Re: [Rum] [EXT] RUM security model

Eugene Christensen <echristensen@sorenson.com> Wed, 30 September 2020 22:30 UTC

Return-Path: <echristensen@sorenson.com>
X-Original-To: rum@ietfa.amsl.com
Delivered-To: rum@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDE7B3A0D02 for <rum@ietfa.amsl.com>; Wed, 30 Sep 2020 15:30:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sorenson.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 99nZnS5fOQjG for <rum@ietfa.amsl.com>; Wed, 30 Sep 2020 15:30:22 -0700 (PDT)
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (mail-eopbgr690043.outbound.protection.outlook.com [40.107.69.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B28FC3A0D03 for <rum@ietf.org>; Wed, 30 Sep 2020 15:30:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kmX0FhBpajPWm6Tdt6xecQIAtOFaXtbYuR7/QSFwSyfjxNcbVN5SeWSpQ4WjarebCmOvva4s+xQLDMMHi55a4RJOfaUHzGb822xcynI95TbkzJyjAH+xaIuZLo914IlCKMcqCFe9phS99uyKKFMQP2AiyeK/RAlhQZPJmsjq+82S1KxsojIyxg+gRzpszcViUlnDoRFzKDnuW8faDQm23CMI8hX4Dc+RGwOkvPoZBmqKrj87VKkmOwaGaQYsXcHHVSlnK9sI6aWUnJCmEcA+LCeoZIGrfIFhGviWsxYZwVC+5I+xEcazNYf74UgnlDyjD0qsdcns+17RmZsF7qTf1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RqT2pYwXJJKK9lH20ZllLfTr9blXTdfXbWKBC43EmOo=; b=jILj3dYEG4rM7v/Rpd/ClB5KxrlUPQs6XF5Y8c5gJ+HYAZz0f8DEuC16RNaKY1qs9aGp0gc34rUXzNp4S6ypSeAUVNsYXg/dxMHDtxsH/HIDRE2esjlFNsymMHF10UmCGBQb3JebsoqUAPcn5FSjSyCQm4pCBy36jlXlv5skVv4Rf72QVzWcA0pHraEPltPS7FV563Ky5ZLcTYPKjTq02zjoZJENUMg47Gds5vVyy9WyHarRy8xNJ/aUKjAu1SQtWZLcG802d7tHQRo/WulK9ItzGvmOaUmWg8j5U38h4fqGOMBL0TKpvJHxHwEsEQmiPYb/XB94oMuKjYJEVIRgog==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sorenson.com; dmarc=pass action=none header.from=sorenson.com; dkim=pass header.d=sorenson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sorenson.onmicrosoft.com; s=selector2-sorenson-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RqT2pYwXJJKK9lH20ZllLfTr9blXTdfXbWKBC43EmOo=; b=IFuaSLkB4Ki8yE6Lapx1/lLsQ1awLR4tfzHuIdEUmmTmT+YGIctwnfXAM0AIfWFglZmhhMiYw/V2kkxeshmnMdQFysaCatrJ0I7nqCBlaqsx18559NUJDQHfOHanQYoXCSrFjUWE1SSB0XWZtjI10mcn6EBTmjY8EgvvGdeCvbM=
Received: from BYAPR04MB4983.namprd04.prod.outlook.com (2603:10b6:a03:41::29) by BY5PR04MB6549.namprd04.prod.outlook.com (2603:10b6:a03:1d2::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.21; Wed, 30 Sep 2020 22:30:20 +0000
Received: from BYAPR04MB4983.namprd04.prod.outlook.com ([fe80::65fc:6562:3ada:465c]) by BYAPR04MB4983.namprd04.prod.outlook.com ([fe80::65fc:6562:3ada:465c%7]) with mapi id 15.20.3412.029; Wed, 30 Sep 2020 22:30:20 +0000
From: Eugene Christensen <echristensen@sorenson.com>
To: "rum@ietf.org" <rum@ietf.org>
Thread-Topic: [Rum] [EXT] RUM security model
Thread-Index: AQHWlnxQD9PXpaMUFE6N0jV2IR9mp6mBxBhg
Date: Wed, 30 Sep 2020 22:30:20 +0000
Message-ID: <BYAPR04MB4983E82A884C12E33A316D60A3330@BYAPR04MB4983.namprd04.prod.outlook.com>
References: <159838856681.32208.2945571627178413540@ietfa.amsl.com> <E4141C48-64A1-4A34-81CD-2AFB098E411C@brianrosen.net> <eee4a662-9ccd-0ded-4639-76f5be34924b@alum.mit.edu> <3757_1601140882_5F6F7891_3757_32_1_a4a62f53-1571-56ec-35b9-7faecd4fa480@alum.mit.edu> <MN2PR09MB5948B9B3068E2AFA4EBE8A0AB9320@MN2PR09MB5948.namprd09.prod.outlook.com> <927a8854-51b9-c768-ee1e-5d0c4b76a45f@alum.mit.edu>
In-Reply-To: <927a8854-51b9-c768-ee1e-5d0c4b76a45f@alum.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=sorenson.com;
x-originating-ip: [75.146.88.198]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 45a76d36-6622-4711-c1ec-08d865906a57
x-ms-traffictypediagnostic: BY5PR04MB6549:
