Re: [Perc] Mirja Kühlewind's No Objection on draft-ietf-perc-private-media-framework-10: (with COMMENT)
"Paul E. Jones" <paulej@packetizer.com> Tue, 14 May 2019 23:53 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20F0D1200B9; Tue, 14 May 2019 16:53:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JkcSt0Yg8Amb; Tue, 14 May 2019 16:53:10 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [IPv6:2600:1f18:24d6:2e01:e842:9b2b:72a2:d2c6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68992120099; Tue, 14 May 2019 16:53:10 -0700 (PDT)
Received: from authuser (localhost [127.0.0.1])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1557877987; bh=Ith+RrWSWgm/iwUjIeqEgiieucPX0O7LbmvpdxaUptg=; h=From:To:Subject:Cc:Date:In-Reply-To:References:Reply-To; b=jY0ott+vYhhzbn7z8vwOxYjEF+ljCbc/LDz9r/SiX06VCPpiLeG+Sphuc0UVIYZBQ C0uO4lPXASUUYUjP46+HN0qlj6NMPU6IXd1MjNrpFzfnLrGBZSZUXpOsJuRdIy5lyI RmzYOpWdt/0yDr4E8tE7rATBa7Vs3P+ke6Mbxdrs=
From: "Paul E. Jones" <paulej@packetizer.com>
To: Mirja Kühlewind <ietf@kuehlewind.net>, The IESG <iesg@ietf.org>, Vincent Roca <vincent.roca@inria.fr>
Cc: nohlmeier@mozilla.com, perc-chairs@ietf.org, perc@ietf.org, draft-ietf-perc-private-media-framework@ietf.org
Date: Tue, 14 May 2019 23:53:01 +0000
Message-Id: <em77bec8ca-0abf-45e5-bf1c-0a975fefd263@sydney>
In-Reply-To: <155783232725.24983.15618364117059610299.idtracker@ietfa.amsl.com>
References: <155783232725.24983.15618364117059610299.idtracker@ietfa.amsl.com>
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
User-Agent: eM_Client/7.2.34711.0
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="------=_MB658C011C-613E-4824-9638-C2AB7BEB34D8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/perc/HNv-1YbZIkdoF_0_OH-bDywWEnk>
Subject: Re: [Perc] Mirja Kühlewind's No Objection on draft-ietf-perc-private-media-framework-10: (with COMMENT)
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2019 23:53:14 -0000
Mirja,
Yeah, that is valid point. We mentioned a time or two in the document
how important it is to secure the Key Distributor, but explicit text
that discusses that further might be appropriate here. I've copied
Vincent for his input, too, since he did have comments on other parts of
the Security Considerations section.
I made a first draft of a new section. I pasted it below. Please let
me know what you think.
Thanks,
Paul
8.3. Key Distributor Attacks
As stated in Section 3.2.2, the Key Distributor needs to be secured
since exploiting the Key Server can allow an adversary to gain access
to the keying material for one or more conferences. Having access to
that keying material would then allow the adversary to decrypt media
sent from any endpoint in the conference.
As a first line of defense, the Key Distributor authenticates every
security association, both associations with endpoints and Media
Distributors. The Key Distributor knows which entities are
authorized to have access to which keys and inspection of
certificates will substantially reduce the risk of providing keys to
an adversary.
Both physical and network access to the Key Distributor should be
severely restricted. This may be more difficult to achieve when the
Key Distributor is embedded within and endpoint, for example.
Nonetheless, consideration should be given to shielding the Key
Distributor from unauthorized access or any access that is not
strictly necessary for the support of an ongoing conference.
Consideration should be given to whether access to the keying
material will be needed beyond the conclusion of a conference. If
not needed, the Key Distributor's policy should be to destroy the
keying material once the conference concludes or when keying material
changes during the course of the conference. If keying material is
needed beyond the lifetime of the conference, further consideration
should be given to protecting keying material from future exposure.
While it might be obvious, it is worth stating to avoid any doubt
that if an adversary were to record the media packets transmitted
during a conference and then gain unauthorized access to the keying
material left unsecured on the Key Distributor even years later, the
adversary could decrypt the content every packet transmitted during
the conference.
------ Original Message ------
From: "Mirja Kühlewind via Datatracker" <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: nohlmeier@mozilla.com; perc-chairs@ietf.org; perc@ietf.org;
draft-ietf-perc-private-media-framework@ietf.org
Sent: 5/14/2019 7:12:07 AM
Subject: [Perc] Mirja Kühlewind's No Objection on
draft-ietf-perc-private-media-framework-10: (with COMMENT)
>Mirja Kühlewind has entered the following ballot position for
>draft-ietf-perc-private-media-framework-10: No Objection
>
>When responding, please keep the subject line intact and reply to all
>email addresses included in the To and CC lines. (Feel free to cut this
>introductory paragraph, however.)
>
>
>Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>for more information about IESG DISCUSS and COMMENT positions.
>
>
>The document, along with other ballot positions, can be found here:
>https://datatracker.ietf.org/doc/draft-ietf-perc-private-media-framework/
>
>
>
>----------------------------------------------------------------------
>COMMENT:
>----------------------------------------------------------------------
>
>Thanks for this well-written document.
>
>Regarding the security considerations, I would think that the Key Distributor
>is actually sometime like a central attack point, however, I don't think that
>is really discussed in the security considerations section. Would it make sense
>to add some more words there?
>
>
>_______________________________________________
>Perc mailing list
>Perc@ietf.org
>https://www.ietf.org/mailman/listinfo/perc
- [Perc] Mirja Kühlewind's No Objection on draft-ie… Mirja Kühlewind via Datatracker
- Re: [Perc] Mirja Kühlewind's No Objection on draf… Paul E. Jones