IETF Logo Mail Archive

Re: [rtcweb] SDP directorate review of SDP Identity attribute (draft-ietf-rtcweb-security-arch-14)

Christer Holmberg <christer.holmberg@ericsson.com> Wed, 11 July 2018 09:23 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D151130EEC for <rtcweb@ietfa.amsl.com>; Wed, 11 Jul 2018 02:23:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SQ71cDh0EsLE for <rtcweb@ietfa.amsl.com>; Wed, 11 Jul 2018 02:23:48 -0700 (PDT)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FB48130E20 for <rtcweb@ietf.org>; Wed, 11 Jul 2018 02:23:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1531301024; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=XeM6fKeeVwyHk//KwGajarD5sFWsLTG4LKJNYLJPpvY=; b=BVeZPdA9qbUy3D7wxT8h/01gdU0bCZ3czll/Wg5p83db5unvSCwwwot8fsIIQiLx Nx0zSKufAezgIIYPbiro5TjoC8UJD2WuZK+UuL1GUwSoZPQnaDqjyEyyF8h1IGtS eD+qLUDVEscRxvyrYjG8ELAHpsXsG44RRNJpXVwqCuk=;
X-AuditID: c1b4fb30-93dff70000000a77-dd-5b45cca0ac8f
Received: from ESESBMB504.ericsson.se (Unknown_Domain [153.88.183.117]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 1B.34.02679.0ACC54B5; Wed, 11 Jul 2018 11:23:44 +0200 (CEST)
Received: from ESESBMB503.ericsson.se (153.88.183.170) by ESESBMB504.ericsson.se (153.88.183.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Wed, 11 Jul 2018 11:23:44 +0200
Received: from ESESBMB503.ericsson.se ([153.88.183.186]) by ESESBMB503.ericsson.se ([153.88.183.186]) with mapi id 15.01.1466.003; Wed, 11 Jul 2018 11:23:43 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Martin Thomson <martin.thomson@gmail.com>
CC: RTCWeb IETF <rtcweb@ietf.org>, "sdp-directorate-private@ietf.org" <sdp-directorate-private@ietf.org>, "mmusic-chairs@ietf.org" <mmusic-chairs@ietf.org>, "rtcweb-chairs@ietf.org" <rtcweb-chairs@ietf.org>, Ben Campbell <ben@nostrum.com>
Thread-Topic: [rtcweb] SDP directorate review of SDP Identity attribute (draft-ietf-rtcweb-security-arch-14)
Thread-Index: AdPzN1wT5XjwzlheSrOwvOSQwMHuDgkDoskAAG8NVAA=
Date: Wed, 11 Jul 2018 09:23:43 +0000
Message-ID: <D76BA4B0.332D5%christer.holmberg@ericsson.com>
References: <7594FB04B1934943A5C02806D1A2204B72F048B9@ESESSMB109.ericsson.se> <CABkgnnXAhD_fCEhJJ0QgAzy7wGzy4t=s2xeEO5RKEHPUUuWCJg@mail.gmail.com>
In-Reply-To: <CABkgnnXAhD_fCEhJJ0QgAzy7wGzy4t=s2xeEO5RKEHPUUuWCJg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.7.7.170905
x-originating-ip: [153.88.183.157]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <44DE26DE1B8F844D9D555F0D8CE9810D@ericsson.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrGIsWRmVeSWpSXmKPExsUyM2J7qe6CM67RBks/6FrM7zzNbnHtzD9G i/M71zNZ9Ly9wWKx9l87u8XTRztYHNg8ds66y+6xZMlPJo9ZO5+wBDBHcdmkpOZklqUW6dsl cGVMn3aIseC0csWKzi9sDYyvZLoYOTkkBEwkni54ztrFyMUhJHCUUWLK3LcsIAkhgW+MEmsu 1kEkljFKbLt0g6mLkYODTcBCovufNkiNiICuxKKzD9hBbGaBL4wS5/+XgtjCArkS3U1fWSBq 8iR+vdgKZVtJzH97hgnEZhFQlbh3rZ0VxOYVsJbY9fk9M8SuKYwSNy5OBktwCgRKzN1xFqyZ UUBM4vupNUwQy8Qlbj2ZzwTxgYDEkj3nmSFsUYmXj/+B9YoK6ElsOHGbHSKuJLGldwtUr57E jalT2CBsa4nV7StZIGxtiWULXzNDHCQocXLmE5YJjBKzkKybhaR9FpL2WUjaZyFpX8DIuopR tDi1OCk33chIL7UoM7m4OD9PLy+1ZBMjMHYPbvltsIPx5XPHQ4wCHIxKPLzGm1yjhVgTy4or cw8xSnAwK4nwmk13iRbiTUmsrEotyo8vKs1JLT7EKM3BoiTOa+G3OUpIID2xJDU7NbUgtQgm y8TBKdXAyMxvIKKq9cGvTFnswr+vX6dXRnpVuDKmTZBUefjr+pGwi2sW6a6/fm2yltxqZpNK bzmRHRvr//8M3blnqlqMxW93nddTu2UXWVn+1qzdwKMjzFO8akHHU7a4o9vnZNyz1DJljD/2 ICxJcW+f7KZfs06I9XowPkzq9RXxXhAv+kuTx1DkmkqZEktxRqKhFnNRcSIAmQjYzNkCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/wGxxFP4S4LnRwx5wtKdQvn35Lfc>
Subject: Re: [rtcweb] SDP directorate review of SDP Identity attribute (draft-ietf-rtcweb-security-arch-14)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2018 09:23:51 -0000

