Re: [secdir] Secdir review of draft-ietf-ecrit-data-only-ea-18

Charlie Kaufman <charliekaufman@outlook.com> Thu, 29 August 2019 21:17 UTC

Return-Path: <charliekaufman@outlook.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80804120803; Thu, 29 Aug 2019 14:17:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 58fyMN-Z77dV; Thu, 29 Aug 2019 14:17:11 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-oln040092004094.outbound.protection.outlook.com [40.92.4.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93DC2120073; Thu, 29 Aug 2019 14:17:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZTVKlgfLLMd1pju6PE1zK/o2V3N2DuWpJOKzkCIbWtl+9rXJ0ft/hAHo2Xvg02gWH6zP15p7Ngje8xAaIV+N9c4Wh5ci8Wm/cbV/LaLxTKadP+3nAMdQ26TxTRIsPcy6xLgUWqxNe9AYkKtbzuwT5PQA4Ta7cA/dFm1z+1Wb4I2n7zte0iFtuUC+Zy2UsxwCeLO/WAuBwClM9kgo83Pkhcro3hu1pzDyKUxCH+F7X3BavpZCOKD4kwfVlG+JKaBVI5JBZ24o3RgccrIgod+9UM0hCVzDRdrv0FF78YKHWBN4WtgRl6ziFFrGGZQCOgCdbGWWS5mOO4FpWiOYbSfMpg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lqfDJjp/vIqiqtyt0HNB2QzCQufw2GtJMEgA2UZU3x0=; b=oVTDz+qwOrFfE/GhY+JKOh4kOHq3jUhy9uxlBuF7YwtZPuJHEovIkcJQ1DtDhy+0VC623Uny7O0OZbE0ufwaTU0r1gBhq293kJNqzy1U3iC1ZqtUQ+K5nWxlacdz6SQJReE5mQh0s+Zt5bWFP5rl0LQq+czBnfwTluTwV/kGa3SFFxafwAEbSoHLhcp7b8zjC8Uz4kZkJLy+RbNBlELsjVREocQ/V9UYE69zxHy53PosAX7tqqlzaD9k9pz2WTebuof1WPYvvsG+Ya6KohBMg4ZDOYtiZEkrDFiOupQE24/EYKM4L/Hqr+MQ53XLHiaMr+pib4h1GJCCCza7D/AL2A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lqfDJjp/vIqiqtyt0HNB2QzCQufw2GtJMEgA2UZU3x0=; b=B1O4YrvbfZnGPCaeIwo+xIxpQnSKQ3GmFu2eyIOSGecaJuqV12+wteVZb221nrY45gKNxgb/YAAlx+K1EPNQ2LiAx2IteSuJGpLTiZNJnMUTvke05tYCeURnZrE1dlKLEkaqT3qeNb386v5As0ZpaGbyPHwkwEP/mUBNF+m/evG1PArS2kzGsMxlGVF/eG7gHfBJDEpgMloh5LBDFCNC/KL9zmjQYQXX3pMg0BqNvd5gqrbBVrElAZGqgHL+Y+CMCY5D2qbphDue16eZu97ErKHHmyw2WinMfM1rSys23wSKx2HsGYQuJye7xgTyqCFOR+9payYQSwyhlkAYkkFmJw==
Received: from SN1NAM02FT051.eop-nam02.prod.protection.outlook.com (10.152.72.59) by SN1NAM02HT189.eop-nam02.prod.protection.outlook.com (10.152.72.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2220.16; Thu, 29 Aug 2019 21:17:10 +0000
Received: from MWHPR04MB0367.namprd04.prod.outlook.com (10.152.72.60) by SN1NAM02FT051.mail.protection.outlook.com (10.152.73.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2220.16 via Frontend Transport; Thu, 29 Aug 2019 21:17:10 +0000
Received: from MWHPR04MB0367.namprd04.prod.outlook.com ([fe80::f019:9a3e:4580:6163]) by MWHPR04MB0367.namprd04.prod.outlook.com ([fe80::f019:9a3e:4580:6163%10]) with mapi id 15.20.2220.013; Thu, 29 Aug 2019 21:17:10 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: Brian Rosen <br@brianrosen.net>
CC: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-ecrit-data-only-ea.all@ietf.org" <draft-ietf-ecrit-data-only-ea.all@ietf.org>
Thread-Topic: Secdir review of draft-ietf-ecrit-data-only-ea-18
Thread-Index: AQHVWrVSYrXYcnS0SkGl7pu26H6ueacN5f6AgAS+JZ0=
Date: Thu, 29 Aug 2019 21:17:10 +0000
Message-ID: <MWHPR04MB036724650A0D208BE4D22D58DFA20@MWHPR04MB0367.namprd04.prod.outlook.com>
References: <MWHPR04MB0367DA96CF172D996CDDA622DFA70@MWHPR04MB0367.namprd04.prod.outlook.com>, <DAD38B77-66B6-40CD-9200-DDA7632EED94@brianrosen.net>
In-Reply-To: <DAD38B77-66B6-40CD-9200-DDA7632EED94@brianrosen.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:F2FA7D359EE27EFE341DD520161893FE06996FCEE4A317B3F061863488171CCE; UpperCasedChecksum:0202776B1821EAB52B0D2199FCC5B7E0FC945C68FC68949B1C2294346C3388E4; SizeAsReceived:7115; Count:44
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [ttr/i2OKYgvpzRkgCuIhjDqiaobV+vhzD8DHqdrDpT/RC3XSq23f0CmFmuOHljIL]
x-ms-publictraffictype: Email
x-incomingheadercount: 44
x-eopattributedmessage: 0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(5050001)(7020095)(20181119110)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031322404)(2017031323274)(2017031324274)(1601125500)(1603101475)(1701031045); SRVR:SN1NAM02HT189;
x-ms-traffictypediagnostic: SN1NAM02HT189:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-message-info: tHIdR4VdajhiPffjA5y8Tb+yiKdzqJ2mhe9J6vFrETqY6wWk+EAUkANTDkhZLxcsBNfydGUl2vBlUDGeMHN+UT93d9m6Ok+RZnWwgJma8Nyg1u5t89eIciEkXLac85ULuX0eSNIp8kbJL3/pq+AqNcmrUy+Lgwtxg+SvfM3TgxpuZ+Gjkxri6jdqR/85DNZ3
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MWHPR04MB036724650A0D208BE4D22D58DFA20MWHPR04MB0367namp_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 39064291-ff9a-447d-ed82-08d72cc640fd
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Aug 2019 21:17:10.0984 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM02HT189
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Zk1RDZTA_6-RRG9urZJ6UzHtuEU>
Subject: Re: [secdir] Secdir review of draft-ietf-ecrit-data-only-ea-18
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Aug 2019 21:17:16 -0000

