IETF Logo Mail Archive

Re: [MMUSIC] Fwd: draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?

Cullen Jennings <fluffy@iii.ca> Wed, 31 May 2017 21:45 UTC

Return-Path: <fluffy@iii.ca>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A513512EA24 for <mmusic@ietfa.amsl.com>; Wed, 31 May 2017 14:45:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IEEzQlGswxjS for <mmusic@ietfa.amsl.com>; Wed, 31 May 2017 14:45:48 -0700 (PDT)
Received: from smtp82.ord1c.emailsrvr.com (smtp82.ord1c.emailsrvr.com [108.166.43.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0E481293F4 for <mmusic@ietf.org>; Wed, 31 May 2017 14:45:48 -0700 (PDT)
Received: from smtp19.relay.ord1c.emailsrvr.com (localhost [127.0.0.1]) by smtp19.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 9FCFEA043E; Wed, 31 May 2017 17:45:45 -0400 (EDT)
X-Auth-ID: fluffy@iii.ca
Received: by smtp19.relay.ord1c.emailsrvr.com (Authenticated sender: fluffy-AT-iii.ca) with ESMTPSA id A58B8A03AA; Wed, 31 May 2017 17:45:44 -0400 (EDT)
X-Sender-Id: fluffy@iii.ca
Received: from [10.1.3.67] (S01065475d0f7dcd1.cg.shawcable.net [70.75.17.123]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:587 (trex/5.7.12); Wed, 31 May 2017 17:45:45 -0400
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
From: Cullen Jennings <fluffy@iii.ca>
In-Reply-To: <22C94242-218F-4724-AE92-E0B1E8DC2C82@nostrum.com>
Date: Wed, 31 May 2017 15:45:43 -0600
Cc: Eric Rescorla <ekr@rtfm.com>, Roman Shpount <roman@telurix.com>, Martin Thomson <martin.thomson@gmail.com>, Christer Holmberg <christer.holmberg@ericsson.com>, mmusic-chairs@ietf.org, mmusic <mmusic@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <21E8BA9D-E442-4DBC-8A7D-CEDFD5F54F8B@iii.ca>
References: <D551D683.1D429%christer.holmberg@ericsson.com> <22C94242-218F-4724-AE92-E0B1E8DC2C82@nostrum.com>
To: Ben Campbell <ben@nostrum.com>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/fgBwrbgUSjhWM2SPZwMczdjY6O4>
Subject: Re: [MMUSIC] Fwd: draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 May 2017 21:45:52 -0000

No ... the draft (with the PR) does not work. The key issue is the line 

   However, the offerer MUST NOT
   complete the DTLS handshake before it has received the SDP answer.

This breaks the usage of DTLS-SRTP with SIP and is not needed. The argument that you should not send media before you know who it is going to is not the problem. The key issue is that some times an SIP UA  needs to be able to receive media before it knows who it is from. Of course the UA should indicate in the caller ID etc that it is does not know who it is from. It might be really reasonable for the UA not to send any human generated media before it get the the dtls-id in the offer/answer, and validate any identity assertions, and validates in the certificates are not revoked, and whatever else the UA wants to to but the spec should not forbid receiving information while that is all happening. And to receive media, it needs to complete the DTLS handshake. 

Let me ask, for your average call flow that uses PRACK, do we think that call flow would work if we said there could not be any media before the Answer was received ? 


I'm sure the next issue is just my confusion but I was under the impression this would help solve the unauthenticated keying problem fro DTLS-SRTP. But the dtls-id in this draft never get tied to anything in the TLS session. Is that specified elsewhere? Do we need a ref to it ?

One other issues ... It seems that this removes from RFC5763 the line 

  The SIP message containing the offer SHOULD be sent to
   the offerer's SIP proxy over an integrity protected channel.

from RFC 5763. Any reason for that? Seems like the fingerprint should still be integrity protected. 






> On May 31, 2017, at 2:22 PM, Ben Campbell <ben@nostrum.com> wrote:
> 
> 
> Can people live with the PR as it currently stands, even if it’s not “perfect”? If not, what would it take to be able to live with it? It’s been almost 2 months since the IETF LC completed. It would be nice to progress this soon.
> 
> Thanks!
> 
> Ben.
> 
>> Begin forwarded message:
>> 
>> From: Christer Holmberg <christer.holmberg@ericsson.com>
>> Subject: Re: [MMUSIC] draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?
>> Date: May 29, 2017 at 5:41:19 AM CDT
>> To: Martin Thomson <martin.thomson@gmail.com>, Eric Rescorla <ekr@rtfm.com>
>> Cc: "mmusic@ietf.org" <mmusic@ietf.org>
>> 
>> Hi,
>> 
>> I have updated the PR.
>> 
>> The text now says ³complete² instead of ³finalise². In addition, I removed
>> the text about attacks, and only kept the text saying that media received
>> before the answer must be considered unauthenticated.
>> 
>> If people are still not happy with the text, I¹d really appreciate some
>> text.
>> 
>> Regards,
>> 
>> Christer
>> 
>> 
>> 
>> On 26/05/17 14:32, "mmusic on behalf of Christer Holmberg"
>> <mmusic-bounces@ietf.org on behalf of christer.holmberg@ericsson.com>
>> wrote:
>> 
>>> Hi,
>>> 
>>> You are the DTLS gurus - please suggest changes that makes the text
>>> correct - and still hopefully keeps Cullen happy :)
>>> 
>>> Regards,
>>> 
>>> Christer
>>> 
>>> 
>>> On 26/05/17 14:01, "Martin Thomson" <martin.thomson@gmail.com> wrote:
>>> 
>>>> On 26 May 2017 at 20:37, Eric Rescorla <ekr@rtfm.com> wrote:
>>>>> Also, you say that if you initiate the handshake before the answer
>>>>> is received you are vulnerable to attacks. What attacks are those?
>>>> 
>>>> It should be "complete" - on the assumption that a completed handshake
>>>> leads immediately to using the connection.  Really, it's using the
>>>> connection (sending or receiving data or using exporters) that puts
>>>> you at risk, but I don't think that it's worth putting that fine a
>>>> distinction on it.
>>> 
>>> _______________________________________________
>>> mmusic mailing list
>>> mmusic@ietf.org
>>> https://www.ietf.org/mailman/listinfo/mmusic
>> 
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
> 
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic

v2.23.0 | Report a Bug | By Email