Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)

Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 01 September 2020 09:23 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD63C3A0E80; Tue, 1 Sep 2020 02:23:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pa5dPxlqTjap; Tue, 1 Sep 2020 02:23:53 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30053.outbound.protection.outlook.com [40.107.3.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77CD33A0E59; Tue, 1 Sep 2020 02:23:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VDd75P89P1lRWJgyFt3VRWvHM9o70UaRnKXJcRITmlsUVAMWZsNz8zknFd3njDOHanG9CS4uQciZFU2+zSF1QKC4HhDYuGSrWY26Iq7NLKJri83ig4yU8FPK+fJE7zoKGoPgPwK/b7SDDeEM4e77mVwHC8xZecFObqtUWSDd/+xezF0XfqMFOj8lH96golZjoxLzrZ8J77iLlHhmiMp+GEQzBQgoi1OiztBQI/eUMvuRQE8UIVz050GragB6sqXeaq7BrEr6hu8nXWe9sFyakem38t7qQPSUkyxEJdDkQu7YL+9Ud20lngofnXEVcUZuKH0lXUBdk0zJ3OG9oL7zuw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IGmOrXvdoHSWhdcP4fQrr83h0VzcFNDJPfeDRV1lq/o=; b=hPW3MS6iNS2sm8ZZ/1h27D6fflkANGHfrK7ivhQ6fqpHC6tDZpwLpUQbf1GA9jHNVUDCS2PxsnGSnGq6GXy7VJgubBe1B1efBQt+UWztpdfeWnXUrMuCmh5ck0GkRplUXb+ovqRSw0XogX12a2rBEe0VmliPDbCPGfyqac/EPAkCxcejbs4KA3MYC++8ioMyGIT3FeLo3DgKCjvvgsoS96TH4TCWat6XmFObwG2TsXvKSlvLUTnI0v6qwKPH0sGyocbLu8KLAgKIu32cMqakuIJSv6I5rgLM7oUiDTe0yFx05yhDUzknV9CZQOmu5OL1fAFJ08OfBaAga9NtzYFMAA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IGmOrXvdoHSWhdcP4fQrr83h0VzcFNDJPfeDRV1lq/o=; b=IjMll9g7uW/nDW6sMpxb6ms5q0VsJME4TQ3XlmRTl6wRslr8gpDUejSHLtfWonmwaOzqdZs2RBK5HC2xDS3CRnEHqaYHP5773pFOheWx5LSV1+0KIFZPeSq/dVlkcOPkLnReUEocbb5iUTViYICBhJCBw5AeKgzj7H91I18KH14=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR07MB3449.eurprd07.prod.outlook.com (2603:10a6:7:38::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3348.6; Tue, 1 Sep 2020 09:23:47 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::b56f:9a8e:3399:aaa3]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::b56f:9a8e:3399:aaa3%7]) with mapi id 15.20.3348.014; Tue, 1 Sep 2020 09:23:47 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "rlb@ipv.sx" <rlb@ipv.sx>
CC: "Alex.GOUAILLARD@cosmosoftware.io" <Alex.GOUAILLARD@cosmosoftware.io>, "ben@nostrum.com" <ben@nostrum.com>, "emadomara=40google.com@dmarc.ietf.org" <emadomara=40google.com@dmarc.ietf.org>, "dispatch@ietf.org" <dispatch@ietf.org>, "sframe@ietf.org" <sframe@ietf.org>, "sergio.garcia.murillo@gmail.com" <sergio.garcia.murillo@gmail.com>
Thread-Topic: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
Thread-Index: AQHWa2UvSRWiVT7MukOqMgZDT9IOv6kqyBeAgACYmgCAAjbMgIAHB3KAgB3KAwCAABpHgIABKSkA
Date: Tue, 1 Sep 2020 09:23:47 +0000
Message-ID: <18af04caed9687f6eceee6576f85f9d40e72019a.camel@ericsson.com>
References: <CAHo7dC91bvRHiYuRT63uJ=HeuFU9L7XXqTcG+za5xi_BbQ0G2w@mail.gmail.com> <E2072219-1B6E-4444-A39C-287842783DBF@nostrum.com> <CAL02cgT13rEnvaB9TFMci=N8OqO35qKHthPHhMCvAccZWhCu-Q@mail.gmail.com> <ca0a7472a86cf53c78779f6153a80dc096acc4e8.camel@ericsson.com> <69181ed1-d72a-99de-8b4d-9e10276ced91@gmail.com> <771e108a9f25c1bec04d5fcdad58eb55bbb1533d.camel@ericsson.com> <CAHo7dC_b_fvmq=FRK-DMFtOji_tCV3hAnEHr+P-CY7BHtPP+MA@mail.gmail.com> <CACtMSQWR0xxV_2Worc197Ftf7yTFhwrses+732vWN+fHjN4pkQ@mail.gmail.com> <CAL02cgRnfRoYfUu78hV7X2LV_GuhaHbZvC9vpgcnyzy4D2HPVw@mail.gmail.com> <fc46a290b86591e4e009f65f76c828028e06bd8b.camel@ericsson.com> <CAL02cgSp_r0Z9xF71yVLX5mpGK-B-OFDh2rC6oBxVFNAkvJ=mA@mail.gmail.com>
In-Reply-To: <CAL02cgSp_r0Z9xF71yVLX5mpGK-B-OFDh2rC6oBxVFNAkvJ=mA@mail.gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: ipv.sx; dkim=none (message not signed) header.d=none;ipv.sx; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.83]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0e963e35-e203-4022-40e1-08d84e58bb1c
