Re: [MMUSIC] WGLC on draft-ietf-mmusic-sdp-uks-03

Flemming Andreasen <fandreas@cisco.com> Fri, 03 May 2019 21:28 UTC

Return-Path: <fandreas@cisco.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82E1D120165; Fri, 3 May 2019 14:28:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3KU2-M7pTEAm; Fri, 3 May 2019 14:28:32 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28F39120158; Fri, 3 May 2019 14:28:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9834; q=dns/txt; s=iport; t=1556918912; x=1558128512; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to; bh=khX1TNbNB0vK9GY6LxorAducA99OcgSmuC4eb5nIsn8=; b=RfKCp8KJ8mSVs5sHoxUHCprgcubI/JUEgoEgYdwfX//QmCK5+lbHbMdN w1umkX7rBSORaMt+Rr4theOrsHAolDMHjHRaIPBKr3GfLF7j5ikLRARxm E+Z0wsQk5QIVurh50nxwP4lNrzQxy35gyYkCKqKav8taqUZs3GyD6oZX3 o=;
X-IronPort-AV: E=Sophos;i="5.60,427,1549929600"; d="scan'208,217";a="268696042"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 03 May 2019 21:28:31 +0000
Received: from [10.118.10.21] (rtp-fandreas-2-8814.cisco.com [10.118.10.21]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTP id x43LSUcp025713; Fri, 3 May 2019 21:28:30 GMT
To: Martin Thomson <mt@lowentropy.net>, Bo Burman <bo.burman@ericsson.com>, mmusic <mmusic@ietf.org>, Jon Peterson <jon.peterson@neustar.biz>, Cullen Jennings <fluffy@cisco.com>, "'Eric Rescorla'" <ekr@rtfm.com>
Cc: "draft-ietf-mmusic-sdp-uks@ietf.org" <draft-ietf-mmusic-sdp-uks@ietf.org>
References: <ec74675d-c576-f728-0481-c9488fb13beb@cisco.com> <ea61540a-20c7-0c3d-1f7d-4d702d9a5332@cisco.com> <e17042ae-af33-4b86-8a99-086290a1e8c0@www.fastmail.com> <f28a5698-d7bd-b39a-b307-fc8ced708ad3@cisco.com> <69e1ed84-7bae-4258-897b-a6d36716c261@www.fastmail.com> <718ce899-166c-b793-c7d4-84bb5fcceea5@cisco.com> <HE1PR07MB32592AA35C2183A0F1EB34BC8D550@HE1PR07MB3259.eurprd07.prod.outlook.com> <ea80d50b-9463-4bb4-ac89-862987a94585@www.fastmail.com> <4a6a7d47-bd49-ed20-561e-ed4223f2d190@cisco.com> <0de3648b-e750-41a7-819d-59d1bbf5ad70@www.fastmail.com> <d94aa49b-048f-59f4-3351-80d4d0af7eb2@cisco.com> <0cdf21b5-40ce-473c-86be-4d024ecb18a8@www.fastmail.com>
From: Flemming Andreasen <fandreas@cisco.com>
Message-ID: <03e4c115-21be-2d09-b64c-77e358cff8e0@cisco.com>
Date: Fri, 3 May 2019 17:28:30 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <0cdf21b5-40ce-473c-86be-4d024ecb18a8@www.fastmail.com>
Content-Type: multipart/alternative; boundary="------------6CA332BCEF5FAB929722502E"
Content-Language: en-US
X-Outbound-SMTP-Client: 10.118.10.21, rtp-fandreas-2-8814.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/xvLtcAz-fF88ASP_ZBqQdm4bJJA>
Subject: Re: [MMUSIC] WGLC on draft-ietf-mmusic-sdp-uks-03
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2019 21:28:34 -0000


On 4/23/19 12:29 AM, Martin Thomson wrote:
> On Mon, Apr 22, 2019, at 08:07, Flemming Andreasen wrote:
>>> Right.  What is relevant here is the offers and answers, not the SIP requests.  RFC 3725 shows only inconsequential offers being generated by the controller.
>> This is where we differ. In the SIP case, the attack you describe is predicated on a mismatch between the Identity information provided in the SIP request and the (assumed) identity of the SDP in an offer, thus the SIP requests are indeed very relevant to the discussion.
> I see your point below.  I missed the bit in RFC 8224 where it has to be a request. I was concentrating on the properties of the assertions, not the protocol integration.  I agree that it's important.
>
> If 3PCC as described in RFC 3725 never produces a scenario where a request is bound to valid SDP, then 8224 + 3725 won't ever intersect.  Looking again with that constraint in mind (that it has to be a request), I see no scenario where 8224 and 3725 could be used together unless the controller is also the authorization service.  That arrangement would rule the controller out as an attacker we care about, because it has to be trusted by definition.   (More below.)
Agreed.
> This doesn't invalidate the other aspects of the attack, just that this attack isn't valid when both 8224 and 3725 are used.  SIP identity can be used on calls without 3PCC and the text here applies to those uses.
With the clarificiations discussed in mind, I'll take another look at 
the update for the chair comments you referred me to separately 
(https://martinthomson.github.io/sdp-uks/chair-review/draft-ietf-mmusic-sdp-uks.html)

>    Or 3PCC can be used without SIP identity (maybe the WebRTC identity is used) and the attack would be relevant.
Can WebRTC identity be used with regular SIP ? That's not the impression 
I got from 
https://tools.ietf.org/html/draft-ietf-rtcweb-security-arch-18 (where 
WebRTC identity is defined), nor do I think it should be since that would:
a) Be redundant with the SIP Identiy information defined in RFC 8224 and 
hence require further treatment in terms of how you deal with 
discrepancies between the two.
b) Conflate session signaling (SIP) with media signaling (SDP).

In any case, this is probably something that should be clarified in 
draft-ietf-rtcweb-security-arch-18 (might as well do that now, since you 
will ultimately get an SDP designated expert review from me on that one 
that will ask the same).

>
> It might be good to categorically say that 3PCC - as described in RFC 3725 - is incompatible with RFC 8224.  Would that help clarify this bit?
>
I believe so.
> On the specific flows:
>
> Flow I might work if the controller was the Authorization Service for A.  Or the controller was between A and its Authorization Service.
> Flow II only works if the controller is the Authorization Service for both A and B.
> Flows III and IV might work if the controller was the Authorization Service for B.  Or the controller was between B and its Authorization Service.
>
> I base this on the fact that any non-trivial offers only appear in 200 responses.  So the first place that the message appears in a request is at the controller.  This puts the controller on a "trusted" segment of the signaling path.
Agree, which again goes against the premise of the attack and hence 
supports your suggestion above about 3PCC and RFC 8224 being 
incompatible, and hence the attack scenario not being applicable to 3PCC.

Thanks

-- Flemming

> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
> .
>