IETF Logo Mail Archive

Re: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)

"Paul E. Jones" <paulej@packetizer.com> Wed, 05 June 2019 22:37 UTC

Return-Path: <paulej@packetizer.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E89A120043; Wed, 5 Jun 2019 15:37:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jZAy8_tCfsEB; Wed, 5 Jun 2019 15:37:50 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [IPv6:2600:1f18:24d6:2e01:e842:9b2b:72a2:d2c6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5484120025; Wed, 5 Jun 2019 15:37:49 -0700 (PDT)
Received: from authuser (localhost [127.0.0.1])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1559774265; bh=1GYHGbijUbwMuAcfQMMS+2AsZDtg8r5ON2mhzvIljAw=; h=From:To:Subject:Cc:Date:In-Reply-To:References:Reply-To; b=iiBXBCNlAKO1QZXZ5NAWFvNr4imnMkw8vkDFxPDii+Y3EfmpNL9Tq6Qlj3o5Uqss4 6bpn72X67mqdyHFoGtROwmX2fbJEtuYPsneDG04rjiDjCoGc3NP3vjMnLZrIADJDzR BZZcELJ4vYVMNGpiuxMfQH4sj5sZiME4ADjfdgxY=
From: "Paul E. Jones" <paulej@packetizer.com>
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
Cc: "nohlmeier@mozilla.com" <nohlmeier@mozilla.com>, "draft-ietf-perc-private-media-framework@ietf.org" <draft-ietf-perc-private-media-framework@ietf.org>, "perc@ietf.org" <perc@ietf.org>, "perc-chairs@ietf.org" <perc-chairs@ietf.org>
Date: Wed, 05 Jun 2019 22:37:42 +0000
Message-Id: <emb430dee6-aacd-462a-99a4-41b96c6ad4a8@sydney>
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFC01B3385357@marathon>
References: <155797155680.30599.3634623355394252682.idtracker@ietfa.amsl.com> <em037e7ce0-3675-4952-89e2-27bc8a163694@sydney> <359EC4B99E040048A7131E0F4E113AFC01B3385357@marathon>
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
User-Agent: eM_Client/7.2.35595.0
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="------=_MB177A639F-14C3-4161-A72A-0BEF028227BB"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/DTAnzIPJvQRdKwqyPzS6t5DrwRM>
Subject: Re: [Perc] Roman Danyliw's Discuss on draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2019 22:37:55 -0000

Roman,

Thanks for the reply.  I made the change as you suggested below and 
published a new version:
https://tools.ietf.org/html/draft-ietf-perc-private-media-framework-12

Let me know if there are any other changes you feel should be made.

Thanks!
Paul

------ Original Message ------
From: "Roman Danyliw" <rdd@cert.org>
To: "Paul E. Jones" <paulej@packetizer.com>; "The IESG" <iesg@ietf.org>
Cc: "nohlmeier@mozilla.com" <nohlmeier@mozilla.com>; 
"draft-ietf-perc-private-media-framework@ietf.org" 
<draft-ietf-perc-private-media-framework@ietf.org>; "perc@ietf.org" 
<perc@ietf.org>; "perc-chairs@ietf.org" <perc-chairs@ietf.org>
Sent: 6/5/2019 4:41:16 PM
Subject: RE: [Perc] Roman Danyliw's Discuss on 
draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)

