Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
Richard Barnes <rlb@ipv.sx> Wed, 12 August 2020 15:11 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A14A53A13D2 for <sframe@ietfa.amsl.com>; Wed, 12 Aug 2020 08:11:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5ib1PqQ7Tha for <sframe@ietfa.amsl.com>; Wed, 12 Aug 2020 08:11:49 -0700 (PDT)
Received: from mail-qv1-xf30.google.com (mail-qv1-xf30.google.com [IPv6:2607:f8b0:4864:20::f30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FE2E3A13D0 for <sframe@ietf.org>; Wed, 12 Aug 2020 08:11:49 -0700 (PDT)
Received: by mail-qv1-xf30.google.com with SMTP id cs12so1175724qvb.2 for <sframe@ietf.org>; Wed, 12 Aug 2020 08:11:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HB6JIsnOjLHWtBADwjN3QcY1OaXtIYAdm8jtbNL5TBM=; b=e3tBpUbnB0nHO42z0K3TXlOm2UU0fTFVYlyfuVGzpQd81ENhOtoFdw5WxphVgN/e9n cy1GgnulCtbNV68RvQSpuhiWdByFMLw2K8hBp7vVJJMb+F0T58DTqatWVQWOn8+omo4s YlP/KlZT2O7EoCo1rYMPrzRLvUdVeIjcJevM3VAy2QlCZtvrySdtZfuO1LaxAB7RKiHq 5AmfTWrqjz1i8iYxsJK9/gdLsMW7PqoeNNNZUXHEeTvL62yCL9axYB+cUyUYmmbw/i7K 6RrJnaEMIR6k02j6ByvRPuPowBhBo7/UIPz2iNskvHZLnDE7NqmXT486gTqDGytl4md4 rz0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HB6JIsnOjLHWtBADwjN3QcY1OaXtIYAdm8jtbNL5TBM=; b=LXzF06hpkamTMrWYIaLqeFN5Hn4C8rVm4yd0cnurTXHFalJ0Cf+Uoy9wqSPbCPBeYm C26ONI4gd4nxykpPBp94ynrsvSW1X/8ewDeWvT3KdqGogq5nUV6AmsVrH6k9Iz+FLQ7K 46+aXe+L8SawarbigTaGY4sHDokeC3QlKQGc3Dlbdqi8GYoeQwnvKMfx5ZLIpgz7nXWo wJrG7aiQxT5HCMfidPGtMT/l5F7v+dys8R5dzQwNkIFXrE2vZNbuvMPvSm8/ENe87Dp1 BcxQ8zpDXwi+sbj7fSIzd3yXIMxDilm5NcmX8aGIisVAkVNhwdTOPuxdrNK4GAS6yB6j 1xaA==
X-Gm-Message-State: AOAM5329zECBbfrIkAzs5NPNB10hF7J4tF2liWfPUbxzCGB6N+JNYqXZ deM4Ub2Mzugs1LW6sYbppAx0PD3F5lu0cNLbFgo6/Q==
X-Google-Smtp-Source: ABdhPJxfff1rdUVBskUGn92bY190knYNWAoaeMM4PIiR585WjcZnCYp3lecBMuHu3tGRnKnMl7WzaYoMyscmRivzlW0=
X-Received: by 2002:a0c:fc07:: with SMTP id z7mr4805qvo.65.1597245108190; Wed, 12 Aug 2020 08:11:48 -0700 (PDT)
MIME-Version: 1.0
References: <CAHo7dC91bvRHiYuRT63uJ=HeuFU9L7XXqTcG+za5xi_BbQ0G2w@mail.gmail.com> <E2072219-1B6E-4444-A39C-287842783DBF@nostrum.com> <CAL02cgT13rEnvaB9TFMci=N8OqO35qKHthPHhMCvAccZWhCu-Q@mail.gmail.com> <ca0a7472a86cf53c78779f6153a80dc096acc4e8.camel@ericsson.com> <69181ed1-d72a-99de-8b4d-9e10276ced91@gmail.com> <771e108a9f25c1bec04d5fcdad58eb55bbb1533d.camel@ericsson.com> <CAHo7dC_b_fvmq=FRK-DMFtOji_tCV3hAnEHr+P-CY7BHtPP+MA@mail.gmail.com> <CACtMSQWR0xxV_2Worc197Ftf7yTFhwrses+732vWN+fHjN4pkQ@mail.gmail.com>
In-Reply-To: <CACtMSQWR0xxV_2Worc197Ftf7yTFhwrses+732vWN+fHjN4pkQ@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Wed, 12 Aug 2020 11:11:33 -0400
Message-ID: <CAL02cgRnfRoYfUu78hV7X2LV_GuhaHbZvC9vpgcnyzy4D2HPVw@mail.gmail.com>
To: Alexandre GOUAILLARD <Alex.GOUAILLARD@cosmosoftware.io>
Cc: Emad Omara <emadomara=40google.com@dmarc.ietf.org>, Magnus Westerlund <magnus.westerlund@ericsson.com>, "ben@nostrum.com" <ben@nostrum.com>, "dispatch@ietf.org" <dispatch@ietf.org>, "sergio.garcia.murillo@gmail.com" <sergio.garcia.murillo@gmail.com>, "sframe@ietf.org" <sframe@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004b16af05acaf9b2d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/LLgCVRQqN2CZHKG-1j6ROFqFl1U>
Subject: Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Aug 2020 15:11:53 -0000