x-microsoft-antispam-prvs: <BY5PR04MB65495971C26D480296A9EA25A3330@BY5PR04MB6549.namprd04.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1uCQevCask6tMP1JmZS0FsTwrqKH+2Y2uNMPqtyXl5OuaWedWlIlWrXEe3E/XVOmwaFaXLGgiFvykPXqdeuyns0biMfXQXZyW+mvZjptVOBV5dA1XGkjaIANhhW1f3/Sxji/JMdaPvTnZe10J2QeESiJA8RMrVaSG/SgWPChXPU5vuC5lejYfb2V7+0LITxG7JBeT7KlibyeR5IDrKkVVeNmt5U249lYU+VY7Qwu+ZOEMyORi95khuWThjoBASPOxiNENkPqdM9Fi91Iornf0bv7asnMI1O/EuwHYS1Yrh86bEF64m3j2JtbjLGRDw7jO6kreH6w8sv37ZwH7UVqMZmXarouvX15Dc7bU2R47kOs92tDZ5r1QqLFIEPJrDrk
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR04MB4983.namprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(376002)(136003)(346002)(39850400004)(366004)(66476007)(52536014)(76116006)(8936002)(64756008)(66556008)(66446008)(66946007)(5660300002)(33656002)(15650500001)(26005)(71200400001)(55016002)(186003)(7696005)(6506007)(6916009)(2906002)(478600001)(316002)(86362001)(9686003)(8676002)(83380400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: rLjhKljmpg2a/9zzIRH9VqgZ2VVKqovAxO8Q5Hcd2QX8oPU7jF49KSNHteGdU2IknjoleK+R8U2vfX5RPzmnrBRQ1K9FudthRDax63Gjxtm6FZVrtHrBsKUF4IVlK+JbjniMQ4GgqAUPYK7SCXQ7X5QMo92l37ea/yCtKKkB8nRclPDDRtqDh6bzZVeUn3/fgVF7xCY6KJggLCMd/dRE8R7riUvdqkBjn9jdoB2FhFLhws8cm3s+vRv3A4g8p30+inbjDe2YTt5WEz3A9oz1DXff8OMBqZD7r0HKl9lR52KJ/gsAtiH39P/QEjFrTxc/o1xzRCkgy+mtap2YBn/a2Rhe9uWZgqJDWjLXtowHvEGEp+/gTV6mQHsioh1fqm4iTpTMSugqeXkWViXoDgLN7I4e3O2V1SUM5xEEeRVx5Tp38Y6opoQjS8AmjcJak0c1TXrsqMydNl0Qf8MyzkxISvejeQbRfeWK5ual310Jyn1h0q4/j7lN6pJ3G1SShZ6YyME6B1rgt+gfpOD9KulcRb7xBVVdhFHr7HMzpbV7LZpdwRXP0DexdL7MqyEq3/JqUPavEQgQr+/PKPllwPd+jWsp5ydLcX2OQcs6sn1ukIyK9X37iJ3O4jbp7H/r9Yp7nqkOMDw7cRkOgvEcPYUANA==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sorenson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR04MB4983.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 45a76d36-6622-4711-c1ec-08d865906a57
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Sep 2020 22:30:20.5178 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 6b03ef08-a104-48c4-a951-f18d295428d5
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: no+2bEzuAg848Awc/+mI8LbnxYfLgktlpBMP8XkXaLS5iM610LNpuU/9vThIgqweDpDCw80OAqZbafu7wOUfoUvlcb5x0oXQC4brCppG7g4=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR04MB6549
Archived-At: <https://mailarchive.ietf.org/arch/msg/rum/OlHenC7mclQLJN1w0zYdYAz_G5M>
Subject: Re: [Rum] [EXT] RUM security model
X-BeenThere: rum@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Relay User Machine <rum.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rum>, <mailto:rum-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rum/>
List-Post: <mailto:rum@ietf.org>
List-Help: <mailto:rum-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rum>, <mailto:rum-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Sep 2020 22:30:25 -0000

Thanks for considering how we might implement this security mechanism.  May I add my voice that it is essential that we find an option for providing this desired security, whatever it is.  It could be detrimental to the VRS providers to have UAs out there, with the ability to register with VRS providers without first being fully vetted.  It is our practice anytime we make updates to our UAs to test how they work with our UAS before we ever release the new UA software into our production environment.  We only want UAs registering that have undergone this rigorous testing with our systems and then only with users which we have awareness of.

Thanks, 
Eugene Christensen

CONFIDENTIALITY NOTICE. This e-mail transmission, and any documents, files or previous e-mail messages attached to it, may contain confidential and proprietary information. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this message is STRICTLY PROHIBITED. If you have received this transmission in error, please immediately notify me by reply e-mail at echristensen@sorenson.com or by telephone at +1 (801) 287-9419, and destroy the original transmission and its attachments without reading them or saving them to disk.