Re: [P2PSIP] Signature validation for TURN-SERVICE kind
Bruce Lowekamp <bbl@lowekamp.net> Sat, 23 July 2011 19:03 UTC
Return-Path: <bbl@lowekamp.net>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FF3921F86BC for <p2psip@ietfa.amsl.com>; Sat, 23 Jul 2011 12:03:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.077
X-Spam-Level:
X-Spam-Status: No, score=-2.077 tagged_above=-999 required=5 tests=[AWL=0.900, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bTPbk2XC0zx2 for <p2psip@ietfa.amsl.com>; Sat, 23 Jul 2011 12:03:49 -0700 (PDT)
Received: from mail-ey0-f176.google.com (mail-ey0-f176.google.com [209.85.215.176]) by ietfa.amsl.com (Postfix) with ESMTP id 8654421F853B for <p2psip@ietf.org>; Sat, 23 Jul 2011 12:03:49 -0700 (PDT)
Received: by eya28 with SMTP id 28so3366403eya.21 for <p2psip@ietf.org>; Sat, 23 Jul 2011 12:03:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.14.119.136 with SMTP id n8mr985832eeh.30.1311447827349; Sat, 23 Jul 2011 12:03:47 -0700 (PDT)
Received: by 10.14.127.13 with HTTP; Sat, 23 Jul 2011 12:03:47 -0700 (PDT)
In-Reply-To: <4E2B172E.5020906@acm.org>
References: <4E2317B6.4090901@acm.org> <CAEOK=o=dW=GQR+D0B1NSm0wHYe30fv5Q9sXdrhCwAvSYZQ0zjg@mail.gmail.com> <4E29DF8E.2050403@acm.org> <CAEOK=ok_qofYvNG256uCBFeOzXeBQ0VhBaDBCWf04Mz_QhQFkg@mail.gmail.com> <4E29E482.3060506@acm.org> <4E2B172E.5020906@acm.org>
Date: Sat, 23 Jul 2011 15:03:47 -0400
Message-ID: <CAEOK=onnWcwEAYaW3hAiPkBjB50fGLfkR4qjiNEpMUaVsLBNJw@mail.gmail.com>
From: Bruce Lowekamp <bbl@lowekamp.net>
To: Marc Petit-Huguenin <petithug@acm.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: P2PSIP WG <p2psip@ietf.org>
Subject: Re: [P2PSIP] Signature validation for TURN-SERVICE kind
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jul 2011 19:03:50 -0000
On Sat, Jul 23, 2011 at 2:47 PM, Marc Petit-Huguenin <petithug@acm.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 07/22/2011 10:58 PM, Marc Petit-Huguenin wrote: >> On 07/22/2011 01:48 PM, Bruce Lowekamp wrote: >>> On Fri, Jul 22, 2011 at 4:37 PM, Marc Petit-Huguenin <petithug@acm.org> wrote: >>> On 07/22/2011 01:32 PM, Bruce Lowekamp wrote: >>>>>> >From 5.3.4: >>>>>> >>>>>> The certificates bucket SHOULD contain all the certificates necessary >>>>>> to verify every signature in both the message and the internal >>>>>> message objects. This is the only location in the message which >>>>>> contains certificates, thus allowing for only a single copy of each >>>>>> certificate to be sent. In systems which have some alternate >>>>>> certificate distribution mechanism, some certificates MAY be omitted. >>>>>> However, implementors should note that this creates the possibility >>>>>> that messages may not be immediately verifiable because certificates >>>>>> must first be retrieved. >>>>>> >>>>>> >>>>>> This implies that a TURN-SERVICE implementation caches the >>>>>> certificates needed for replication. Will add a note to the >>>>>> TURN-SERVICE description for clarification. >> >>> OK, but isn't this true also for all other kinds that do not use USER-MATCH or >>> NODE-MATCH? >> >> >>>> Yes, since 5.3.4 is the definition of the basic SecurityBlock, it >>>> applies to anything using the protocol. Though I would expect such >>>> usages to be rare. >> >> Well, in addition to the TURN-SERVICE kind, all the kinds defined as Shared >> resource (draft-knauf-p2psip-share), the VIPR kind and the ReDir kind. That's >> not rare. >> >>> Do you have any suggestions for how/where to >>>> clarify this point? >> >> IMO, it should be required that each peer stores all the certificates needed to >> verify all the stored values at this peer. When replicating the stored values, >> the peer must also send the matching certificates in the GenericCertificate >> field of the SecurityBlock request. > > If should be also required that a Fetch returns in the SecurityBlock all the > certificates for all the StoredValue it will return. With this the > CERTIFICATE_BY_NODE and CERTIFICATE_BY_USER kinds are redundant and can be > removed from the spec. > This is already covered by 5.3.4. As agreed earlier, we will clarify it. Since the two certificate usages aren't really intended to be used to validate messages, I don't see a reason to remove them here. Bruce >> >>> If we add a sentence in 5.3.4 and one with >>>> TURN-SERVICE, I think that will cover anyone reading the spec >>>> thoroughly and anyone just looking at TURN-SERVICE as an example usage >>>> while writing another. >> >>>> Bruce >> >> >> >>>>>> >>>>>> Bruce >>>>>> >>>>>> >>>>>> >>>>>> On Sun, Jul 17, 2011 at 1:11 PM, Marc Petit-Huguenin <petithug@acm.org> wrote: >>>>>> When storing a TURN-SERVICE kind, the storing peer cannot count on having the >>>>>> certificate used to sign the value available locally, because the >>>>>> CERTIFICATE_BY_NODE and CERTIFICATE_BY_USER kinds will be stored in a different >>>>>> peer. >>>>>> >>>>>> Is the intent that the storing peer remotely fetch the certificate for the >>>>>> validation or should it fail when the certificate is not sent in the >>>>>> certificates field of the SecurityBlock? >>>>>> >>>>>> Note that if the request should fail, then it is a problem with replications as >>>>>> there is very little chance to have the right certificate in the SecurityBlock >>>>>> when the value is replicated. >>>>>> > > - -- > Marc Petit-Huguenin > Personal email: marc@petit-huguenin.org > Professional email: petithug@acm.org > Blog: http://blog.marc.petit-huguenin.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iEYEARECAAYFAk4rFysACgkQ9RoMZyVa61cnoACdEqchCvjXnTAFAPSzrWv8Z2TW > 2uAAnAxG+SD6/d7JyUvpGyXIqqVV0SNw > =/W+3 > -----END PGP SIGNATURE----- >
- [P2PSIP] Signature validation for TURN-SERVICE ki… Marc Petit-Huguenin
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Bruce Lowekamp
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Marc Petit-Huguenin
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Bruce Lowekamp
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Marc Petit-Huguenin
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Marc Petit-Huguenin
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Bruce Lowekamp
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Marc Petit-Huguenin
- Re: [P2PSIP] Signature validation for TURN-SERVIC… Bruce Lowekamp