Re: [Sip] Event Lists: Back-End Credentials
Adam Roach <adam@nostrum.com> Fri, 22 October 2004 01:58 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA28866 for <sip-web-archive@ietf.org>; Thu, 21 Oct 2004 21:58:08 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CKotk-0002Dz-TQ for sip-web-archive@ietf.org; Thu, 21 Oct 2004 22:11:21 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CKoJN-0007Tz-1E; Thu, 21 Oct 2004 21:33:45 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CKnTt-0004Bj-1e for sip@megatron.ietf.org; Thu, 21 Oct 2004 20:40:33 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA14687 for <sip@ietf.org>; Thu, 21 Oct 2004 20:40:30 -0400 (EDT)
Received: from magus.nostrum.com ([69.5.195.2] ident=root) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CKngb-0006xD-1k for sip@ietf.org; Thu, 21 Oct 2004 20:53:41 -0400
Received: from [192.168.0.111] (adsl-209-30-28-252.dsl.rcsntx.swbell.net [209.30.28.252]) (authenticated bits=0) by magus.nostrum.com (8.12.11/8.12.11) with ESMTP id i9M0eMAj010592 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Oct 2004 19:40:23 -0500 (CDT) (envelope-from adam@nostrum.com)
Message-ID: <417856F4.9070303@nostrum.com>
Date: Thu, 21 Oct 2004 19:40:20 -0500
From: Adam Roach <adam@nostrum.com>
User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: David R Oran <oran@cisco.com>
Subject: Re: [Sip] Event Lists: Back-End Credentials
References: <41780D08.3090007@nostrum.com> <EB3ABC23-239B-11D9-A86C-000A95C73842@cisco.com>
In-Reply-To: <EB3ABC23-239B-11D9-A86C-000A95C73842@cisco.com>
X-Enigmail-Version: 0.86.1.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 4.6 (++++)
X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d
Content-Transfer-Encoding: 7bit
Cc: sip@ietf.org
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org
X-Spam-Score: 4.6 (++++)
X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69
Content-Transfer-Encoding: 7bit
David R Oran wrote: > Sigh. Delegation is hard. I frankly don't like any of these solutions > because they allow full user impersonation by the RLS, which is a lot > more trust that I think ought to be given it. I'm not too crazy about them either (I'll note that suggestion #2 doesn't have that property, but at the cost of making the protocol far less useful). > > If we want to really tackle delegation, I'd suggest that we extend SIP > generally to allow SIP-specific delegation capability. One way to do > this is for the user to construct a certificate for the RLS giving it > specific rights (e.g. Subscribe on my behalf), and then signing it > based on a credential that would be accepted by the ultimate target of > the request. SAML might be our friend here. That feels a lot like what I was trying to get at with my suggestion #4, albeit with a slightly different mechanism. The problem is that pursuing this kind of work will be very time consuming... and the event list document has been in limbo for over a year already. I'm not necessarily advocating expediency over security -- it's been so long since I started this work that I'm half inclined to cripple it (by removing back-end subscriptions) rather than wait several years for a general purpose solution to the delegation problem. Not that I *want* to do this -- it would remove most of the utility of the extension for the 3G guys -- but I do want to put this work to bed. I'm not sure if it represents a reasonable compromise, but I'm not averse to putting in the "use this header to transfer your secret" with a strongly worded note indicating the implications if you do, and an indication that future mechanisms may define more constrained ways to delegate limited subsets of authority to another node (possibly for a constrained time period). /a _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- [Sip] Event Lists: Back-End Credentials Adam Roach
- Re: [Sip] Event Lists: Back-End Credentials David R Oran
- Re: [Sip] Event Lists: Back-End Credentials Adam Roach
- [Sip] Event Lists: Back-End Credentials Adam Roach
- Re: [Sip] Event Lists: Back-End Credentials David R Oran
- Re: [Sip] Event Lists: Back-End Credentials Paul Kyzivat
- RE: [Sip] Event Lists: Back-End Credentials hisham.khartabil
- Re: [Sip] Event Lists: Back-End Credentials Adam Roach
- Re: [Sip] Event Lists: Back-End Credentials Adam Roach
- RE: [Sip] Event Lists: Back-End Credentials hisham.khartabil
- Re: [Sip] Event Lists: Back-End Credentials David R Oran
- RE: [Sip] Event Lists: Back-End Credentials hisham.khartabil
- Re: [Sip] Event Lists: Back-End Credentials David R Oran
- Re: [Sip] Event Lists: Back-End Credentials Jonathan Rosenberg
- Re: [Sip] Event Lists: Back-End Credentials Jonathan Rosenberg