Re: [secdir] secdir review of draft-ietf-sipcore-sip-push-21

Christer Holmberg <christer.holmberg@ericsson.com> Sat, 05 January 2019 18:15 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9624B130E91 for <secdir@ietfa.amsl.com>; Sat, 5 Jan 2019 10:15:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.365
X-Spam-Level:
X-Spam-Status: No, score=-4.365 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=e5vZ1Tum; dkim=pass (1024-bit key) header.d=ericsson.com header.b=h0dCiwT5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BmjKDjMI8a-a for <secdir@ietfa.amsl.com>; Sat, 5 Jan 2019 10:15:14 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6516A130E92 for <secdir@ietf.org>; Sat, 5 Jan 2019 10:15:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed; q=dns/txt; i=@ericsson.com; t=1546712109; x=1549304109; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=8l2njNWtsmUd1MoJQy1mAY4Hw3/ETNi808F/WHNqZqc=; b=e5vZ1TumuwPT1bqY9HrZpMo4e7jo7wD5cJ12RR1VxjhLZVt8EJPo7nlDjlCBTAGV zLAhVATIzMmn74dZQjYBuy1VnA0oEDqkWWGz+jGS8i5C0uCZLud6X+dFRgCHP7hH FlA0ZEffqTgARKe/WgNV/RMy1qj9NJjXu4QiXF5K2Jc=;
X-AuditID: c1b4fb25-d89ff70000005ff7-2a-5c30f42dcb73
Received: from ESESBMB505.ericsson.se (Unknown_Domain [153.88.183.118]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 23.9B.24567.D24F03C5; Sat, 5 Jan 2019 19:15:09 +0100 (CET)
Received: from ESESBMR505.ericsson.se (153.88.183.201) by ESESBMB505.ericsson.se (153.88.183.188) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Sat, 5 Jan 2019 19:15:08 +0100
Received: from ESESSMB502.ericsson.se (153.88.183.163) by ESESBMR505.ericsson.se (153.88.183.201) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Sat, 5 Jan 2019 19:15:08 +0100
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB502.ericsson.se (153.88.183.163) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Sat, 5 Jan 2019 19:15:08 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8l2njNWtsmUd1MoJQy1mAY4Hw3/ETNi808F/WHNqZqc=; b=h0dCiwT5+AWeABS33xskB7fSb0JiEjNKH1YLMkVXmQltUHlaPVswDRUDjJXuitPMBkptrHWSxje8KJ2G5SASPvRavibHkgnhpi9EUnLctkkl+Kb+TL63Ld5iiV0dXeh+yqyUKCLVgVWIJ6HfQIyXThZXDJTlAdwreMstzdjyu38=
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com (10.170.245.23) by HE1PR07MB3081.eurprd07.prod.outlook.com (10.170.244.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1516.9; Sat, 5 Jan 2019 18:15:06 +0000
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::852a:3f04:e342:cf55]) by HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::852a:3f04:e342:cf55%3]) with mapi id 15.20.1516.010; Sat, 5 Jan 2019 18:15:06 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: "Scott G. Kelly" <scott@hyperthought.com>
CC: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-sipcore-sip-push.all@ietf.org" <draft-ietf-sipcore-sip-push.all@ietf.org>
Thread-Topic: secdir review of draft-ietf-sipcore-sip-push-21
Thread-Index: AQHUoUFwpb8nIR8T3kKT3FjKoKE4faWfiegKgAF0Z6k=
Date: Sat, 5 Jan 2019 18:15:05 +0000
Message-ID: <HE1PR07MB3161102618EA417C83C30B99938F0@HE1PR07MB3161.eurprd07.prod.outlook.com>
References: <1546285539.44113084@apps.rackspace.com> <DB7PR07MB56286B4A2702A5FF1915D1D6938D0@DB7PR07MB5628.eurprd07.prod.outloo k.com>,<1546631184.64914945@apps.rackspace.com>
In-Reply-To: <1546631184.64914945@apps.rackspace.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [37.33.31.219]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR07MB3081; 6:EaJwzatBmUbrJ5MIAmuGclwEx0pt9nvhXfwfzwa6kf75NLaZlK0aQ88hZbkhrw+pcUGowp/b3fn1Ttbogo8PpDxZTZQFKt3YbZKDc6pTTVTJUU2IyB7xldcMuRws/0R4zsQbvP7NKH7k/qeUZCWdh7owVy2CRQFSdTg3xjGgfRqyKjnZPqZVrtICtJBddUk/mwSSzBz/Mm2IqBaQgxWzDBDn2GPDW+XZOQBMKVgW4teMD3ZHqhJAiaEstj9zjggjRVhUvsoDpVwwlw6a0NRoJ+INJtauxaexKpUqTuVT+P+/k2p7J7sSzD7TTcbgabw8YpYLHpbJ/FG5Mr4We6nYRH8TTsb6FoHFA5hafSX2udkMhMHDbWPR+FWhiQPrs7c5FWNUz1VfRLR4C/VxMq5DVeT27qODJAT+In8rt1WQnjsccW2r8Q5I5LubFWkWwCV/+K8oN1sTRUYyYN1S1TuvVA==; 5:K5GLf0XHFVqyom8dWDHt7Ohrpmh1vQ2+VrvbB28KsfcrhV2kksOVfiWIPwXlB5KbP2c+wL1MZLTXieePmFbeWlLMfZzkxv+NRHelnhwLJwtapbpH0NyzVAVnx/JxRnJYjDXB7ePaWtPBmJ5C4+bj1UQ7OjWfdfScP3XkTh/jsWV9VhUNw2IPG3yb1LBecfJTN+z2R4FlKGS8KUh0dEXalg==; 7:C5Pxeeb5c2YOBXE1aIdypcX0mFD1Th0NANMQEDVCMCYlHbjQfurfGyKpfuvkyoiToVHG8PQfDbWIvE5gv7yd2AqYEOXXkAQwLbFFI829BhNbhv+wZcFnHg8JcrYYMn3L2omETRwbOO3LLYOwYH7O/g==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 0dd9d1eb-80f4-4069-5bb6-08d67339b844
