IETF Logo Mail Archive

Re: [P2PSIP] Abusive and trustable peers and clients

Rubén Cuevas Rumín <rcuevas@it.uc3m.es> Mon, 19 November 2007 16:13 UTC

Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iu9Fz-0007JG-PA; Mon, 19 Nov 2007 11:13:55 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iu9Fy-00077J-BW for p2psip@lists.ietf.org; Mon, 19 Nov 2007 11:13:54 -0500
Received: from smtp01.uc3m.es ([163.117.176.131] helo=smtp.uc3m.es) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Iu9Fu-0004zL-Hy for p2psip@lists.ietf.org; Mon, 19 Nov 2007 11:13:54 -0500
Received: from [163.117.139.215] (unknown [163.117.139.215])by smtp.uc3m.es (Postfix) with ESMTP id 6B2AB243C87; Mon, 19 Nov 2007 17:13:49 +0100 (CET)
Message-ID: <4741B64A.9020208@it.uc3m.es>
Date: Mon, 19 Nov 2007 17:14:02 +0100
From: Rubén Cuevas Rumín <rcuevas@it.uc3m.es>
Organization: Departamento Ingeniería Telemática. Universidad Carlos III de Madrid
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Henry Sinnreich <hsinnrei@adobe.com>
Subject: Re: [P2PSIP] Abusive and trustable peers and clients
References: <473C730E.1080004@it.uc3m.es><618e24240711150935v6164ae0lf7bede7 e06770c99@mail.gmail.com><473D684A.1060502@it.uc3m.es><4d4304a00711160658h 5 3e725a9tf98018d86353a944@mail.gmail.com><473DC47C.5030003@it.uc3m.es><24C CC C428EFEA2469BF046DB3C7A8D223AE2F0@namail5.corp.adobe.com><20071117173115 .1C 3D933C21@delta.rtfm.com><24CCCC428EFEA2469BF046DB3C7A8D223AE2FC@namail5 .cor p.adobe.com><077f01c82abf$f11d0470$6601a8c0@china.huawei.com> <24CCCC428EFEA2469BF046DB3C7A8D223AE306@namail5.corp.adobe.com>
In-Reply-To: <24CCCC428EFEA2469BF046DB3C7A8D223AE306@namail5.corp.adobe.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
X-imss-version: 2.049
X-imss-result: Passed
X-imss-scanInfo: M:B L:E SM:2
X-imss-tmaseResult: TT:1 TS:-17.5998 TC:1F TRN:56 TV:5.0.1023(15556.000)
X-imss-scores: Clean:100.00000 C:0 M:0 S:0 R:0
X-imss-settings: Baseline:1 C:1 M:1 S:1 R:1 (0.0000 0.0000)
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.9 (-)
X-Scan-Signature: a2c12dacc0736f14d6b540e805505a86
Cc: p2psip@lists.ietf.org
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Errors-To: p2psip-bounces@ietf.org


Henry Sinnreich escribió:
> Spencer,
>
> Thanks for the question!
> The section is actually: "4.1.1.  Public P2P VoIP Service Providers".
>
> As mentioned, why can encryption and signing of the software in the
> device or endpoint work only for a proprietary protocol like Skype and
> not for P2PSIP, even when the SW is OS?
>   
In this case I agree with Eric. He possed some argument I support. I 
would like to add a new argument.

We are trying to standarize a p2psip protocol. However, if latter we are 
going to allow every ISP or other company using their own p2psip overlay
to encrypt and obfuscate the code we cannot assure if this code is or 
not compliant with the defined standard. Then the standard would not be 
anymore
an standard but a set of rule to follow.

And now imagine two different ISPs deploy their softwares and encrypt 
them and at some point the want to make inter-domain communications, if 
they are
using different encryption schemes (and what would be worse, they have 
slightly modified the standard) how their clients are going to communicate?.

I think encryption/obfuscation works for private solution as Skype, but 
IMO is an error consider this as part of a standard protocol.

What do you think?

Rubén.


> Henry
>
> -----Original Message-----
> From: Spencer Dawkins [mailto:spencer@mcsr-labs.org] 
> Sent: Monday, November 19, 2007 9:22 AM
> To: p2psip@lists.ietf.org
> Subject: Re: [P2PSIP] Abusive and trustable peers and clients
>
>   
>>>> trustable nodes must have the software encrypted and signed by a
>>>> central authority
>>>>         
>
>   
>>> How do you propose that other nodes determine whether a peer is
>>> running such software?
>>>       
>
>   
>> My assumption is the p2p overlay is run by an owner with a vested
>> interest of protecting the overlay, just like Skype does.
>>     
>
> I note that 
> http://tools.ietf.org/wg/p2psip/draft-bryan-p2psip-app-scenarios-00.txt 
> explicitly calls this application scenario out in Section 4.4.1 (and the
>
> associated attributes in Table 1).
>
> The authors of this draft would love to see some discussion of this 
> particular scenario on-list, since it seems that some people are
> assuming 
> this scenario while others are assuming other scenarios.
>
> And if we can't frame the discussion in a specific scenario, this turns
> into 
> a "baby beauty contest" where everyone says "MY baby is the most 
> beautiful"...
>
> Thanks,
>
> Spencer 
>
>
>
> _______________________________________________
> P2PSIP mailing list
> P2PSIP@ietf.org
> https://www1.ietf.org/mailman/listinfo/p2psip
>
> _______________________________________________
> P2PSIP mailing list
> P2PSIP@ietf.org
> https://www1.ietf.org/mailman/listinfo/p2psip
>   

_______________________________________________
P2PSIP mailing list
P2PSIP@ietf.org
https://www1.ietf.org/mailman/listinfo/p2psip

v2.23.0 | Report a Bug | By Email