Re: [Sip] Review of draft-kupwade-sip-iba-00

Dean Willis <> Thu, 28 February 2008 18:33 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3BFCB3A6EE8; Thu, 28 Feb 2008 10:33:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.973
X-Spam-Status: No, score=-0.973 tagged_above=-999 required=5 tests=[AWL=-0.536, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uIPk-aHtTFaG; Thu, 28 Feb 2008 10:33:47 -0800 (PST)
Received: from (localhost []) by (Postfix) with ESMTP id DC5DA28C0E1; Thu, 28 Feb 2008 10:33:46 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id A66BD28C2CB for <>; Thu, 28 Feb 2008 10:33:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id O+qxwZoLygkk for <>; Thu, 28 Feb 2008 10:33:44 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id CB26C3A6E69 for <>; Thu, 28 Feb 2008 10:33:38 -0800 (PST)
Received: from [] ( []) (authenticated bits=0) by (8.13.8/8.13.8/Debian-3) with ESMTP id m1SIXQ5A016108 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 28 Feb 2008 12:33:28 -0600
Message-ID: <>
Date: Thu, 28 Feb 2008 12:33:17 -0600
From: Dean Willis <>
User-Agent: Icedove (X11/20080208)
MIME-Version: 1.0
To: Hadriel Kaplan <>
References: <> <>
In-Reply-To: <>
Cc: "" <>, "" <>
Subject: Re: [Sip] Review of draft-kupwade-sip-iba-00
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hadriel Kaplan wrote:
> Cool. So if I understand this right (and I probably don't), ignoring
> rfc4474 identity and IBS for a moment and instead thinking about SRTP
> and IBE: I could use IBE to encrypt the security-descriptions
> attribute value using the intended target's SIP URI as a key, and
> only someone owning that URI (and sharing the same KG) or the KG
> itself could decrypt it to learn the sec-desc cleartext to use?

Actually, there are partial-key models where the KG couldn't decrypt it

There are modes of operation that allow the full private key to be a
product of a secret (retained by the user) and the output of the PKG.
Hence you need to know both parts to decrypt or sign a message.

> -hadriel p.s. the KG would actually be a problem for IBE, wouldn't
> it?  I mean the KG can always decrypt it. (at which point they would
> be the Key Generator Backdoor - aka, the KGB ;)

Yep. Early IB systems worked as you describe. But they don't HAVE to
work that way.


Sip mailing list
This list is for NEW development of the core SIP Protocol
Use for questions on current sip
Use for new developments on the application of sip