Re: [Sframe] SFrame signatures

Saúl Ibarra Corretgé <saghul@jitsi.org> Wed, 31 March 2021 09:28 UTC

Return-Path: <saghul@sip-communicator.org>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D9A03A21A8 for <sframe@ietfa.amsl.com>; Wed, 31 Mar 2021 02:28:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jitsi-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ydQuzSR0vUaW for <sframe@ietfa.amsl.com>; Wed, 31 Mar 2021 02:28:54 -0700 (PDT)
Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [IPv6:2a00:1450:4864:20::331]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E03833A21C3 for <Sframe@ietf.org>; Wed, 31 Mar 2021 02:28:41 -0700 (PDT)
Received: by mail-wm1-x331.google.com with SMTP id n11-20020a05600c4f8bb029010e5cf86347so2114073wmq.1 for <Sframe@ietf.org>; Wed, 31 Mar 2021 02:28:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jitsi-org.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=cgcWq5LDZn5KZiue8mpq85bk0OU7bYGvQ88Ts/u5UZw=; b=Pr1OZn/N5y7GT0BVLrDO5qUXo4i5BGbJ8tFUED1E5TJ7XdRq4U6v2guh+sHi43HiuT x6rgFoLM/l0/YPKDdnFBuMWD8i4ZIRkE3o3R3SJIVElAU1VERC16y/YXY9SVLztL+Hjx NHm9nKzc8SXll8I6ApwCcTSN4MxAYIGF84Lvrzz+7tgIT3FXzlepLg2UqAR7s5LpS/xQ xbBFZxhbtDIIDM47AR17UajbYjvGVAaQLRoQT6Lv74fK5ubQBeZZTadCQJShkmdk5hJb gOXof+xpaSRjKODv4A5ioZtY+EJJ4qzz7+rNSYKwb1i4uzQc+PYPLBHQcKzKU6zwdhjv y3DA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=cgcWq5LDZn5KZiue8mpq85bk0OU7bYGvQ88Ts/u5UZw=; b=o0p9Tx0LUtlY9hhHNY3sOeqiSFqJdlgqNh6lfsclUSOgag6N/TmhJclXuxJp8kL6IU Wc4Z4aphfwLkEJqy7Fhb8KZ46LbedLj4jCUUxPQkxpb8x5IvvkWXlFUEJvFNsbDcntpv TooDZqy4TQ6uJBf83V7Q+7QYPq/EPwuPGipu54YQ0yFaQKoFn5lthlJGbUCZjZ2voD9M FtxjZ8q5MO85IlD/Ta+8zxasAXXwQgw/TTEAS5ZcpJh4iivQreyclME/sGlfAt/pBCVN mlBu0wtXVZpqUxwtsLZCDTczedH4P3wey9smewzc6DOdvpHWYs+xHZCM3E+oG+/yTf1L /zDA==
X-Gm-Message-State: AOAM53336QijBb4aKXzBsSax2vrHnpoD8MfFk/dTbP1/G/5Z4HAWQeWQ LfpnFLKUU8lSc2KJC+Wn5k1Vfj7aJKstc9N+
X-Google-Smtp-Source: ABdhPJzXOZ/nP0wi7SJjFCvpmf/kY8d/t51iFWPLrRF/QkaUEsRckxquoa1lR92/SEPtmT+3acArfQ==
X-Received: by 2002:a05:600c:3515:: with SMTP id h21mr2303832wmq.35.1617182918758; Wed, 31 Mar 2021 02:28:38 -0700 (PDT)
Received: from xray.local (a118231.upc-a.chello.nl. [62.163.118.231]) by smtp.gmail.com with ESMTPSA id i17sm3305092wrp.77.2021.03.31.02.28.38 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 31 Mar 2021 02:28:38 -0700 (PDT)
To: Justin Uberti <juberti=40google.com@dmarc.ietf.org>, Sframe@ietf.org
References: <CAOJ7v-03Jt4w1PuSA-cTyM_GpD6rDFkz4US_Yw35YRHbikr3iA@mail.gmail.com>
From: Saúl Ibarra Corretgé <saghul@jitsi.org>
Message-ID: <36921b7e-2fe1-e636-4829-8117bad1467c@jitsi.org>
Date: Wed, 31 Mar 2021 11:28:37 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <CAOJ7v-03Jt4w1PuSA-cTyM_GpD6rDFkz4US_Yw35YRHbikr3iA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-GB
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/nBoMlKpuYWLLzQNtQE5OSPioe_g>
Subject: Re: [Sframe] SFrame signatures
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 11:33:05 -0000

On 18/03/2021 23:15, Justin Uberti wrote:
> In recent discussions regarding signatures for SFrame we have questioned 
> the usefulness of this feature and considered removing it. Upon looking 
> closer into the details here, we have also determined more work would be 
> required to properly specify it.
> 
> Given this, the authoring team would like to officially propose removing 
> the signature feature from the specification. If you are using SFrame 
> signatures in your application and disagree with this direction, please 
> let us know by the end of next week (Friday, March 26).
> 
> Justin
> 

Sorry for the delay responding.

We do currently use signatures on Jitsi. We started by signing every 
frame and compromising on the overhead.

The next step (currently in PR) was to sign multiple frames. 
Specifically, all keyframes, first frame from a new SSRC, and frame on 
which we needed to racthet are signed.

I'll say I'm not happy with the complexity this introduces, and I agree 
the attack vector is weird (a user in a conference is using the key of 
another user in the conference).

FWIW, Zoom deems this attack vector out of scope:

"""
Second, there are certain classes of attack and threats that we deem out 
of scope, including:In-meeting  impersonation  attacks:A  malicious  but 
  otherwise  authorized  meetingparticipant colluding with a malicious 
server can masquerade as another authorizedmeeting participant.
"""

https://raw.githubusercontent.com/zoom/zoom-e2e-whitepaper/master/zoom_e2e.pdf 
- Section 1.3.

I find myself agreeing here.

I see the authentication section was removed in draft -02 and section 
8.1 was added, nice to see that's explicit now.

We'll most likely be removing signatures for the time being.


Cheers,

-- 
Saúl