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(2017052603328)(7153060)(7193020); SRVR:HE1PR07MB3081;
x-ms-traffictypediagnostic: HE1PR07MB3081:
x-microsoft-antispam-prvs: <HE1PR07MB308109AAC8E742A2783EEF41938F0@HE1PR07MB3081.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(908002)(999002)(5005026)(6040522)(8220060)(2401047)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231475)(944501520)(52105112)(6041310)(20161123562045)(20161123560045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051)(76991095); SRVR:HE1PR07MB3081; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB3081;
x-forefront-prvs: 09086FB5C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(136003)(39860400002)(396003)(366004)(189003)(199004)(316002)(26005)(74316002)(476003)(76176011)(54906003)(7696005)(68736007)(86362001)(33656002)(66066001)(14444005)(256004)(486006)(102836004)(6346003)(6116002)(6606003)(44832011)(446003)(71200400001)(71190400001)(6506007)(97736004)(3846002)(186003)(99286004)(11346002)(53936002)(6246003)(25786009)(81156014)(81166006)(19627405001)(8676002)(54896002)(9686003)(6916009)(14454004)(478600001)(6436002)(5660300001)(229853002)(7736002)(105586002)(8936002)(55016002)(106356001)(4326008)(2906002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB3081; H:HE1PR07MB3161.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=christer.holmberg@ericsson.com;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: U/OB/vWVoI5l25mMLyulPxnJ8g1eWQSCpbdzXQ/PHPjEMdi5yLnHaJszIYF6sVefaHOaaKPPvugOC8fwX/6E7U32FuJOwBG4Z4K3AbvWDkuMAY5iFyjIpXh7LHc142CIDT+/TWc6IeCMPysSYeOPMwBXghCyLpvy4Q1wu29ag11Zh0J4fulWbMXP3//Wp2B0TUnLaxSW/9cOSs2oeyA4V8n/OVvDQrCbImAFsQ2tIRVL7S8ubm7o/IPAGHMuCkvcRS45Bv0uqaBRsXXzdtpPbT6pxLh4dL+5aNHDpzkzspLlA9iK/el1MTHRyE52oPK3
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_HE1PR07MB3161102618EA417C83C30B99938F0HE1PR07MB3161eurp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 0dd9d1eb-80f4-4069-5bb6-08d67339b844
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jan 2019 18:15:05.9640 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3081
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02SfyyUcRzH+z4/zuNy9XWRz9CyK2uj44h1ixr9UdaqaTaLbtPhCfNz91yG 1iZbbEcjpSJLl5vlyHIzLG1iaogUNiZtSI0ix+668mv1eK7mv/fn/X59Pz+2L0NKTbQ7k5Kh ZTUZ6jSZSExVXmzLlsstCpViXr9LudDah5QP1m+TSmtLGVKa9dNUGBXR3t5PRRgMv4lIIlYc msimpWSzGv8Tl8XJTeZKUda3oJzFn9V0Pmo+rEOODOAg6BmpI3RIzEhxDwKDVU8KhRWBebLA 4X+xODZnx2oJ+NVauJVQuIyE8hc6kZCUE3CrsZTkO0vxNILl8ms6xDAirITiTV/edsFyuPfs Js3zJK5FMDYwQfPMHhwKrb1HBeY4PNdZRbztgo/Bj3oVb1P4IOhsDVvdJVgFMzU37Ku2IBhf f+TAB444GIbGbYjXCO8FW38jwWsSu8HEbA0hHI3B8HKIFLQrzH/epAXtBXfz+0SC3gfDNcWI HwC4wAFWSt7YITmYKyrsj8/B2qtqWoDeI3j99iMlBD7Q0Pp06wLAqVAx6iQwH0h4YiuhBd8T plZ9ypCiatt+VX8TEmdCY5GoautOZ+irnKUERAFL72pIQftCnf67XftDs2UQbfcfIwcjcuVY Lj49KfCIH6tJSeC4zAy/DFZrQn9/UlfLmnc7GlkI70aYQTInid+kQiWl1dlcbno3AoaUuUjU hL9KKklU5+axmsw4zdU0lutGHgwlc5OsS51VUpyk1rKpLJvFav6lBOPono8KjcYc6ZmQO5+8 1qz7T1busJ6FrwTN1Vuazi/P7exc6QgwVVzIXXIL6jiVIBeNBjYEDJcODckty736sS6PDkNU /aEr68bwS4VhA0X+XLz2dH9w1MzGhslk9mzb/TCuJ6TTI6ahIEbMHRjMU0fHfZliHCOjm7XX Y+97u61qFCkyiktWB/iQGk79B3ZMytdFAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/uu_HuDdJSHKyz7S8GdOllrmCqcU>
Subject: Re: [secdir] secdir review of draft-ietf-sipcore-sip-push-21
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Jan 2019 18:15:16 -0000