Hi,

Some things are addressed by Martin¹s pull request, so I will focus on the
things that are not - or are, but that I think needs to be discussed on
the list.

>> Also, if the usage of the attribute is scoped to devices implementing
>>the WebRTC specification, that should be indicated.
>
>The mechanism isn't necessarily scoped to this particular usage
>domain.  I've proposed some text, but I don't think that it's
>necessary.  The use of JSON allows for many things, some of which
>might be extending this to other uses.

True. But we normally define the syntax what goes into an attribute.

The draft defines the JSON structure when the fingerprint is used.

If someone wants to use another JSON structure I think the draft should
say that the structure and associated procedures need to be specified.


>> Q4 (Attribute definition):
>> Historically there have been problems with the definitions of new SDP
>>attributes. Especially, the manner of defining the syntax was
>>inconsistent. RFC4566 gave insufficient guidance on how to do this.
>>draft-ietf-mmusic-rfc4566bis (especially section 8.2.4.1) has provided
>>more guidance on how to do this. Please do your definitions in that
>>style. For instance:
>
>How is the definition in the IANA considerations section insufficient?

In addition to the IANA considerations, there is a template for the
section defining the attribute.

See https://tools.ietf.org/html/draft-ietf-mmusic-mux-exclusive-12#page-3
for an example.

This has been driven very much by Paul K, so I assume he can give further
guidance.


>> Q5:
>> The draft says that, at minimum, the fingerprint needs to be bound to
>>the identity.
>>
>> First, I assume this means that, for each assertion, the associated SDP
>>fingerprint attribute must be included in the offer/answer. If so,
>>please include text about that..
>
>The text says:
>
>> The identity attribute attests to all "a=fingerprint" attributes in the
>>session description. It is therefore a session-level attribute.
>>
>> Multiple "a=fingerprint" values can be used to offer alternative
>>certificates for a peer.  The
>"a=identity" attribute MUST include all fingerprint values that are
>included in
>"a=fingerprint" lines.
>
>That would seem to be sufficient for this purpose.

I think my comment was unclear, so I will try to re-phrase.

The identity attribute will obviously include fingerprints. My point was
that each of those fingerprints must also be placed in a fingerprint
attribute.

>> Second, it would be good to indicate that, in the SDP, there is no link
>>between a given assertion and the associated fingerprint.
>
>I don't know what you are looking for here.  If you are saying that
>the SDP doesn't include a pointer from a=identity to a=fingerprint, or
>vice versa, that's right.

Correct, that¹s what I meant. One should e.g., not assume that the first
fingerprint attribute is linked to the first attribute listed in the
identity attribute, etc.

> But - as defined - a=identity includes ALL
>a=fingerprint instances, so any pointer would be redundant.

Correct.

What if a fingerprint does exist in the identity attribute, but there is
no associated fingerprint attribute? Should it be discarded?

And, what if there is a fingerprint attribute, but the value does not
exist in the identity attribute. In this case I guess we could simply say
that the identity has not been asserted for that fingerprint.

>> Q7:
>> Section 5.6.4.2 says:
>>   ³The semantics of multiple identity attributes are undefined.²
>> First, I don¹t see the difference in having a single attribute with
>>multiple assertions, or multiple attributes with single assertions.
>>Having said that, if we only want to allow one way, I would suggest to
>>simply forbid multiple attributes.
>
>That's OK, but what is the usual policy for handling malformed
>attributes if you know the syntax of the attribute?  What handling
>should we specify here?

One suggestion would be to simply discard all Identity attributes.

>> Q8:
>> In the example in Section 5.6.4.1 the SDP fingerprint attribute is
>>included as a session-level attribute. However, it is currently only
>>defined as a media-level attribute.
>
>I can't find any evidence of this being defined as media-level.  It
>says session-level (only) in several places.

Note that in this comment I was talking about the *fingerprint* attribute
:)

Regards,

Christer
>

v2.23.0 | Report a Bug | By Email