Re: [secdir] SecDir review of draft-camarillo-rai-media-policy-dataset-01

Gonzalo Camarillo <gcamaril@gmail.com> Thu, 05 July 2012 09:46 UTC

Return-Path: <gcamaril@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B57B621F8608; Thu, 5 Jul 2012 02:46:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.249
X-Spam-Level:
X-Spam-Status: No, score=-6.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ys7n8SC8-rxS; Thu, 5 Jul 2012 02:46:23 -0700 (PDT)
Received: from mailgw7.ericsson.se (mailgw7.ericsson.se [193.180.251.48]) by ietfa.amsl.com (Postfix) with ESMTP id 6052821F85E5; Thu, 5 Jul 2012 02:46:22 -0700 (PDT)
X-AuditID: c1b4fb30-b7fb46d0000064f2-c8-4ff5627a628c
Received: from esessmw0184.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw7.ericsson.se (Symantec Mail Security) with SMTP id 45.51.25842.A7265FF4; Thu, 5 Jul 2012 11:46:34 +0200 (CEST)
Received: from [131.160.126.161] (153.88.115.8) by esessmw0184.eemea.ericsson.se (153.88.115.82) with Microsoft SMTP Server id 8.3.264.0; Thu, 5 Jul 2012 11:46:33 +0200
Message-ID: <4FF56278.1000509@gmail.com>
Date: Thu, 05 Jul 2012 12:46:32 +0300
From: Gonzalo Camarillo <gcamaril@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: Yaron Sheffer <yaronf.ietf@gmail.com>
References: <4FBFAE5F.8010305@gmail.com> <4FC742B2.10508@ericsson.com>
In-Reply-To: <4FC742B2.10508@ericsson.com>
X-Enigmail-Version: 1.4.2
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrFLMWRmVeSWpSXmKPExsUyM+JvrW5V0ld/gwfHNC1uv5rFZjHjz0Rm iw8LH7JYrLo/g92BxWPnrLvsHkuW/GTy+HL5M1sAcxSXTUpqTmZZapG+XQJXxr3zl9kKDkhX fLl1hbWBsVWsi5GTQ0LAROLA/yvsELaYxIV769m6GLk4hAROMUpc+PADylnDKPFn1V+wKl4B DYmHf1qZQWwWARWJQ2umMXYxcnCwCehIPFoRABIWFQiWmNd9kwWiXFDi5MwnLCAlIgKaEtOO WoGMZAaZf+DwZ7BWYQFPif6nESDlQgJuEh2tL5hAbE4BLYklh/sYIW6TlLjXvpoNxGYWMJA4 smgOK4QtL9G8dTYzRK+8xM1LB1gnMArNQrJ5FpKWWUhaFjAyr2IUzk3MzEkvN9dLLcpMLi7O z9MrTt3ECAzvg1t+G+xg3HRf7BCjNAeLkjivnup+fyGB9MSS1OzU1ILUovii0pzU4kOMTByc Ug2MawKur4jev6iVt/H6bma34IxD51ZVXVlrHLtG0KAjzG1K6A+JbdmCB9bqfvq+tV4y0L74 nUnoIgM7h0fdFxna1fgi03r8OJvXv08VWn3ALU1/kxv7byFhwyvn3m+Uyp/w6ci/rDVJPreO /hNtmf70gZfoMcub/L9OMD4SvVenVHJK2jbRqVNFiaU4I9FQi7moOBEAqAnyxD0CAAA=
Cc: "iesg@ietf.org" <iesg@ietf.org>, "draft-camarillo-rai-media-policy-dataset.all@tools.ietf.org" <draft-camarillo-rai-media-policy-dataset.all@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] SecDir review of draft-camarillo-rai-media-policy-dataset-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2012 09:46:23 -0000

Hi Yaron,

per your comments, I have added a reference to RFC 3470 to the Security
Considerations Section. I have written the following:

    Section 7 of RFC 3470 [RFC3470] provides general
    security considerations regarding the transport of XML documents
    in network protocols.

With respect to the other reference you would like to see included in
the draft:

http://xml.resource.org/public/rfc/bibxml4/reference.W3C.REC-xinclude-20061115.xml

How do you want me to include this reference in the draft? That is,
which particular part of this W3C document do you want the draft to
reference?

Thanks,

Gonzalo


On 31/05/2012 1:06 PM, Gonzalo Camarillo wrote:
> Hi Yaron,
> 
> thanks for reviewing the document. I will add the two references you
> suggest in your last point to the next revision of the draft.
> 
> With respect to the remainder of your comments on the event package
> document, that draft has already been in the RFC Editor's queue for a
> while. So, at this point, we will not change it (although I would be
> happy to replace that "should not" with a "SHOULD NOT" in AUTH48). Also,
> SIP security is getting deployed on the field slowly as time goes by. It
> is true that it is taking a while, but we are getting there.
> 
> Cheers,
> 
> Gonzalo
> 
> 
> On 25/05/2012 7:07 PM, Yaron Sheffer wrote:
>> I have reviewed this document as part of the security directorate's 
>> ongoing effort to review all IETF documents being processed by the IESG. 
>> These comments were written primarily for the benefit of the security 
>> area directors.  Document editors and WG chairs should treat these 
>> comments just like any other last call comments.
>>
>> Summary
>>
>> Nothing much here - this is not where the security action is. However a 
>> companion document may need some deeper security review.
>>
>> Details
>>
>> This draft defines the contents/format of a media document. The document 
>> allows a SIP policy server to dictate the media policy that should be 
>> implemented by a UA, in general or on a per-session basis.
>>
>> • The draft requires that all documents be well-formed and valid XML, 
>> which is good - not only for security.
>> • The real security stuff is in draft-ietf-sipping-policy-package-08. I 
>> will not review that document here, but I find it puzzling that session 
>> (media) information is transmitted/secured along with session encryption 
>> keys. Mixing together data of such disparate security sensitivity levels 
>> is likely to result in either over-engineering or under-security.
>> • Reading further down the said security considerations, this issue is 
>> addressed ("the user agent should not insert" etc.), but none of that 
>> discussion is normative!
>> • Moreover, recent discussion on SAAG 
>> (http://www.ietf.org/mail-archive/web/saag/current/msg03695.html) 
>> suggests that some of the security solutions mandated by the Policy 
>> Package draft as well as the current draft are, to put it mildly, not 
>> widely implemented.
>> •  Back to the current document. Re: XML security considerations, please 
>> reference the security considerations of RFC 3470, and possibly also: 
>> Marsh, J., Orchard, D., and D. Veillard, "XML Inclusions (XInclude) 
>> Version 1.0 (Second Edition)", World Wide Web Consortium Recommendation 
>> REC-xinclude-20061115, November 2006, 
>> <http://www.w3.org/TR/2006/REC-xinclude-20061115>.
>>
>> Thanks,
>>      Yaron
>>
>