Re: [secdir] Secdir last call review of draft-kille-ldap-xmpp-schema-02
"Steve Kille" <steve.kille@isode.com> Mon, 11 September 2017 07:33 UTC
Return-Path: <steve.kille@isode.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34B2813300C; Mon, 11 Sep 2017 00:33:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bric15w7xrvg; Mon, 11 Sep 2017 00:33:32 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id EA3AD132D4A; Mon, 11 Sep 2017 00:33:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1505115208; d=isode.com; s=june2016; i=@isode.com; bh=V/kTMfdAURvuUAO3rlxmfn8KTb1ULkhWWCAp9/+GDHI=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=aaWvnGqA+LhyxbmOJP8HjO+q6U5qC/QWO6IdljcHVmpt3yeP7TxBVjrNWcaoly1OHA1I9z W7dqTo5k+6DbpT6tOfAoB4gBnZoztSgaKWS7Xtk8QK+GvXriLWYgwBBcfBO7yMa0ApiBqM EEE+tNsW45QB1Y9L+E4WLw8bHYNWHoQ=;
Received: from MonteRosa (cpc121136-nmal24-2-0-cust211.19-2.cable.virginm.net [77.98.232.212]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <WbY8QQBsZjam@waldorf.isode.com>; Mon, 11 Sep 2017 08:33:27 +0100
From: Steve Kille <steve.kille@isode.com>
To: 'Yoav Nir' <ynir.ietf@gmail.com>, secdir@ietf.org
Cc: draft-kille-ldap-xmpp-schema.all@ietf.org, ietf@ietf.org
References: <150490591260.17260.5826520927764819469@ietfa.amsl.com>
In-Reply-To: <150490591260.17260.5826520927764819469@ietfa.amsl.com>
Date: Mon, 11 Sep 2017 08:33:20 +0100
Message-ID: <003701d32ad0$42239a30$c66ace90$@isode.com>
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQInXiG8xxTW5aRQsWv7bEQ9jDmZcaIG4VIw
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RqxGn45DCx6dNNbwue_btBH9GhE>
Subject: Re: [secdir] Secdir last call review of draft-kille-ldap-xmpp-schema-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Sep 2017 07:33:33 -0000
Yoav, Thanks for this review. I think that you are right in your comment and your suggestion is a good one. I will update the text and submit version -03 It has been suggested to add a reference to the LDAP security considerations, which I think is sensible and I will also make this change. Regards Steve > -----Original Message----- > From: Yoav Nir [mailto:ynir.ietf@gmail.com] > Sent: 08 September 2017 22:25 > To: secdir@ietf.org > Cc: draft-kille-ldap-xmpp-schema.all@ietf.org; ietf@ietf.org > Subject: Secdir last call review of draft-kille-ldap-xmpp-schema-02 > > Reviewer: Yoav Nir > Review result: Has Nits > > The document defines a couple of OIDs for associating a Jabber ID with an > LDAP object. As such, it is very short and straightforward. I'm not too happy > with the Security Considerations section, which I'll quote here in its entirety: > > "This schema enables publishing for XMPP JIDs, and care should be taken to > ensure that this information is not accessed inappropriately." > > This is rather generic, and it's true for any piece of information stored > anywhere. If that is all there is to say, the section might as well read "This > document only registers OIDs and has no special security considerations." > > However, I think there is a point that may need to be mentioned. Using this > extension links a JID, which is a personal identifier that often appears on the > public Internet (much like an email address), to an LDAP object, which is > usually limited to an organization, usually the employer of that person. This > linkability only exists for people who have access to the LDAP server, so it's > just that users have to take the same care with JIDs that they do with email > addresses - if you don't want your XMPP messages linked to your employer, > or linked to you by your employer, it is better to use a private JID that is not > linked to your employer's LDAP. > > This advice to users may be out of scope, but I would like to see a mention > that JIDs are generally public and pseudonymous, and this links them to a real > person within an LDAP domain.