IETF Logo Mail Archive

Re: [Simple] Draft new version: draft-ietf-simple-msrp-cema-06

Nancy Greene <nancy.greene@ericsson.com> Fri, 29 June 2012 22:20 UTC

Return-Path: <nancy.greene@ericsson.com>
X-Original-To: simple@ietfa.amsl.com
Delivered-To: simple@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5D4D11E8072 for <simple@ietfa.amsl.com>; Fri, 29 Jun 2012 15:20:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n9l7WgnCflUA for <simple@ietfa.amsl.com>; Fri, 29 Jun 2012 15:20:08 -0700 (PDT)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.9]) by ietfa.amsl.com (Postfix) with ESMTP id 623F621F84DF for <simple@ietf.org>; Fri, 29 Jun 2012 15:20:08 -0700 (PDT)
Received: from eusaamw0707.eamcs.ericsson.se ([147.117.20.32]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id q5TMDLW7013561; Fri, 29 Jun 2012 17:13:25 -0500
Received: from EUSAACMS0703.eamcs.ericsson.se ([169.254.1.184]) by eusaamw0707.eamcs.ericsson.se ([147.117.20.32]) with mapi; Fri, 29 Jun 2012 18:13:22 -0400
From: Nancy Greene <nancy.greene@ericsson.com>
To: Ben Campbell <ben@estacado.net>
Date: Fri, 29 Jun 2012 18:13:21 -0400
Thread-Topic: [Simple] Draft new version: draft-ietf-simple-msrp-cema-06
Thread-Index: AQHNVi/TATnHcrqjSzSfeWb3XdfzrJcR22zfgAAAnCA=
Message-ID: <AEA158B0C52AEC4394D7B68A331367F46D9C3B44C4@EUSAACMS0703.eamcs.ericsson.se>
References: <7F2072F1E0DE894DA4B517B93C6A05853405AF4115@ESESSCMS0356.eemea.ericsson.se> <B7567DB6-0B19-4993-9DBB-B4AF1B003832@estacado.net>, <DE0AF4D2-E195-4B1C-AB6F-8408E761858A@estacado.net> <5BBCD7EF-64C4-4FEC-BEED-33831A43B6D0@att.com>
In-Reply-To: <5BBCD7EF-64C4-4FEC-BEED-33831A43B6D0@att.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Simple WG <simple@ietf.org>
Subject: Re: [Simple] Draft new version: draft-ietf-simple-msrp-cema-06
X-BeenThere: simple@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP for Instant Messaging and Presence Leveraging Extensions <simple.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/simple>, <mailto:simple-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/simple>
List-Post: <mailto:simple@ietf.org>
List-Help: <mailto:simple-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jun 2012 22:20:09 -0000

The new text looks fine.
Nancy


www.ericsson.com  - This Communication is Confidential. We only send and receive email on the basis of the term set out at www.ericsson.com/email_disclaimer  


On Jun 29, 2012, at 3:47 PM, "Ben Campbell" <ben@estacado.net> wrote:

> (As Chair, adding to the previous...)
> 
> Christer also proposed the following change to section 7.7 to go along with the previous proposed addition:
> 
>>> Section 7.7 currently says:
>>> 
>>>    "There is no way for the endpoints to discover when such an attack is
>>>    taking place though."
>>> 
>>> I guess we should change that to something like:
>>> 
>>>    "It is very hard for the endpoints to detect when such an attack is
>>>    taking place though."
>> 
> 
> 
> If anyone objects to that change, please speak up ASAP.
> 
> 
> Thanks!
> 
> Ben.
> 
> 
> On Jun 27, 2012, at 3:33 PM, Ben Campbell wrote:
> 
>> As Chair:
>> 
>> Hi Everyone:
>> 
>> Christer, thanks for submitting this.
>> 
>> Everyone,  please take a quick look at the security considerations in this version, and send comments ASAP if you see an issue. If you made comments in the WGLC, please confirm whether your comments are addressed (I'm not sure if anyone but me did--maybe Paul?). If we don't see an objection the end of the week, we plan to restart the process to progress this.
>> 
>> Additionally, we've had a Security AD suggestion to add text (probably to section 7.7)  to the effect of the following, which would add SHOULD level normative requirements to watch for changes in a fingerprint for an identity, and warn of any changes. If anyone objects to adding that, please speak up ASAP.
>> 
>>> "When a UA receives a fingerprint, that represents a binding between 
>>> the identity as established by TLS and that established via SDP. As 
>>> previously noted, the fingerprint is vulnerable to an active MITM 
>>> attack from any on-path proxy. UAs SHOULD therefore locally store 
>>> fingerprints associated with the relevant identities when first 
>>> seen, and SHOULD warn when a new fingerprint is seen for what 
>>> otherwise appears to be the same peer identity. While there are 
>>> valid reasons for keys to change from time to time, that ought be 
>>> the exception, hence the suggested warning."
>> 
>> 
>> 
>> Thanks!
>> 
>> Ben.
>> 
>> 
>> 
>> 
>> On Jun 25, 2012, at 6:07 PM, Christer Holmberg wrote:
>> 
>>> Hi,
>>> 
>>> Based on Ben's comments, I've submitted a new version (-06) of the cema draft, with some modifications in the security considerations section. The new text should address Ben's issues and suggestions.
>>> 
>>> Regards,
>>> 
>>> Christer
>>> _______________________________________________
>>> Simple mailing list
>>> Simple@ietf.org
>>> https://www.ietf.org/mailman/listinfo/simple
>> 
>> _______________________________________________
>> Simple mailing list
>> Simple@ietf.org
>> https://www.ietf.org/mailman/listinfo/simple
> 
> _______________________________________________
> Simple mailing list
> Simple@ietf.org
> https://www.ietf.org/mailman/listinfo/simple
_______________________________________________
Simple mailing list
Simple@ietf.org
https://www.ietf.org/mailman/listinfo/simple

v2.46.0 | Report a Bug | By Email | System Status