IETF Logo Mail Archive

[secdir] secdir review of draft-ietf-siprec-metadata-20

David Mandelberg <david@mandelberg.org> Sun, 14 February 2016 21:03 UTC

Return-Path: <david@mandelberg.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCA0E1A1B79 for <secdir@ietfa.amsl.com>; Sun, 14 Feb 2016 13:03:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.1
X-Spam-Level:
X-Spam-Status: No, score=0.1 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XwxHbg-T7CFR for <secdir@ietfa.amsl.com>; Sun, 14 Feb 2016 13:03:07 -0800 (PST)
Received: from nm23-vm4.access.bullet.mail.gq1.yahoo.com (nm23-vm4.access.bullet.mail.gq1.yahoo.com [216.39.63.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADCCF1A1B72 for <secdir@ietf.org>; Sun, 14 Feb 2016 13:03:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1455483787; bh=OEcvMJQFNOG9WG00hBWVO7DuWyQ7sYIykvRSXl4K3KM=; h=From:Subject:To:Date:From:Subject; b=rwY+IoXBxcrJnpo04L7WjVpQvnbdbSt9FVyE8fC2OP2f6OV/8J1ahogC11PygrrKGgZXK/eJtDd+HW0Rh6wBcuEGvZf1/kjX4FzUs8icHT+USl9QGIdQAd01nHxPKQkZvUHNEJHNaw8YWGDZB7LxWWwpvPZEaXfEFxLCSLVo0NefUe8An7CNxiwOnlte7xCol5pbadzAewbJJbXAUYGMD44JhLET7fTlFkUePtsrMInRkbhPjc9WhtEMJ2RqMqsWXeHPwSv08Ohe9A4fYFyjTNw1ukyHAMVFG8+S2bo9qKWwhUKOElWECUTmGpMCC33bbp72inFbMBVPpVO7oXYLtw==
Received: from [216.39.60.166] by nm23.access.bullet.mail.gq1.yahoo.com with NNFMP; 14 Feb 2016 21:03:06 -0000
Received: from [98.138.226.244] by tm2.access.bullet.mail.gq1.yahoo.com with NNFMP; 14 Feb 2016 21:03:06 -0000
Received: from [127.0.0.1] by smtp115.sbc.mail.ne1.yahoo.com with NNFMP; 14 Feb 2016 21:03:06 -0000
X-Yahoo-Newman-Id: 840235.14966.bm@smtp115.sbc.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: WPfchOIVM1m3g511rNqIqj.aXJjyBWcC3vZA6SDIVdqOQNm XgyPlzSlyddtEPFfwJQb64IBsZKklpCBOwTggZPv5aO6w7NgHhe8E89GGBaw bBVXIjcFnqPiT7d60UMY4zwUvYXD3Q_wxn6SOAY6chTiIn7q50zuV_aQfRHr ckkf6akl26Bjvy.lh5K7nvUa3xazS3CKIWpGO1dfCMgVACoL53D1NtkCeUXB Y0FsoeRXLnkrCtC9VDqJZfkLGaEbYqC2GN2pMBuF9Kj8gMGkFVPmcsP.Y8DU O0oLdq7qZ0hTVpTkwArg14tT.CohUuGLa7vfJCspTQdyTS1Gzwyy3XvIO.Cn 4FIy9zxvdOZsD4uDd_qwbc13V1UskAf68BXxWM.2f6RgyG7zQSUMRH2m7ljE 05ljghqBj9r9kDbM1j52sgFHwXam5uXQnKkBf3Kwd9FKx5LGM53bWd_Zouip BZxxbmqZswYwRba_Q2nBU1KBfc9lVkdOSWarg4jtyQPCFlimjfzUvzCA8o8V eq1xSlp9HkkRnWkAa0.veTcH7pftt.bN.aSwp1A--
X-Yahoo-SMTP: 4kJJK.qswBDPuwyc5wW.BPAQqNXdy5j09UNyeAS0pyOQ708-
Received: from [192.168.1.16] (c-76-24-31-176.hsd1.ma.comcast.net [76.24.31.176]) by uriel.mandelberg.org (Postfix) with ESMTPSA id ADDED1C6006; Sun, 14 Feb 2016 16:03:05 -0500 (EST)
From: David Mandelberg <david@mandelberg.org>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-siprec-metadata.all@tools.ietf.org
X-Enigmail-Draft-Status: N1110
Message-ID: <56C0EB89.4050409@mandelberg.org>
Date: Sun, 14 Feb 2016 16:03:05 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="EeJ3dG6H2i0DV6HQaacpuBp5PDhrTgrjO"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/hlMV6BshwmzYPZCpEdRFXVewBfU>
Subject: [secdir] secdir review of draft-ietf-siprec-metadata-20
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Feb 2016 21:03:13 -0000

Hi,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This document specifies a metadata format for information about recorded
SIP sessions. The Security Considerations section has good text about
the protection of metadata in this format, but I found one potential
security issue with the way an SRS (server) is supposed to handle the
metadata. I think this draft is ready with issues.

Section 6.10 says that "multiple SRC's [clients] can refer to the same
element/UUID (how each SRC learns the UUID here is out of scope of
SIPREC)". But what happens if two clients try to define different
objects with the same UUID? Does one of the objects take precedence for
all clients? If all of the benign clients are relying on referencing an
object A with UUID 1, and a malicious client is able to send an object B
also with UUID 1, that might compromise the integrity of the metadata
sent by the benign clients. This could be mitigated by requiring that
UUIDs are generated (pseudo-)randomly and are kept confidential from
potential adversaries, but I don't think the draft says either of these
things.

-- 
David Eric Mandelberg / dseomn
http://david.mandelberg.org/

v2.23.0 | Report a Bug | By Email