Re: [secdir] Secdir last call review of draft-kille-ldap-xmpp-schema-02

"Steve Kille" <steve.kille@isode.com> Mon, 11 September 2017 07:33 UTC

Return-Path: <steve.kille@isode.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34B2813300C; Mon, 11 Sep 2017 00:33:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bric15w7xrvg; Mon, 11 Sep 2017 00:33:32 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id EA3AD132D4A; Mon, 11 Sep 2017 00:33:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1505115208; d=isode.com; s=june2016; i=@isode.com; bh=V/kTMfdAURvuUAO3rlxmfn8KTb1ULkhWWCAp9/+GDHI=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=aaWvnGqA+LhyxbmOJP8HjO+q6U5qC/QWO6IdljcHVmpt3yeP7TxBVjrNWcaoly1OHA1I9z W7dqTo5k+6DbpT6tOfAoB4gBnZoztSgaKWS7Xtk8QK+GvXriLWYgwBBcfBO7yMa0ApiBqM EEE+tNsW45QB1Y9L+E4WLw8bHYNWHoQ=;
Received: from MonteRosa (cpc121136-nmal24-2-0-cust211.19-2.cable.virginm.net [77.98.232.212]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <WbY8QQBsZjam@waldorf.isode.com>; Mon, 11 Sep 2017 08:33:27 +0100
From: "Steve Kille" <steve.kille@isode.com>
To: "'Yoav Nir'" <ynir.ietf@gmail.com>, <secdir@ietf.org>
Cc: <draft-kille-ldap-xmpp-schema.all@ietf.org>, <ietf@ietf.org>
References: <150490591260.17260.5826520927764819469@ietfa.amsl.com>
In-Reply-To: <150490591260.17260.5826520927764819469@ietfa.amsl.com>
Date: Mon, 11 Sep 2017 08:33:20 +0100
Message-ID: <003701d32ad0$42239a30$c66ace90$@isode.com>
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQInXiG8xxTW5aRQsWv7bEQ9jDmZcaIG4VIw
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RqxGn45DCx6dNNbwue_btBH9GhE>
Subject: Re: [secdir] Secdir last call review of draft-kille-ldap-xmpp-schema-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Sep 2017 07:33:33 -0000

Yoav,

Thanks for this review.   I think that you are right in your comment and your suggestion is a good one.

I will update the text and submit version -03

It has been suggested to add a reference to the LDAP security considerations, which I think is sensible and I will also make this change.

Regards

Steve

> -----Original Message-----
> From: Yoav Nir [mailto:ynir.ietf@gmail.com]
> Sent: 08 September 2017 22:25
> To: secdir@ietf.org
> Cc: draft-kille-ldap-xmpp-schema.all@ietf.org; ietf@ietf.org
> Subject: Secdir last call review of draft-kille-ldap-xmpp-schema-02
> 
> Reviewer: Yoav Nir
> Review result: Has Nits
> 
> The document defines a couple of OIDs for associating a Jabber ID with an
> LDAP object.  As such, it is very short and straightforward. I'm not too happy
> with the Security Considerations section, which I'll quote here in its entirety:
> 
> "This schema enables publishing for XMPP JIDs, and care should be taken to
> ensure that this information is not accessed inappropriately."
> 
> This is rather generic, and it's true for any piece of information stored
> anywhere.  If that is all there is to say, the section might as well read "This
> document only registers OIDs and has no special security considerations."
> 
> However, I think there is a point that may need to be mentioned. Using this
> extension links a JID, which is a personal identifier that often appears on the
> public Internet (much like an email address), to an LDAP object, which is
> usually limited to an organization, usually the employer of that person. This
> linkability only exists for people who have access to the LDAP server, so it's
> just that users have to take the same care with JIDs that they do with email
> addresses - if you don't want your XMPP messages linked to your employer,
> or linked to you by your employer, it is better to use a private JID that is not
> linked to your employer's LDAP.
> 
> This advice to users may be out of scope, but I would like to see a mention
> that JIDs are generally public and pseudonymous, and this links them to a real
> person within an LDAP domain.