Hi Scott,

…

>I don't want to go through the whole document again, and I don't want to make too big a
>deal of this (the RFC editor has final say) but here are a few examples of things I had to read
>more than once to understand:
>
> Because of the restrictions above, Session Initiation Protocol (SIP)
> User Agents (UAs) [RFC3261] can not be awoken, in order to send
> binding-refresh SIP REGISTER requests and to receive incoming SIP
> requests, without using a PNS to wake the UA in order to perform
> those functions.
>
> In addition to the information that needs to be
> exchanged between a device and the PNS in order to establish a push
> notification subscription, the mechanism defined in this document
> does not require any additional information to be exchanged between
> the device and the PNS.

Ok, I will look into this and see if it could be made more clear.

…

>>>Finally, I think RFC8030 has a good description of the security considerations for
>>> this use case, and
>>>should be referenced here.
>>
>> I can add a reference. However, while many of the security considerations in
>> RFC8030 probably apply to any PNS, they are still written for a specific PNS.
>
>I don't know what other documents have been produced by the WG, so maybe this is
>covered elsewhere, but there are generic security considerations that apply abstractly
>to this use case. I think this document should either point to documents that describe
>them, or explicitly describe them here. For example, 8030 lists confidentiality with respect
>to the PNS, privacy considerations, authorization, DoS, and logging risks. All of those apply
>here.

RFC 8030 defines an "IETF PNS". The Apple PNS and Android PNS are proprietary (that existed before 8030 was even published).

Also, it is important that the security considerations of 8030 mostly apply to the PNS itself. The push draft does not define a PNS (eventhough it does make some assumptions on how a PNS using the push mechanism work), but a mechanism to transport PNS-related information over SIP, so the scope is slightly different.

Regards,

Christer