x-ms-traffictypediagnostic: HE1PR07MB3449:
x-microsoft-antispam-prvs: <HE1PR07MB34498E4F7766C1CEFE37689B952E0@HE1PR07MB3449.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jtW0tjK8kHIHeioh3v/GN0eOkh0ykjZEkNNc2K+C3prkjlQt8mSyL+BDzxLW0wbP6e0s1SxpLeTLXqIAzHtgYvMJpUFmsRW8hOFTTWDOxsBrwYcpE66smeU4y5MvIzNHnRpuRS5L0RdQxX4gpi/y/lSrQRl6KwJ3+ia3cgY2b55had1cyFi3vR8HXqCnVKS8sO17OBF6GYwAt4IzPHV1NAxsWpnrdGUZi6ohu0a1zF55kUTc4ye2NBeu8jOvVHP8CDU+ngt3gnEfyeBy2h7VrU7yKZfHx8MLNiqwkK+ztTYg70ujxKaoVv3H3SZgkZT2UCJYZ6JcbFlDNPbRzdXgYygqk2jn8OGGbnVpdDsWJ71TNUnybCa+6FSraKXc+CWS
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(136003)(39860400002)(346002)(366004)(376002)(2906002)(66946007)(186003)(6512007)(54906003)(26005)(66476007)(316002)(6506007)(478600001)(64756008)(6486002)(91956017)(66446008)(66556008)(6916009)(76116006)(2616005)(36756003)(8676002)(44832011)(71200400001)(5660300002)(8936002)(83380400001)(4326008)(86362001)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: PpG0f0+HPc8iku6ca6nrBLNR1zNDGvlNF5v8bEH5EVBFeUHmEVbFgNpzK379hUEurKi3I8jOcYv9m0iFoDtGrHM0VTlUUOAzarnZu8QfUmD4FaOU9HPkQaNnzT+99RWODZ9KEmhP61MfePkToLW3gcCVcWHEWqSQ9KEZFXjOqslCbyDnRg1j2SPS8JNjr+p4Pl4maRF6CycNIN1kCltKuMZAZ+Rt4y5v7OCdOkrqtQn4M+YaJiaP+E/9+5DGe+ze6jd01Wk3J4FRA8nLi0Bbgak22WlgC6lusZJcyhWqUdEUAtbwVdE6VhrrNFyjbMTy1Z7JDgVN0DHPYBCkF2DLgErhJZbICbk3zRqO5lV9lnAjVH54s+avoF4HdOl77cmtj1L/XDBl06LLobublnTB8SIs3eHahetIlQYQGs0THX7m83FZ9ZbP7CRJFq8wfQ4SuMAbE527NRLCtIhFGZYYF84+ZtUwfAIgAcjdTcTKvhvy8Bbdg0GzfOFj20MCQcJVrnxYbOwjZ1d4752kFFR/pNEksFC13oIFAkmEnUjdUHp3mFpY2t/8DsxvK4GBFodAm/y6EMS7dsFu/OCSK5JGdP8GziGjs1rz8mIaawkfIqVdiIKN7mqudUbGQXZcWzt8ncWwJQ37ZFV5qtCABTFZXw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <4CD0C54A3BB524408D3A153D40C5B826@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0e963e35-e203-4022-40e1-08d84e58bb1c
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Sep 2020 09:23:47.5415 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: qt1WCToVxpMSxtXI5Vi3yl+yBTfsFn+63d51s74z9AvrTbgNE4Qt8rUYU3aPssL76AV48wrLaS8NOBtjWiiJekawBg97ArNgsc5K6jIji7g=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3449
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/4-_UuSeZEp_3dIl_x9ZRWAdByus>
Subject: Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2020 09:24:02 -0000

Hi, 

Please see inline.

On Mon, 2020-08-31 at 11:40 -0400, Richard Barnes wrote:
> Hi Magnus,
> 
> I think the intent here is to have a mechanism that provides a subset of the
> security properties required for a given scenario, but which can be augmented
> with additional mechanisms to provide the rest.  For example, even in the most
> obvious SFrame+SRTP case, there's a division of labor between the two
> protocols, where SFrame only protects content, and SRTP also protects the RTP
> header and guards against reply by network attackers.

Yes, I think that is fine. However, that will require that you discuss the
larger set of threats, and then be explicit what SFRAME solves and which have to
be solved by the transport mechanism used to move the SFRAME messages. 

> 
> So in a sense it is an intersection (in that it does something that is needed
> by all the use cases), but it might need other things to provide all the
> properties you need in a given scenario.

Yes, SFRAME solves the intersection and those threat that belong to the Union
but are outside of intersection will be requirement on the external mechanisms.


Cheers

Magnus Westerlund 


----------------------------------------------------------------------
Networks, Ericsson Research
----------------------------------------------------------------------
Ericsson AB                 | Phone  +46 10 7148287
Torshamnsgatan 23           | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------