IETF Logo Mail Archive

Re: [Sip] Event Lists: Back-End Credentials

David R Oran <oran@cisco.com> Fri, 29 October 2004 03:02 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA29823 for <sip-web-archive@ietf.org>; Thu, 28 Oct 2004 23:02:15 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CNNG5-0001tR-1e for sip-web-archive@ietf.org; Thu, 28 Oct 2004 23:16:58 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CNMT1-00028d-Qi; Thu, 28 Oct 2004 22:26:15 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CNK4z-0001A5-AE for sip@megatron.ietf.org; Thu, 28 Oct 2004 19:53:17 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA18091 for <sip@ietf.org>; Thu, 28 Oct 2004 19:53:14 -0400 (EDT)
Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CNKJ9-0005uL-Kv for sip@ietf.org; Thu, 28 Oct 2004 20:07:56 -0400
Received: from sj-core-1.cisco.com (171.71.177.237) by sj-iport-2.cisco.com with ESMTP; 28 Oct 2004 17:02:07 -0700
Received: from imail.cisco.com (imail.cisco.com [128.107.200.91]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id i9SNqcQ0014099; Thu, 28 Oct 2004 16:52:38 -0700 (PDT)
Received: from [10.32.245.154] (stealth-10-32-245-154.cisco.com [10.32.245.154]) by imail.cisco.com (8.12.11/8.12.10) with SMTP id i9SNsDjc011377; Thu, 28 Oct 2004 16:54:13 -0700
In-Reply-To: <5816828233DEFA41807A6CFDFDF2343C3A8BDD@esebe056.ntc.nokia.com>
References: <5816828233DEFA41807A6CFDFDF2343C3A8BDD@esebe056.ntc.nokia.com>
Mime-Version: 1.0 (Apple Message framework v619)
Message-Id: <74053166-293C-11D9-8FCC-000A95C73842@cisco.com>
From: David R Oran <oran@cisco.com>
Subject: Re: [Sip] Event Lists: Back-End Credentials
Date: Thu, 28 Oct 2004 19:52:40 -0400
To: hisham.khartabil@nokia.com
X-Pgp-Agent: GPGMail 1.0.2
X-Mailer: Apple Mail (2.619)
IIM-SIG: v:"1"; h:"imail.cisco.com"; d:"cisco.com"; z:"home"; m:"krs"; t:"1099007654.302156"; x:"432200"; a:"rsa-sha1"; b:"nofws:4580"; e:"Iw=="; n:"sQYarK2E51MdcTiUqeif3F7cWdxIfoCiXhdfb9vD5ee/j0jXL15gbFxF2pXIw" "eAblu0N6XAgK7k+wrbr7bQDJaCDqOmzqpRUBjIRQAXQ7NzadpmR3pUL6wxaRU" "tW+c43sl9jC50Qg1sXHpPjt8Y+Y16ioyQAQAdSunM4YhevURc="; s:"OwlNS+p3Mp3bzo3NHAcSLeRt0ZLUSOttA1Zd0jD75N57vzWmv5i2ehM1/c/3S" "RuvMTFBdeswABinE8HT6YmqOTJGnP/gSPdpwceIxcQAtNzoOLhFO0QBMDtXmv" "aujquQNAkzssv+wb2mofv2M2TnvMHnDsIYFTKKz3k9yiXuoPE="; c:"From: David R Oran <oran@cisco.com>"; c:"Subject: Re: [Sip] Event Lists: Back-End Credentials"; c:"Date: Thu, 28 Oct 2004 19:52:40 -0400"
IIM-VERIFY: s:"y"; v:"y"; r:"60"; h:"imail.cisco.com"; c:"message from imail.cisco.com verified; "
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 87a3f533bb300b99e2a18357f3c1563d
Cc: sip@ietf.org, adam@nostrum.com
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1654330079=="
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 1449ead51a2ff026dcb23465f5379250

On Oct 28, 2004, at 6:52 PM, <hisham.khartabil@nokia.com> wrote:

