IETF Logo Mail Archive

Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)

Richard Barnes <rlb@ipv.sx> Mon, 31 August 2020 15:40 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F8803A161E for <sframe@ietfa.amsl.com>; Mon, 31 Aug 2020 08:40:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bvzZxx6EpFmj for <sframe@ietfa.amsl.com>; Mon, 31 Aug 2020 08:40:40 -0700 (PDT)
Received: from mail-qk1-x729.google.com (mail-qk1-x729.google.com [IPv6:2607:f8b0:4864:20::729]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 682093A163F for <sframe@ietf.org>; Mon, 31 Aug 2020 08:40:38 -0700 (PDT)
Received: by mail-qk1-x729.google.com with SMTP id o64so6475946qkb.10 for <sframe@ietf.org>; Mon, 31 Aug 2020 08:40:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rAE6OwkwC75tsYTi9hxQQavng3YWDDaQpR0yCqymdH0=; b=MjQGQCMP6IGtlkns9CKsneCTx6tbvpN0011wkCPQ2uaKoRVpk757OwhiNwUvwDdpf+ M9DxbM+cWRFIPufrwLbmSOiapi5cV1DQkKD2kFLyf1n80lD9Nmw8yvuRPIZ1cqF6DHdw Gcoju18JMOCM2FM7Ud/0eZ2/oeYMjRPvp0Z2/0a9TryRFAkvGUgTc03ytfQt6iCf2Tui CUFsBKQzDVERD/muPZ14SXHOnx+zHkhycTzym9vzbHBwsAxAsw16qxuvMoXAyGFyAHQ8 ddmJlhqgy8CKwswaqd8F08it3KoiU9zCPaful9unh/7IV2oBxk//7hdfP/jmx2ayldgl EHQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rAE6OwkwC75tsYTi9hxQQavng3YWDDaQpR0yCqymdH0=; b=hAr4+AsilbNBmtU+fBfHMG1xtBhOnqhmaxyBSW3v7LXP4+leaB/ABy/4agWIh1ChWj KVxofEIkKjH6Yt4gdVj0FlfgNrXxOP5CNDQskrzBzqKx7LTr51rIi2uEAoCG5KeDlbIi ycLWb9SLq/AG5aphWxwM/nh+p1TPygyBA8S2q70xdStT6s2kSEu/BiEI7TQRNz7Q30S9 7zLDpbuJzTCFEMNk4JPwn6ij61pOf/be1UboE3wR+s+LFfJXOUIImS5vNh17xriSnDMv TFcPfgzIGQKHaKZHuPVR1FltbD2eW8h+HxRHdLtt8dTAfvLsF18XQIrcGDvLn/i/3VZ2 04vg==
X-Gm-Message-State: AOAM5306W8JVx9ZJ12eGCABHxlu+qK3Ke9qvPh4cidb/5sfdLs6cHPnY t1FVrtG3ZtCzIMNEuPEqlzeNpKMvem67Qw8GEzhbnw==
X-Google-Smtp-Source: ABdhPJyv7bKwL8Rg908LpkNcs4Ufpoh88Q7un5O9Vj5CDpGm6xfqCMTLjTpqlo52PiZOU1DTV4ZaSwQHnsIqeMjYW3s=
X-Received: by 2002:a05:620a:125b:: with SMTP id a27mr1952520qkl.371.1598888437288; Mon, 31 Aug 2020 08:40:37 -0700 (PDT)
MIME-Version: 1.0
References: <CAHo7dC91bvRHiYuRT63uJ=HeuFU9L7XXqTcG+za5xi_BbQ0G2w@mail.gmail.com> <E2072219-1B6E-4444-A39C-287842783DBF@nostrum.com> <CAL02cgT13rEnvaB9TFMci=N8OqO35qKHthPHhMCvAccZWhCu-Q@mail.gmail.com> <ca0a7472a86cf53c78779f6153a80dc096acc4e8.camel@ericsson.com> <69181ed1-d72a-99de-8b4d-9e10276ced91@gmail.com> <771e108a9f25c1bec04d5fcdad58eb55bbb1533d.camel@ericsson.com> <CAHo7dC_b_fvmq=FRK-DMFtOji_tCV3hAnEHr+P-CY7BHtPP+MA@mail.gmail.com> <CACtMSQWR0xxV_2Worc197Ftf7yTFhwrses+732vWN+fHjN4pkQ@mail.gmail.com> <CAL02cgRnfRoYfUu78hV7X2LV_GuhaHbZvC9vpgcnyzy4D2HPVw@mail.gmail.com> <fc46a290b86591e4e009f65f76c828028e06bd8b.camel@ericsson.com>
In-Reply-To: <fc46a290b86591e4e009f65f76c828028e06bd8b.camel@ericsson.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Mon, 31 Aug 2020 11:40:09 -0400
Message-ID: <CAL02cgSp_r0Z9xF71yVLX5mpGK-B-OFDh2rC6oBxVFNAkvJ=mA@mail.gmail.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Cc: "Alex.GOUAILLARD@cosmosoftware.io" <Alex.GOUAILLARD@cosmosoftware.io>, "ben@nostrum.com" <ben@nostrum.com>, "emadomara=40google.com@dmarc.ietf.org" <emadomara=40google.com@dmarc.ietf.org>, "dispatch@ietf.org" <dispatch@ietf.org>, "sframe@ietf.org" <sframe@ietf.org>, "sergio.garcia.murillo@gmail.com" <sergio.garcia.murillo@gmail.com>
Content-Type: multipart/alternative; boundary="00000000000057254505ae2e3930"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/veR54NSbIspRSPdgyJntqAMgLt4>
Subject: Re: [Sframe] [dispatch] SFRame Next Steps (was SFrame proposed WG charter)
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2020 15:40:49 -0000