>Hi Paul!
>
>
>
>Sorry for the delay!
>
>
>
>From: iesg [mailto:iesg-bounces@ietf.org] On Behalf Of Paul E. Jones
>Sent: Thursday, May 16, 2019 9:14 PM
>To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org>
>Cc:nohlmeier@mozilla.com; 
>draft-ietf-perc-private-media-framework@ietf.org; perc@ietf.org; 
>perc-chairs@ietf.org
>Subject: Re: [Perc] Roman Danyliw's Discuss on 
>draft-ietf-perc-private-media-framework-10: (with DISCUSS and COMMENT)
>
>
>
>Roman,
>
>
>
>Thanks for reviewing the text.  Please see comments below:
>
>
>
>>----------------------------------------------------------------------
>>
>>DISCUSS:
>>
>>----------------------------------------------------------------------
>>
>>
>>
>>I support Magnus’s DISCUSS about the need to further discuss the 
>>impact of a
>>
>>compromised/rogue end-point. In addition to the impersonation of 
>>others in the
>>
>>conference, I am wondering about the impact (perhaps a DoS?) of rogue 
>>client
>>
>>flooding the conference with EKT Key updates.
>>
>>
>>
>ACK; will continue to work with Magnus on this.
>
>
>
>[Roman] The new language in -11 addressed my concerns.  Thank you for 
>this new, robust text.
>
>
>
>>----------------------------------------------------------------------
>>
>>COMMENT:
>>
>>----------------------------------------------------------------------
>>
>>
>>
>>(1) Section 1. Per “Virtualized public cloud environments have been 
>>viewed as
>>
>>less secure since resources are not always physically controlled by 
>>those who
>>
>>use them and since there are usually several ports open to the public. 
>>This
>>
>>document aims to improve security so as to lower the barrier to taking
>>
>>advantage of those environments”, I stumbled over these sentences. 
>>Improve
>>
>>security relative to what – self hosted environments? Is the security 
>>target
>>
>>have fewer open ports and secure in the face of an adversary with 
>>physical
>>
>>access to the system? The latter seems like a very high bar and the
>>
>>corresponding Security Considerations doesn’t seem to rise to that.
>>
>
>
>Improved security relative to traditional switching conferencing 
>platforms wherein there is a media function running on those 
>virtualized hardware platforms holding the keys to encrypt and decrypt 
>media.
>
>
>
>The number of open ports really doesn't make much difference, but I 
>think whoever crafted that text originally meant to emphasize how 
>porous those platforms can be. I think we could remove the bit about 
>the open ports and it would still convey the intended meaning. Want me 
>to do that?
>
>
>
>[Roman] I get the idea of being porous, but yes, could you please 
>remove the this language about ports.
>
>
>
>With PERC, an adversary could do anything with the middlebox (even if 
>running in that cloud environment) and the confidentiality of the 
>conference would not be compromised. (PERC does not thwart DOS attacks, 
>but that's not an objective.)
>
>
>
>How would you suggest we make that clearer?
>
>
>
>[Roman] My concern with clauses that suggest resistant to an adversary 
>with physical access to the system is discussing attacks things need to 
>be resistant to attacks where full memory can be dumped or inline 
>hardware can be inserted.  However, put in more limited context as you 
>state, I see what you mean.  No concern now.  Thanks.
>
>
>>(2) Section 6.1. “Endpoints have to retain old keys for a period of 
>>time to
>>
>>ensure they can properly decrypt late-arriving or out-of-order 
>>packets” seems
>>
>>to restate what is stated in 4.5.2 using RFC2119 language. Here 
>>“endpoints
>>
>>have to retain”. In Section 4.5.2, “endpoints SHOULD retain”. Which 
>>one is
>>
>>correct?
>>
>
>
>"have to" wasn't intended to be normative. The purpose of the sentence 
>was really to remind readers that there might be quite a few keys held 
>at any given point in time, especially when the conference is rekeyed. 
>But, I can see that wasn't clear. How about this text?
>
>
>
>Complicating key management is the fact that the KEK can change and, 
>when
>
>it does, the Endpoints generate new SRTP master keys that are 
>associated with
>
>a new EKT SPI. Endpoints might retain old keys for a period of time to
>
>ensure they can properly decrypt late-arriving or out-of-order packets, 
>which
>
>means the number of keys held during that period of time might 
>substantially
>
>more.
>
>
>
>[Roman]  Looks good.  Thank you for this new language.
>
>
>
>>(3) Section 8.1. Per “Off-path attackers could try connecting to 
>>different PERC
>>
>>entities and send specifically crafted packets”, could you be more 
>>specific on
>>
>>the threat. Is this something different than any service being exposed 
>>on the
>>
>>Internet?
>>
>
>
>This is saying that it's not possible for an attacker to send packets 
>of any form that could be misconstrued to be valid media that needs to 
>be forwarded or rendered since packets are authenticated before 
>consumption. (It doesn't prevent a DoS attack, but that's covered in 
>subsequent paragraphs.) But, I can see how this might not make sense. I 
>think a few more words are needed. How is this?
>
>
>
>Off-path attackers could try connecting to different PERC entities to
>send specifically crafted packets with an aim of forcing the receiver 
>to
>forward or render bogus media packets.  Endpoints and Media 
>Distributors
>
>mitigate such an attack by performing hop-by-hop authentication and
>
>discarding packets that fail authentication.
>
>
>
>[Roman]  That’s more precise.  Thank you for this new language.
>
>
>
>>(4) Editorial Nits:
>>
>>** Section 3. Typo. s/the the/the/
>>
>>
>>
>
>
>Oh! An easy one! :)
>
>
>
>I made those changes above to my local copy, but I'm happy to make 
>additional changes as you suggest if the text still isn't clear.
>
>
>
>Thanks!
>
>Paul
>
>
>

v2.23.0 | Report a Bug | By Email