>
>
>> -----Original Message-----
>> From: ext David R Oran [mailto:oran@cisco.com]
>> Sent: 28.October.2004 18:17
>> To: Khartabil Hisham (Nokia-TP-MSW/Helsinki)
>> Cc: adam@nostrum.com; sip@ietf.org
>> Subject: Re: [Sip] Event Lists: Back-End Credentials
>>
>>
>>
>> On Oct 28, 2004, at 10:35 AM, hisham.khartabil@nokia.com wrote:
>>
>>> I didn't know that communication with IESG is one way only. Can the
>>> IESG member who is blocking this explain why this cannot be outside
>>> the scope of this document?
>>>
>>> Anyway, so how about an XCAP usage document that is carried
>> signed and
>>> encrypted to the server using HTTP. That xcap usage document can
>>> include realm, username and password for realms that the user knows
>>> will be needed by the RLS.
>>>
>> That's precisely the problem. Now the RLS can impersonate the
>> user and
>> do anything the user could.
>
> I thought the problem was how to transport the secret to the RLS. 
> Irrespective of how that is done (using XCAP or carrying it in the 
> SUBSCRIBE request itself), you will face the same problem you describe 
> above. So am I right in assuming that you're advocating Adam's latest 
> suggestion on RLS doing backend subscription using its own address?
>
I'm not sure what I'm "advocating", since I said in my original post 
that I don't feel strongly about the subject. Since I'm not in the 
middle of the fray amongst the folks who think we need RLS urgently, I 
can comfortably sit back and "advocate" not progressing RLS until we 
have at least a resticted subset of the delegation problem solved.

If the only alternatives on the table are whether to progress RLS with 
a security scheme that opens the user up to impersonation by a server 
he has very limited trust in, and progressing an solution that uses 
deprate credentials and hence either has limited utility or high user 
complexity (users have to directly subscribe or be limited to 
information available to the whole world), I guess I would vote for the 
latter.

>>
>>> Note that this is useful not just for backend
>> subscriptions, but also
>>> for any list usage we can think for that will result in backend
>>> requests being sent on behalf of a client.
>>>
>>> A server needing a secret key to use on behave of a user
>> can look in
>>> the XCAP document of that user.
>>>
>> Can I be your RLS server? Please? Pretty please?
>
> Ok, but if you behave :) You would expect a trust relationship between 
> the client and the RLS.
>
Yes, but a very limited one, not one that permits identity theft.

> /Hisham
>
>>
>> Dave.
>>
>>
>>> Regards,
>>> Hisham
>>>
>>>> -----Original Message-----
>>>> From: ext Adam Roach [mailto:adam@nostrum.com]
>>>> Sent: 28.October.2004 17:16
>>>> To: Khartabil Hisham (Nokia-TP-MSW/Helsinki)
>>>> Cc: sip@ietf.org
>>>> Subject: Re: [Sip] Event Lists: Back-End Credentials
>>>>
>>>>
>>>> hisham.khartabil@nokia.com wrote:
>>>>
>>>>> Why isn't it enough to say that the way an watcher passes
>>>> the key to
>>>>> the RLS is outside the scope of this document?
>>>>
>>>>
>>>> Because that's exactly what the document says right now,
>> and the IESG
>>>> won't let it pass as a result.
>>>>
>>>>
>>>> /a
>>>>
>>>
>>> _______________________________________________
>>> Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
>>> This list is for NEW development of the core SIP Protocol
>>> Use sip-implementors@cs.columbia.edu for questions on current sip
>>> Use sipping@ietf.org for new developments on the application of sip
>>>
>> David R. Oran
>> Cisco Fellow
>> Cisco Systems
>> 7 Ladyslipper Lane
>> Acton, MA 01720 USA
>> Tel: +1 978 264 2048
>> Email: oran@cisco.com
>>
>>
>>
David R. Oran
Cisco Fellow
Cisco Systems
7 Ladyslipper Lane
Acton, MA 01720 USA
Tel: +1 978 264 2048
Email: oran@cisco.com

_______________________________________________
Sip mailing list  https://www1.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

v2.23.0 | Report a Bug | By Email