Hi Magnus,

I think the intent here is to have a mechanism that provides a subset of
the security properties required for a given scenario, but which can be
augmented with additional mechanisms to provide the rest.  For example,
even in the most obvious SFrame+SRTP case, there's a division of labor
between the two protocols, where SFrame only protects content, and SRTP
also protects the RTP header and guards against reply by network attackers.

So in a sense it is an intersection (in that it does something that is
needed by all the use cases), but it might need other things to provide all
the properties you need in a given scenario.

--Richard

On Mon, Aug 31, 2020 at 10:06 AM Magnus Westerlund <
magnus.westerlund@ericsson.com> wrote:

> Hi,
>
> Thanks for working on addressing my comments when on vacation.
>
> I think you mostly arravied at a good place. However, I would like to make
> one
> remark about the added language.
>
> When it comes to threat models it can't be the intersection of threats
> across
> those that occur in the intended usages, it needs to be the union of
> threats.
> The formulation added implies intersection to me.
>
> Cheers
>
> Magnus
>
> On Wed, 2020-08-12 at 11:11 -0400, Richard Barnes wrote:
> > Hey all,
> >
> > I agree that all of this stuff is valuable to capture somewhere.  In the
> > interest of keeping the charter fairly succinct, I've added the
> following:
> >
> > """
> > The SFrame specification will detail the specific security properties
> that the
> > encapsulation provides, and discuss their implications under common usage
> > scenarios / threat models.
> > """
> >
> > With that, I think that all the comments we've gotten so far have been
> > addressed.
> >
> > --Richard
> >
> >
> > On Fri, Aug 7, 2020 at 11:51 PM Alexandre GOUAILLARD <
> > Alex.GOUAILLARD@cosmosoftware.io> wrote:
> > > guys,
> > >
> > > sorry for jumping in so late, quarantine here is very strict.
> > >
> > > We had long discussions about this specific point ahead of the draft
> > > submission.
> > > We had reached the following consensus:
> > > - there are multiple usage of media over the internet, e.g.
> conferencing and
> > > streaming/broadcast
> > > - they have very different threat/trust models, with different
> solutions
> > > implemented today (transport layer E / E2EE / DRM / Encrypted Media
> > > Extentions / ...)
> > > - they all can benefit from SFrame
> > >
> > > PERC was, by design, limited to RTP and to Conferencing. Many other
> use case
> > > coul benefit from Enhanced Privacy.
> > >
> > > We concluded that it would be better to keep SFrame (the media
> encryption
> > > part, equivalent to PERC double conceptually), and to have separated
> > > documents that describe the threat models and the corresponding key
> > > exchange, signaling and system level decision for each use case. Emad
> had
> > > taken an action item for example to make two additional documents to
> > > describe the Video Conferencing use case, and how SFrame could be used
> in
> > > conjunction with MLS to address that specific use case. Someone else
> could
> > > take the different use case of the Browsers (which have a specific
> trust
> > > model) and make a document showing how SFrame con work with Insertable
> Frame
> > > API (and likely some more) to address that use case. CoSMo is
> interested in
> > > doing the same thing for Real-Time streaming/Broadcasting.
> > >
> > > I think it is a more reasonable approach as, even spending a lot of
> time
> > > brainstorming with everyone around the tabel including bernard, we
> couldn't
> > > think about one solution to fit all the different "media over
> internet"'s
> > > threat model. In my mind, each case should first have an informal
> document
> > > to define scope and threat model, and subsequent document to define the
> > > corresponding specifications.
> > > - Secure Conferencing Threat model (emad and co.)
> > > - Secure Conferencing Signalling using MLS (emad and co.)
> > > - Secure Conferencing using MLS In the browser (contributed by w3c
> people)
> > >
> > > Magnus, what do you think?
> > >
> > > Regards,
> > >
> > > Dr. ALex.
> > >
> > >
> > >
> > > On Fri, Aug 7, 2020 at 2:02 AM Emad Omara <
> > > emadomara=40google.com@dmarc.ietf.org> wrote:
> > > > Thanks Magnus. I like the idea to explicitly call out the threat
> model, I
> > > > think it will be good foundations that control all future design
> > > > decisions, however I'm not sure if the charter is the right place to
> call
> > > > this out. I'd recommend having a separate document that describes the
> > > > system architecture, goals and threat model. What do you think?
> > > >
> > > > Emad
> > > >
> > > > On Thu, Aug 6, 2020 at 1:56 AM Magnus Westerlund <
> > > > magnus.westerlund@ericsson.com> wrote:
> > > > > Hi,
> > > > >
