Re: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)
Roman Danyliw <rdd@cert.org> Wed, 05 June 2019 20:41 UTC
Return-Path: <rdd@cert.org>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B04412027D; Wed, 5 Jun 2019 13:41:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wG0Dg3Dn-OJd; Wed, 5 Jun 2019 13:41:23 -0700 (PDT)
Received: from veto.sei.cmu.edu (veto.sei.cmu.edu [147.72.252.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8DF912019C; Wed, 5 Jun 2019 13:41:22 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by veto.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x55KfKjR004220; Wed, 5 Jun 2019 16:41:21 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu x55KfKjR004220
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1559767281; bh=dzu0Ua2tpTFbpYXTpM2AfzbDtXtGnBcTLlmePGeQbjI=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=Jwv5ZazzcvFsMTxyUOnqvmAUBodaPLVhO2g9RXlh1gokF0CUjkuLUCrqxPsf2cHsT jaOLCjBJT2h+s1+88pn7PrZXsGXslTpQc94BHRsVoM9HnYOUnwX1YLEt+0s5IAH+HT y8ZlI8tR662CzdAOBJyYwCEr/Q81tWHOA56yGEtI=
Received: from CASSINA.ad.sei.cmu.edu (cassina.ad.sei.cmu.edu [10.64.28.249]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x55KfHHU009267; Wed, 5 Jun 2019 16:41:17 -0400
Received: from MARATHON.ad.sei.cmu.edu ([10.64.28.250]) by CASSINA.ad.sei.cmu.edu ([10.64.28.249]) with mapi id 14.03.0439.000; Wed, 5 Jun 2019 16:41:17 -0400
From: Roman Danyliw <rdd@cert.org>
To: "Paul E. Jones" <paulej@packetizer.com>, The IESG <iesg@ietf.org>
CC: "nohlmeier@mozilla.com" <nohlmeier@mozilla.com>, "draft-ietf-perc-private-media-framework@ietf.org" <draft-ietf-perc-private-media-framework@ietf.org>, "perc@ietf.org" <perc@ietf.org>, "perc-chairs@ietf.org" <perc-chairs@ietf.org>
Thread-Topic: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)
Thread-Index: AQHVC4oNWs1SsU32Y0aQQuQRYnDJUKZux7CAgB6rnGA=
Date: Wed, 05 Jun 2019 20:41:16 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01B3385357@marathon>
References: <155797155680.30599.3634623355394252682.idtracker@ietfa.amsl.com> <em037e7ce0-3675-4952-89e2-27bc8a163694@sydney>
In-Reply-To: <em037e7ce0-3675-4952-89e2-27bc8a163694@sydney>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.22.6]
Content-Type: multipart/alternative; boundary="_000_359EC4B99E040048A7131E0F4E113AFC01B3385357marathon_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/9IBB66saE_LIro0c4floL6IXAus>
Subject: Re: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2019 20:41:30 -0000
Hi Paul! Sorry for the delay! From: iesg [mailto:iesg-bounces@ietf.org] On Behalf Of Paul E. Jones Sent: Thursday, May 16, 2019 9:14 PM To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org> Cc: nohlmeier@mozilla.com; draft-ietf-perc-private-media-framework@ietf.org; perc@ietf.org; perc-chairs@ietf.org Subject: Re: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT) Roman, Thanks for reviewing the text. Please see comments below: ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I support Magnus’s DISCUSS about the need to further discuss the impact of a compromised/rogue end-point. In addition to the impersonation of others in the conference, I am wondering about the impact (perhaps a DoS?) of rogue client flooding the conference with EKT Key updates. ACK; will continue to work with Magnus on this. [Roman] The new language in -11 addressed my concerns. Thank you for this new, robust text. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- (1) Section 1. Per “Virtualized public cloud environments have been viewed as less secure since resources are not always physically controlled by those who use them and since there are usually several ports open to the public. This document aims to improve security so as to lower the barrier to taking advantage of those environments”, I stumbled over these sentences. Improve security relative to what – self hosted environments? Is the security target have fewer open ports and secure in the face of an adversary with physical access to the system? The latter seems like a very high bar and the corresponding Security Considerations doesn’t seem to rise to that. Improved security relative to traditional switching conferencing platforms wherein there is a media function running on those virtualized hardware platforms holding the keys to encrypt and decrypt media. The number of open ports really doesn't make much difference, but I think whoever crafted that text originally meant to emphasize how porous those platforms can be. I think we could remove the bit about the open ports and it would still convey the intended meaning. Want me to do that? [Roman] I get the idea of being porous, but yes, could you please remove the this language about ports. With PERC, an adversary could do anything with the middlebox (even if running in that cloud environment) and the confidentiality of the conference would not be compromised. (PERC does not thwart DOS attacks, but that's not an objective.) How would you suggest we make that clearer? [Roman] My concern with clauses that suggest resistant to an adversary with physical access to the system is discussing attacks things need to be resistant to attacks where full memory can be dumped or inline hardware can be inserted. However, put in more limited context as you state, I see what you mean. No concern now. Thanks. (2) Section 6.1. “Endpoints have to retain old keys for a period of time to ensure they can properly decrypt late-arriving or out-of-order packets” seems to restate what is stated in 4.5.2 using RFC2119 language. Here “endpoints have to retain”. In Section 4.5.2, “endpoints SHOULD retain”. Which one is correct? "have to" wasn't intended to be normative. The purpose of the sentence was really to remind readers that there might be quite a few keys held at any given point in time, especially when the conference is rekeyed. But, I can see that wasn't clear. How about this text? Complicating key management is the fact that the KEK can change and, when it does, the Endpoints generate new SRTP master keys that are associated with a new EKT SPI. Endpoints might retain old keys for a period of time to ensure they can properly decrypt late-arriving or out-of-order packets, which means the number of keys held during that period of time might substantially more. [Roman] Looks good. Thank you for this new language. (3) Section 8.1. Per “Off-path attackers could try connecting to different PERC entities and send specifically crafted packets”, could you be more specific on the threat. Is this something different than any service being exposed on the Internet? This is saying that it's not possible for an attacker to send packets of any form that could be misconstrued to be valid media that needs to be forwarded or rendered since packets are authenticated before consumption. (It doesn't prevent a DoS attack, but that's covered in subsequent paragraphs.) But, I can see how this might not make sense. I think a few more words are needed. How is this? Off-path attackers could try connecting to different PERC entities to send specifically crafted packets with an aim of forcing the receiver to forward or render bogus media packets. Endpoints and Media Distributors mitigate such an attack by performing hop-by-hop authentication and discarding packets that fail authentication. [Roman] That’s more precise. Thank you for this new language. (4) Editorial Nits: ** Section 3. Typo. s/the the/the/ Oh! An easy one! :) I made those changes above to my local copy, but I'm happy to make additional changes as you suggest if the text still isn't clear. Thanks! Paul
- [Perc] Roman Danyliw's Discuss on draft-ietf-perc… Roman Danyliw via Datatracker
- Re: [Perc] Roman Danyliw's Discuss on draft-ietf-… Paul E. Jones
- Re: [Perc] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
- Re: [Perc] Roman Danyliw's Discuss on draft-ietf-… Paul E. Jones