Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
Magnus Westerlund <magnus.westerlund@ericsson.com> Thu, 06 August 2020 08:56 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A4B83A1023; Thu, 6 Aug 2020 01:56:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yWXSfCgTIRjy; Thu, 6 Aug 2020 01:56:21 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50081.outbound.protection.outlook.com [40.107.5.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6593A3A100E; Thu, 6 Aug 2020 01:56:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FqPjg/0qOOqMFXn9vN4FWvn+4z5BbQvzJZZIE0iMOImyOxuumFfEvWXt4MPcDiB3Go9sYwfBRWcxVSrggt1luITBN68YjfDwe8C/Rgxm8h8CePCNLB1daYCAVG7sWddB03BC84b3BJW/4vvOFYjqQ2DHRxlUgpbCIRmx4xzjrBSFrS6KtbmecC3pBe2Jvzl0arpeMb4kxRlxvfkwVGaiH8HMiZ62lWMHjHmPVE9qSobbvr3qhY/Cee/XN31x4cruFqABk7v1uCOkSNrarJPJ8PHrL0mTodHeJ8kxi64S3kSOFao8f/1cmY7e1Mq8MaqQI86sRcvXw+ZsIIvmUnr0DQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GDtl7CvHPnlatE0xz7l+7Sa2+7uglgohhOPkiz/GJfI=; b=hTh1LtUF0sr1uLozdeFCIe3LFPOYond4SaX76yD1GsB1u9Mj4MuPWMrt+MtvFLqV/6EHUIdBsJ2KqY0WSX7bdtcgByCiE3ErDdD/80J3AVQLPUOA2MKjE7LNn0USS3yuYjREZNDtp5kk1bw+EaUf+LEZa0j7VYgp1rL0wlRx9Q6zdAupaJGHowcpKTWc4ZvB/+fYUVx4lAVuvB9j0FjJQ8QfFI7UYSFBtyxmadc6vMKGskz0auAusFpeWpTe549uc8Xvim+yjPSv8LRRWqPxWG+YG3ykV1G+5lkNtZ7EpQUr1dgSthbh02C5DtrzQjseUxnz4xXVYHOH4WWygnU6Yw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GDtl7CvHPnlatE0xz7l+7Sa2+7uglgohhOPkiz/GJfI=; b=MHps0eehZEPk4VeErNZjEao063LsmWgrp8JF8g9jcT/PCr4MbQyGBKli9mtFglp8pjhmgNg3GHt9DmqPnVB4xJU4bXIBlW7ANrt12dtutxgkBwSL0F7tHcNwQ+jWIXfofWiEY7SM8XLwB2qfb1S12CmlzELLOYZG4kqPlqmyY0Y=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR07MB3098.eurprd07.prod.outlook.com (2603:10a6:7:38::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.14; Thu, 6 Aug 2020 08:56:17 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::d95a:be8:b97b:582d]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::d95a:be8:b97b:582d%5]) with mapi id 15.20.3261.016; Thu, 6 Aug 2020 08:56:17 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "ben@nostrum.com" <ben@nostrum.com>, "rlb@ipv.sx" <rlb@ipv.sx>, "sergio.garcia.murillo@gmail.com" <sergio.garcia.murillo@gmail.com>
CC: "dispatch@ietf.org" <dispatch@ietf.org>, "sframe@ietf.org" <sframe@ietf.org>, "emadomara@google.com" <emadomara@google.com>
Thread-Topic: [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
Thread-Index: AQHWa2UvSRWiVT7MukOqMgZDT9IOv6kqyBeA
Date: Thu, 06 Aug 2020 08:56:16 +0000
Message-ID: <771e108a9f25c1bec04d5fcdad58eb55bbb1533d.camel@ericsson.com>
References: <CAHo7dC91bvRHiYuRT63uJ=HeuFU9L7XXqTcG+za5xi_BbQ0G2w@mail.gmail.com> <E2072219-1B6E-4444-A39C-287842783DBF@nostrum.com> <CAL02cgT13rEnvaB9TFMci=N8OqO35qKHthPHhMCvAccZWhCu-Q@mail.gmail.com> <ca0a7472a86cf53c78779f6153a80dc096acc4e8.camel@ericsson.com> <69181ed1-d72a-99de-8b4d-9e10276ced91@gmail.com>
In-Reply-To: <69181ed1-d72a-99de-8b4d-9e10276ced91@gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: nostrum.com; dkim=none (message not signed) header.d=none;nostrum.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [98.128.243.14]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 66917b51-16bc-4812-d73b-08d839e69495
x-ms-traffictypediagnostic: HE1PR07MB3098:
x-microsoft-antispam-prvs: <HE1PR07MB3098EA79E358FE0B7BF16B8395480@HE1PR07MB3098.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tYJ12woz666PCayrUtgEvmMEzfBbhX5ZkqXZKGeLiW8SX2q4IFpiZl+S2CGjW47uACIVqCMRZKAA22JXTon3WEBmqRQXAk3V7QoEconHrC+ucrh3cr4mpKoSDwuv3gdOlTM6DR1TeGxPjAljbvP3+0OkY2AH3sxZQacLivsDahqMxdIFHK35JloxLV7q2+zOefFMtWML/atID/bOPW8faRBRZcm3eU50O8KoR3lpRYrPX/1JGI1Gi1G+W6pk/mxlaKaMRafZNy7lbUuHaKvbCI35Mu7wVT1KhY/ZQvEV8a0YwF3zMLh93T79AWMyzzpkhsA/vt/zL8/2TqdfgJvFBpXbShhxnaZWw61taA32wG24JoS9MwM9J41hXk9biSxY
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(396003)(136003)(376002)(39860400002)(366004)(2906002)(71200400001)(8676002)(6512007)(5660300002)(36756003)(26005)(66446008)(8936002)(66476007)(66556008)(64756008)(186003)(76116006)(66946007)(2616005)(54906003)(6506007)(478600001)(83380400001)(6486002)(44832011)(86362001)(110136005)(316002)(4326008)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: NDeoNyXkAvYIAWVhVrmjmAZEluGUZ3vm3J/IxCtdPyKkxKnl8BBNY1QokHTwLef5rpKUy+9BC14JQPqWnh5KTur7xNTNAEGbOL8qyGcUfcBrFCcTa978tuitc/lhFvGAoGTaSGGfQpJXVzm9VCXoCMk4DnaPCOciEIz7mSxvjZ6F3uBI+aoF57W0z+7rwHT/f17c1AmUl4PvxUCUEQ46YZaqTPJKQY7S9+uDGMWTMz5ACOxzjkLYdMc+b2xsLsA70JEvXQ1d7xrAlLd8kyuERWof75ysY/yBOvks7RnisKNIoBTUlxb8lG0GyPxD8QfiYfUp20Xyoaph4YEhFVLVsxgUuRup/Dm5XsuTWHr0/iaExasU9z3kGI0rfgRBOyBarAHMCjwr81Y1+9aB5A592lNRv869cwmoissWJpRPwHoT4u3f+BJdxI5P9cp8oqVNCm66Cyj4cdltIq2VCHzUoSnuo+4Z6r7gaCTjEdPmBJHPqByd01uiDjRWWrj/QzQRjx6iSpt23NmLu6ujuJQeQNQKyIfrJzEy10p5bKoqcPS1d89C7CXLONhLV33NO8pNTScvvdzv0mo5cA1nSfHKy6BP8bX5JXSGdujtGGez5XEizlDcLzyQmnxFTsEFSjy6ffYH9en9Ts6LBdWqP+98jw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <DF50F6C6F0C9124BB9E03337C59C2C5B@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 66917b51-16bc-4812-d73b-08d839e69495