> > > > > On Wed, 2020-08-05 at 22:15 +0200, Sergio Garcia Murillo wrote:
> > > > > > But shouldn't the "delayed media" attack still be transport
> agnostic?
> > > > > I
> > > > > > mean, this can happen on QUIC and WebRTC SFUs.
> > > > >
> > > > > Sorry if I gave the impression that it is not transport agnostic.
> It is
> > > > > use case
> > > > > dependent, any use case that isn't point to point, where there is
> more
> > > > > than one
> > > > > entity that can intentionally remove SFRAME creating gaps in the
> SFRAME
> > > > > sequence. In a point to point scenario one can correlate transport
> > > > > losses with
> > > > > SFRAME gaps to know give a reasonably strong mitigation against any
> > > > > third party
> > > > > removing SFRAMEs or delaying them. That is much harder in a
> centralized
> > > > > conference with one or more SFU.
> > > > >
> > > > > >
> > > > > > Anyway, I agree that while SFrame is transport agnostic, the
> chapter
> > > > > > should not ignore the interactions with webrtc/quic and we must
> > > > > ensure
> > > > > > that we provide a complete working solution regardless of the
> > > > > transport.
> > > > > > If we identify that any further working items are required for a
> > > > > > particular transport, we should at liaise with the appropriate
> > > > > working
> > > > > > group for providing a solution.
> > > > >
> > > > > My main point is that SFRAME actually needs to discuss the threat
> model
> > > > > for the
> > > > > use cases it intendes to solve. And the mitigation can potentially
> > > > > include
> > > > > functionality on the transport level. But the risks to media
> security in
> > > > > centralized conferencing needs to be discussed. And centralized
> > > > > conferencing
> > > > > will still have the semi-trusted SFUs and all the rest of the third
> > > > > parties in
> > > > > addition to the end-points.
> > > > >
> > > > > Also what properties one have around end-points invited into the
> > > > > conference has
> > > > > a number of question around security properties that needs to be
> > > > > discussed and
> > > > > documented. Some examples that I know are relevant:
> > > > >
> > > > > - Source authentication: SRTP unless one use TESLA (which isn't
> really
> > > > > used)
> > > > > does only provided the property: Someone that has the key sent
> this. One
> > > > > don't
> > > > > know that it comes from a particular endpoint.
> > > > >
> > > > > - Confidentiality when group membership changes: So will SFRAME
> keying
> > > > > support a
> > > > > use case where only the current set of members in a conference can
> > > > > decrypt the
> > > > > media and one rekey the media session key for each time the
> membership
> > > > > changes?
> > > > > PERC do support this, will SFRAME?
> > > > >
> > > > > There are likely more questions that needs discussion. The PERC
> > > > > discussion is a
> > > > > good starting point, but I think when going transport agnostic
> some of
> > > > > the
> > > > > issues needs to be more clearly discussed as the RTP transport can
> have
> > > > > affected
> > > > > how it was discussed, and what reliance on existing mechanism.
> Which for
> > > > > SFRAME
> > > > > likely require a general discussion and then requirements on the
> > > > > transport and
> > > > > invovled endpoints and SFU to accomplish mitigations. And thus
> also what
> > > > > the
> > > > > risks are of having no mitigation in place.
> > > > >
> > > > > I would really propose that SFRAME is chartered with publishing a
> > > > > security
> > > > > consideration and threat model document that is seperate from the
> > > > > solution to
> > > > > give this topic full focus. The solution will of necessity need to
> > > > > reference
> > > > > that and document what migitagtions that exists in the SFRAME
> layer and
> > > > > what
> > > > > becomes requirements on the transport.
> > > > >
> > > > > Cheers
> > > > >
> > > > > Magnus Westerlund
> > > > >
> > > > >
> > > > >
> ----------------------------------------------------------------------
> > > > > Networks, Ericsson Research
> > > > >
> ----------------------------------------------------------------------
> > > > > Ericsson AB                 | Phone  +46 10 7148287
> > > > > Torshamnsgatan 23           | Mobile +46 73 0949079
> > > > > SE-164 80 Stockholm, Sweden | mailto:
> magnus.westerlund@ericsson.com
> > > > >
> ----------------------------------------------------------------------
> > > > >
> > > > >
> --
> Cheers
>
> Magnus Westerlund
>
>
> ----------------------------------------------------------------------
> Networks, Ericsson Research
> ----------------------------------------------------------------------
> Ericsson AB                 | Phone  +46 10 7148287
> Torshamnsgatan 23           | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
>
>
>

v2.23.0 | Report a Bug | By Email