IETF Logo Mail Archive

Re: [Sip] comments on draft-kupwade-sip-iba-00

Eric Rescorla <ekr@networkresonance.com> Thu, 28 February 2008 19:13 UTC

Return-Path: <sip-bounces@ietf.org>
X-Original-To: ietfarch-sip-archive@core3.amsl.com
Delivered-To: ietfarch-sip-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 111BB3A6F31; Thu, 28 Feb 2008 11:13:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.353
X-Spam-Level:
X-Spam-Status: No, score=-0.353 tagged_above=-999 required=5 tests=[AWL=0.084, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hRjhlvakjSoc; Thu, 28 Feb 2008 11:13:41 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2F9ED3A6E28; Thu, 28 Feb 2008 11:13:31 -0800 (PST)
X-Original-To: sip@core3.amsl.com
Delivered-To: sip@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 71DBA3A67B3 for <sip@core3.amsl.com>; Thu, 28 Feb 2008 11:13:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EancSs-ueF9P for <sip@core3.amsl.com>; Thu, 28 Feb 2008 11:13:29 -0800 (PST)
Received: from romeo.rtfm.com (unknown [74.95.2.173]) by core3.amsl.com (Postfix) with ESMTP id 9667E3A6EEE for <sip@ietf.org>; Thu, 28 Feb 2008 11:12:23 -0800 (PST)
Received: from romeo.rtfm.com (localhost.rtfm.com [127.0.0.1]) by romeo.rtfm.com (Postfix) with ESMTP id 677435081A; Thu, 28 Feb 2008 11:14:08 -0800 (PST)
Date: Thu, 28 Feb 2008 11:14:08 -0800
From: Eric Rescorla <ekr@networkresonance.com>
To: Dean Willis <dean.willis@softarmor.com>
In-Reply-To: <47C7017D.5020301@softarmor.com>
References: <20080227170702.5A5C05081A@romeo.rtfm.com> <132324.81291.qm@web65509.mail.ac4.yahoo.com> <20080227171901.8EAE95081A@romeo.rtfm.com> <47C7017D.5020301@softarmor.com>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Message-Id: <20080228191408.677435081A@romeo.rtfm.com>
Cc: sip@ietf.org
Subject: Re: [Sip] comments on draft-kupwade-sip-iba-00
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org

At Thu, 28 Feb 2008 12:46:21 -0600,
Dean Willis wrote:
> 
> Eric Rescorla wrote:
> 
> > In any case, I'm not sure why we're having this discusion since
> > all the same trust issues apply to IBE schemes. The only respect
> > in which they don't apply to IBE schemes is if you have a single
> > global KG, but of course you could have a single global CA,
> > too. It's just that nobody wants to do either.
> 
> A global or semi-global KG makes excellent sense in large domains,
> especially where there are significant resource constraints.
> 
> Consider, for example, the 3GPP world of GSM phones. A KG hierarchy
> rooted at the GSMA with each operator then having a subordinate KG could
> make a lot of sense. We could get end-to-end security with significantly
> fewer bits being transmitted than if users had to send copies of their
> certificates along with every message.
>
> Similar characteristics apply in peer-to-peer cases. The enrollment
> process could include a KG interaction. The resulting identity could be
> used with IBS for node identification in the overlay as well as message
> source verification ("identity" in and RFC 4474 context). This helps
> prevent a number of the easy attacks on P2P infrastructure.

Yes, and this is all equally possible with PKI systems. As I
said at the beginning, the only thing that IBS is bringing
to the party here is a smaller credential. As far as I'm
awre, the size of the cert is not the primary reason for lack
of adoption of any of these schemes 

Again, what does IBS bring to the party except compression? [0].


> And of
> course, IBE could provide for message privacy as well as integrity
> across the untrusted peers that will be serving as proxies.

And now we're talking about something totally different: IBE.
I agree that IBE has significantly different characteristics from
PKI. The problems with IBE in SIP are totally different: namely
not knowing the actual identity of the recipietn of the message.
This is the norm in both SIP (retargeting) and P2P (churn)
systems.

-Ekr

[0] It's worth noting that the combination of using ECC and 
doing LZW on certificates would significantly shrink the
size of the cert. I haven't done the math, but I suspect down
to the point where it's not the dominant factor.

_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip

v2.23.0 | Report a Bug | By Email