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Aug 2020 08:56:16.9645 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: R2CrkpUDhINf+RtFCLXoPNDuzvUihloAe/wLtg4AU+r+g5P6BKtiDA+tq2Xb2T3J6EOItwaRZxgpXEUWWCSmtQtMiZgOsYlDkeFIWsM4Am8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3098
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/1e68pirXTQePsvZ5ebMCivOn1iQ>
Subject: Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2020 08:56:22 -0000
Hi, On Wed, 2020-08-05 at 22:15 +0200, Sergio Garcia Murillo wrote: > But shouldn't the "delayed media" attack still be transport agnostic? I > mean, this can happen on QUIC and WebRTC SFUs. Sorry if I gave the impression that it is not transport agnostic. It is use case dependent, any use case that isn't point to point, where there is more than one entity that can intentionally remove SFRAME creating gaps in the SFRAME sequence. In a point to point scenario one can correlate transport losses with SFRAME gaps to know give a reasonably strong mitigation against any third party removing SFRAMEs or delaying them. That is much harder in a centralized conference with one or more SFU. > > Anyway, I agree that while SFrame is transport agnostic, the chapter > should not ignore the interactions with webrtc/quic and we must ensure > that we provide a complete working solution regardless of the transport. > If we identify that any further working items are required for a > particular transport, we should at liaise with the appropriate working > group for providing a solution. My main point is that SFRAME actually needs to discuss the threat model for the use cases it intendes to solve. And the mitigation can potentially include functionality on the transport level. But the risks to media security in centralized conferencing needs to be discussed. And centralized conferencing will still have the semi-trusted SFUs and all the rest of the third parties in addition to the end-points. Also what properties one have around end-points invited into the conference has a number of question around security properties that needs to be discussed and documented. Some examples that I know are relevant: - Source authentication: SRTP unless one use TESLA (which isn't really used) does only provided the property: Someone that has the key sent this. One don't know that it comes from a particular endpoint. - Confidentiality when group membership changes: So will SFRAME keying support a use case where only the current set of members in a conference can decrypt the media and one rekey the media session key for each time the membership changes? PERC do support this, will SFRAME? There are likely more questions that needs discussion. The PERC discussion is a good starting point, but I think when going transport agnostic some of the issues needs to be more clearly discussed as the RTP transport can have affected how it was discussed, and what reliance on existing mechanism. Which for SFRAME likely require a general discussion and then requirements on the transport and invovled endpoints and SFU to accomplish mitigations. And thus also what the risks are of having no mitigation in place. I would really propose that SFRAME is chartered with publishing a security consideration and threat model document that is seperate from the solution to give this topic full focus. The solution will of necessity need to reference that and document what migitagtions that exists in the SFRAME layer and what becomes requirements on the transport. Cheers Magnus Westerlund ---------------------------------------------------------------------- Networks, Ericsson Research ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Torshamnsgatan 23 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [Sframe] SFrame proposed WG charter Emad Omara
- [Sframe] SFRame Next Steps (was Re: [dispatch] SF… Ben Campbell
- Re: [Sframe] [dispatch] SFRame Next Steps (was Re… Richard Barnes
- Re: [Sframe] [dispatch] SFRame Next Steps (was Re… Magnus Westerlund
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Sergio Garcia Murillo
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Magnus Westerlund
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Emad Omara
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Alexandre GOUAILLARD
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Richard Barnes
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Magnus Westerlund
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Richard Barnes
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Bernard Aboba
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Emad Omara
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Magnus Westerlund