Hey all, I agree that all of this stuff is valuable to capture somewhere. In the interest of keeping the charter fairly succinct, I've added the following: """ The SFrame specification will detail the specific security properties that the encapsulation provides, and discuss their implications under common usage scenarios / threat models. """ With that, I think that all the comments we've gotten so far have been addressed. --Richard On Fri, Aug 7, 2020 at 11:51 PM Alexandre GOUAILLARD < Alex.GOUAILLARD@cosmosoftware.io> wrote: > guys, > > sorry for jumping in so late, quarantine here is very strict. > > We had long discussions about this specific point ahead of the draft > submission. > We had reached the following consensus: > - there are multiple usage of media over the internet, e.g. conferencing > and streaming/broadcast > - they have very different threat/trust models, with different solutions > implemented today (transport layer E / E2EE / DRM / Encrypted Media > Extentions / ...) > - they all can benefit from SFrame > > PERC was, by design, limited to RTP and to Conferencing. Many other use > case coul benefit from Enhanced Privacy. > > We concluded that it would be better to keep SFrame (the media encryption > part, equivalent to PERC double conceptually), and to have separated > documents that describe the threat models and the corresponding key > exchange, signaling and system level decision for each use case. Emad had > taken an action item for example to make two additional documents to > describe the Video Conferencing use case, and how SFrame could be used in > conjunction with MLS to address that specific use case. Someone else could > take the different use case of the Browsers (which have a specific trust > model) and make a document showing how SFrame con work with Insertable > Frame API (and likely some more) to address that use case. CoSMo is > interested in doing the same thing for Real-Time streaming/Broadcasting. > > I think it is a more reasonable approach as, even spending a lot of time > brainstorming with everyone around the tabel including bernard, we couldn't > think about one solution to fit all the different "media over internet"'s > threat model. In my mind, each case should first have an informal document > to define scope and threat model, and subsequent document to define the > corresponding specifications. > - Secure Conferencing Threat model (emad and co.) > - Secure Conferencing Signalling using MLS (emad and co.) > - Secure Conferencing using MLS In the browser (contributed by w3c people) > > Magnus, what do you think? > > Regards, > > Dr. ALex. > > > > On Fri, Aug 7, 2020 at 2:02 AM Emad Omara <emadomara= > 40google.com@dmarc.ietf.org> wrote: > >> Thanks Magnus. I like the idea to explicitly call out the threat model, I >> think it will be good foundations that control all future design decisions, >> however I'm not sure if the charter is the right place to call this out. >> I'd recommend having a separate document that describes the system >> architecture, goals and threat model. What do you think? >> >> Emad >> >> On Thu, Aug 6, 2020 at 1:56 AM Magnus Westerlund < >> magnus.westerlund@ericsson.com> wrote: >> >>> Hi, >>> >>> On Wed, 2020-08-05 at 22:15 +0200, Sergio Garcia Murillo wrote: >>> > But shouldn't the "delayed media" attack still be transport agnostic? >>> I >>> > mean, this can happen on QUIC and WebRTC SFUs. >>> >>> Sorry if I gave the impression that it is not transport agnostic. It is >>> use case >>> dependent, any use case that isn't point to point, where there is more >>> than one >>> entity that can intentionally remove SFRAME creating gaps in the SFRAME >>> sequence. In a point to point scenario one can correlate transport >>> losses with >>> SFRAME gaps to know give a reasonably strong mitigation against any >>> third party >>> removing SFRAMEs or delaying them. That is much harder in a centralized >>> conference with one or more SFU. >>> >>> > >>> > Anyway, I agree that while SFrame is transport agnostic, the chapter >>> > should not ignore the interactions with webrtc/quic and we must ensure >>> > that we provide a complete working solution regardless of the >>> transport. >>> > If we identify that any further working items are required for a >>> > particular transport, we should at liaise with the