[secdir] SecDir review of draft-ietf-straw-b2bua-rtcp-13

Yoav Nir <ynir.ietf@gmail.com> Sun, 09 October 2016 06:57 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17F881294A7; Sat, 8 Oct 2016 23:57:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ImDcZGPMmlz6; Sat, 8 Oct 2016 23:57:31 -0700 (PDT)
Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24FCA12948C; Sat, 8 Oct 2016 23:57:31 -0700 (PDT)
Received: by mail-wm0-x235.google.com with SMTP id f193so4563366wmg.1; Sat, 08 Oct 2016 23:57:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=KQn4qe/GM3jmIxOkFPgLlKpicb+bwIwcEZGeRDAFRQM=; b=XWsI4I7Hu85akyiToWXaMotgFPO2nt7Terdgr8Q3DyL1eqcQbQSmJ366Q5z+5P1hri UHmtOEYnd9p6CbUks7CsflBeXG467ReBLR3+rUiexNQYBbHJsZwBdwHn3zNw3sZbUvwX 7waPcvhRx/qmJoZ8ULowiii4pWf9tWZcmj+oISIiv8Px/1XzgmRaRC7+mzJ8e3QwuGXx RynHbORoxZ6AohLo38Eu/6MI0L8Csk/YaK/CHt/vf9ZA28kBNSlvDkdQn+IP7LiRyOFr 8Jrgl1uSHXn8cbpKgK+EXzu0dQ5ncYF3cbf59p8jtF6RgG5VPT2wM8/LcaFGMqKTSzje c/QQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=KQn4qe/GM3jmIxOkFPgLlKpicb+bwIwcEZGeRDAFRQM=; b=aCzEfQvJ8HA+hdXf5kWr1e7nmoccgEZAbDqEk1hX+fPDxgWSDVFTyL1QMU5ehM6b1q 51b52k+gtrfTPnpSr7KHPyfI1SfjbvkAkNHrOqq+HDB82KEYMsa4soEBTtyLryXgQfaN 1JG13b7S8ocHL+VWrS94sLKlsYv8DHjb7CP2JFgYlZPG+VNoBUIHeEVLxSkw1+cO4cas +J+aaeWFByT6weycUkW8WEVjOp+8G42rykNjw6NhWrRxH/4B7oh2EP/ULECCVvNAKty+ oHGWUW9sLJxS0G1wEtvCNvJw2EdRXrz9+XDFL1eooO9UdkvM0w/9eslcpbNOFViPXDRH ZbRA==
X-Gm-Message-State: AA6/9RnX2/n5tTcy+7Eblai0gE5l9znSgzFZXJ1AVLGhPLRoHsQnrp6JxJ1TX+U2jj+bzQ==
X-Received: by 10.28.74.199 with SMTP id n68mr5546406wmi.25.1475996249734; Sat, 08 Oct 2016 23:57:29 -0700 (PDT)
Received: from [172.24.251.123] (dyn32-131.checkpoint.com. [194.29.32.131]) by smtp.gmail.com with ESMTPSA id e2sm13973922wjw.14.2016.10.08.23.57.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 08 Oct 2016 23:57:28 -0700 (PDT)
From: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\))
Message-Id: <BD4F5033-7DF8-4D3C-996B-7DB06EB0CC88@gmail.com>
Date: Sun, 9 Oct 2016 09:57:26 +0300
To: draft-ietf-straw-b2bua-rtcp.all@tools.ietf.org, secdir <secdir@ietf.org>, The IESG <iesg@ietf.org>
X-Mailer: Apple Mail (2.3226)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/gV0shDi_ugc4nTdNXplWyJpZ9J8>
Subject: [secdir] SecDir review of draft-ietf-straw-b2bua-rtcp-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Oct 2016 06:57:34 -0000

Hello,

I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

Summary: Ready with nits

The document defines the proper behavior for B2BUAs that, in addition to being on-path for SIP, are also on-path for the media traffic, whether RTP or RTCP.  Section 3 describes different scenarios for B2BUAs operating on the media, and if features considerations of the type “if you change this, you also have to change that, otherwise this bad thing could happen.” The document is easy to read and understandable even to someone who is not well versed in SIP terminology.

The security considerations section claims that the considerations are similar to those of the standards documents such as RFC 7667 (RTP topologies) and RFC 7656 (A Taxonomy of Semantics and Mechanisms for Real-Time Transport Protocol (RTP) Sources). This seems reasonable. It also describes why encryption is not an issue (if the B2BUA can make some changes to the media stream, then it can also make the changes described in this document, otherwise, it can’t make the original changes either), and how failing to follow this document might be indistinguishable from an attack (that’s the “bad things happen” part)

Two nits:

 - The Abstract says: “[B2BUAs] are often envisaged to also be on the media path...This means that B2BUAs often implement an RTP/RTCP stack...”. That doesn’t make sense with the dictionary definition of “envisage”. Perhaps “designed”?

 - The first paragraph of the Security Considerations is pasted below. I don’t think there is much semantic difference between "considerations" and “aspects”. This paragraph denies that there are considerations, and then goes on to state some. I think the whole first paragraph can go.

Yoav