow I might work if the controller was the Authorization Service for A.  Or the controller was between A and its Authorization Service.
>> Flow II only works if the controller is the Authorization Service for both A and B.
>> Flows III and IV might work if the controller was the Authorization Service for B.  Or the controller was between B and its Authorization Service.
>>
>> I base this on the fact that any non-trivial offers only appear in 200 responses.  So the first place that the message appears in a request is at the controller.  This puts the controller on a "trusted" segment of the signaling path.
> Agree, which again goes against the premise of the attack and hence 
> supports your suggestion above about 3PCC and RFC 8224 being 
> incompatible, and hence the attack scenario not being applicable to 3PCC.
> 
> Thanks
> 
> -- Flemming
> 
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
>> ..
>>
> 
> 
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
>