My confusion had to do with whether this is adding new functionality or whether this is a profiling of existing functionality to enable a lightweight interaction. For example, is it possible to send a CAP message within a SIP transaction when there is going to follow interactive two way media in the existing protocol? If so, this could have been done with the previous protocol just by ending after the first exchange. If not, this is something that couldn't have been done before and this is new functionality (and I would wonder why the old protocol did not allow this).

My confusion might be based on my lack of understanding of the layering of CAP, SIP, and MIME, and it could be that anyone with a legitimate reason to read this document would not be confused.

--Charlie

p.s. Apologies for the formatting. I'm using Outlook's web interface, which tends to be overly clever and mess things up.


Sent from Outlook<http://aka.ms/weboutlook>

________________________________
From: Brian Rosen <br@brianrosen.net>;
Sent: Monday, August 26, 2019 1:34 PM
To: Charlie Kaufman <charliekaufman@outlook.com>;
Cc: secdir@ietf.org <secdir@ietf.org>;; iesg@ietf.org <iesg@ietf.org>;; draft-ietf-ecrit-data-only-ea.all@ietf.org <draft-ietf-ecrit-data-only-ea.all@ietf.org>;
Subject: Re: Secdir review of draft-ietf-ecrit-data-only-ea-18

Hi Charlie

Thanks for the review, I appreciate it.

The introduction section has this text

   Data-only emergency calls are similar to regular emergency calls in
   the sense that they require the emergency indications, emergency call
   routing functionality and may even have the same location
   requirements.  However, the communication interaction will not lead
   to the exchange of interactive media, that is, Real-Time Protocol
   packets, such as voice, video data or real-time text.

   ...

   This document describes a method of including a CAP message in a SIP
   transaction by defining it as a block of "additional data" as defined
   in [RFC7852<https://tools.ietf.org/html/rfc7852>;].  The CAP message is included either by value (the CAP
   message is in the body of the message, using a CID) or by reference
   (a URI is included in the message, which when dereferenced returns
   the CAP message).  The additional data mechanism is also used to send
   alert specific data beyond that available in the CAP message.  This
   document also describes how a SIP MESSAGE [RFC3428<https://tools.ietf.org/html/rfc3428>;] transaction can
   be used to send a data-only call.


This says that this document describes how to send an emergency call when there is not two way interactive media (voice, video and/or text), and it says that the way you do that is to send a SIP MESSAGE, with a CAP message pointed to by a Call-Info header.

That text seems very clear to me, and yet you didn’t read what we hoped into what we wrote.  I would really like to fix this, but I’m at a loss to understand what I need to do.

I’ll improve the acronym stuff.


On Aug 24, 2019, at 3:53 PM, Charlie Kaufman <charliekaufman@outlook.com<mailto:charliekaufman@outlook.com>> wrote:

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This document defines a new MIME type: 'application/EmergencyCallData.cap+xml' for use primarily by sensors to send alert messages to emergency services providers. It also defines a new Emergency Call Data Type: 'cap' in order to embed this data efficiently in a SIP transaction. I saw no new security issues beyond those already noted for the protocols carrying these messages.

I do have some editorial suggestions:

There is a lot of context that the authors assumed any reader would have that could have been stated in the introduction. I believe from context that the purpose of this new MIME type is to support simple (IoT) sensors that don't want to implement a more heavyweight protocol, but I don't believe that was stated anywhere.

I got the impression that the functionality provided could have been done with existing protocols by sending the CAP message over a SIP session, but that doing so would place an unnecessary burden on simple (IoT) sensors, and that this protocol would be easier for such sensors to implement for the limited cases such sensors need to deal with. If that's true, it should be stated. If not, the purpose of this protocol should be more clearly stated.

These acronyms were used but never defined:

SIP
CID
LoST

These acronyms were expanded, but not in an easy to find place:

Common Alerting Protocol (CAP)
Public Safety Answering Points (PSAPs)
Emergency Services Routing Proxy (ESRP)

It would be nice to include them in the terminology section, ideally with a reference to the RFC where more information is available.

Typo:

p17 "security mechanism" -> "security mechanisms"

 --Charlie