appropriate working >>> > group for providing a solution. >>> >>> My main point is that SFRAME actually needs to discuss the threat model >>> for the >>> use cases it intendes to solve. And the mitigation can potentially >>> include >>> functionality on the transport level. But the risks to media security in >>> centralized conferencing needs to be discussed. And centralized >>> conferencing >>> will still have the semi-trusted SFUs and all the rest of the third >>> parties in >>> addition to the end-points. >>> >>> Also what properties one have around end-points invited into the >>> conference has >>> a number of question around security properties that needs to be >>> discussed and >>> documented. Some examples that I know are relevant: >>> >>> - Source authentication: SRTP unless one use TESLA (which isn't really >>> used) >>> does only provided the property: Someone that has the key sent this. One >>> don't >>> know that it comes from a particular endpoint. >>> >>> - Confidentiality when group membership changes: So will SFRAME keying >>> support a >>> use case where only the current set of members in a conference can >>> decrypt the >>> media and one rekey the media session key for each time the membership >>> changes? >>> PERC do support this, will SFRAME? >>> >>> There are likely more questions that needs discussion. The PERC >>> discussion is a >>> good starting point, but I think when going transport agnostic some of >>> the >>> issues needs to be more clearly discussed as the RTP transport can have >>> affected >>> how it was discussed, and what reliance on existing mechanism. Which for >>> SFRAME >>> likely require a general discussion and then requirements on the >>> transport and >>> invovled endpoints and SFU to accomplish mitigations. And thus also what >>> the >>> risks are of having no mitigation in place. >>> >>> I would really propose that SFRAME is chartered with publishing a >>> security >>> consideration and threat model document that is seperate from the >>> solution to >>> give this topic full focus. The solution will of necessity need to >>> reference >>> that and document what migitagtions that exists in the SFRAME layer and >>> what >>> becomes requirements on the transport. >>> >>> Cheers >>> >>> Magnus Westerlund >>> >>> >>> ---------------------------------------------------------------------- >>> Networks, Ericsson Research >>> ---------------------------------------------------------------------- >>> Ericsson AB | Phone +46 10 7148287 >>> <+46%2010%20714%2082%2087> >>> Torshamnsgatan 23 | Mobile +46 73 0949079 >>> <+46%2073%20094%2090%2079> >>> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com >>> ---------------------------------------------------------------------- >>> >>> >>> -- >> Sframe mailing list >> Sframe@ietf.org >> https://www.ietf.org/mailman/listinfo/sframe >> >
- [Sframe] SFrame proposed WG charter Emad Omara
- [Sframe] SFRame Next Steps (was Re: [dispatch] SF… Ben Campbell
- Re: [Sframe] [dispatch] SFRame Next Steps (was Re… Richard Barnes
- Re: [Sframe] [dispatch] SFRame Next Steps (was Re… Magnus Westerlund
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Sergio Garcia Murillo
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Magnus Westerlund
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Emad Omara
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Alexandre GOUAILLARD
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Richard Barnes
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Magnus Westerlund
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Richard Barnes
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Bernard Aboba
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Emad Omara
- Re: [Sframe] [dispatch] SFRame Next Steps (was SF… Magnus Westerlund