Re: [sipcore] AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06
Christer Holmberg <christer.holmberg@ericsson.com> Tue, 21 June 2016 08:27 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA58F12D0E6; Tue, 21 Jun 2016 01:27:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1CJMAK5YwGWw; Tue, 21 Jun 2016 01:27:02 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9B9012B050; Tue, 21 Jun 2016 01:27:01 -0700 (PDT)
X-AuditID: c1b4fb3a-f79386d00000467b-33-5768fa5301ea
Received: from ESESSHC001.ericsson.se (Unknown_Domain [153.88.183.21]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 5F.56.18043.35AF8675; Tue, 21 Jun 2016 10:26:59 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.241]) by ESESSHC001.ericsson.se ([153.88.183.21]) with mapi id 14.03.0294.000; Tue, 21 Jun 2016 10:26:58 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Ben Campbell <ben@nostrum.com>, "draft-holmberg-dispatch-rfc7315-updates.all@ietf.org" <draft-holmberg-dispatch-rfc7315-updates.all@ietf.org>
Thread-Topic: AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06
Thread-Index: AQHRyynLvjd673syp0uC1ZoRFIN0E5/zqNkA
Date: Tue, 21 Jun 2016 08:26:59 +0000
Message-ID: <D38ED131.B2A5%christer.holmberg@ericsson.com>
References: <87A3DCDE-B8BC-4ADE-8129-70A4C0E92C3D@nostrum.com>
In-Reply-To: <87A3DCDE-B8BC-4ADE-8129-70A4C0E92C3D@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.4.160422
x-originating-ip: [153.88.183.18]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <2C78C430826F074DA057685A2A45AF2A@ericsson.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrIIsWRmVeSWpSXmKPExsUyM2K7qG7wr4xwg+eP9Szmd55mt1j9ehar xdcfm9gcmD2WLPnJ5DFr5xOWAKYoLpuU1JzMstQifbsEroxlH1tYC1aKVDxe+pO1gXGRQBcj J4eEgInEnz8TGSFsMYkL99azdTFycQgJHGGU6H/6ghUkISSwhFFix2bLLkYODjYBC4nuf9og NSICUxklXm54ywRSwywgJ3H9w0Y2EFtYwENi7uw7YHERAU+Ji783skPYRhKHv7eBzWQRUJW4 N+s3mM0rYCVx9WkbG8QuO4me0z9ZQGxOAXuJe99egPUyAh33/dQaqF3iEreezGeCOFpAYsme 88wQtqjEy8f/wGaKCuhJfLk3D+oxRYmPr/YxQvTqSdyYOoUNwraWWPd+GlRcW2LZwtfMEPcI Spyc+YRlAqPELCTrZiFpn4WkfRaS9llI2hcwsq5iFC1OLS7OTTcy0kstykwuLs7P08tLLdnE CIzIg1t+W+1gPPjc8RCjAAejEg9vQnpGuBBrYllxZe4hRgkOZiURXqWfQCHelMTKqtSi/Pii 0pzU4kOM0hwsSuK8/i8Vw4UE0hNLUrNTUwtSi2CyTBycUg2MJb56PfPSbHnntnn+6NllLxr2 RSvX6J/eV7/dTyU+qpyS0prFy7JzxdzWjgLtVWfj7VsvMK4tmOvXrrp15nQlxV4lBqX6eZsP OAqtZSj/HH7AiHVmcc+lAxXp0rvOlDwKaQvL43vm+jqzJ7jGv/6CqF51k0CYz27njPh+cd7Y iOB5K2N+NyqxFGckGmoxFxUnAgBJlpAmxAIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/aXZ8DuMyRWPJa6unNosHqvgUK9U>
Cc: SIPCORE <sipcore@ietf.org>
Subject: Re: [sipcore] AD Evaluation of draft-holmberg-dispatch-rfc7315-updates-06
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jun 2016 08:27:04 -0000
Hi Ben, See inline. >-------------- > >Substantive: > >The security considerations state that the draft removes some places >that some of the P-Headers can be sent, but expands that to some other >places. Further, it says that neither introduce new security >considerations beyond those in 7315. > >I accept that for the reduction part. But I'm not sure we can state that >sort of thing for the expansion part, at least without some more >discussion. Since 7315 already acknowledges potential privacy issues >around P-Access-Network-Info, I'd like to at least see a sentence or two >about the allowance of that in ACK requests, even if they just say that >this addition makes things no worse than they already are. OLD: The security considerations for P- header fields are defined in [RFC7315]. This specification allows some header fields to be present in messages where they were previously not allowed, and disallow some header fields to be present in messages where they were previously allowed. That does not cause any security issues, but implementations need to be aware that implementations may not have been updated according to this document, and take proper actions if a header field occur, or does not occur, in a message where it should occur (or occurs in a message where it should not occur). NEW: The security considerations for these P- header fields are defined in [RFC7315]. This specification allows some header fields to be present in messages where they were previously not allowed, and the security considerations and assumptions (e.g. regarding only sending Information to trusted entities) also to those messages. In addition, this specification also disallow some header fields to be present in message where they were previously allowed. That does not cause any security issues, but implementations need to be aware that implementations may not have been updated according to this document, and take proper actions if a header field occur, or does not occur, in a message where it should occur (or occurs in a message where it should not occur). >Editorial: > >-5, first sentence: "The security considerations for P- header fields >are defined in > [RFC7315]" >I assume this means 7315 discusses the security considerations for these >P-Headers specifically, not P-Headers in general. Is this the intent? If >so, I suggest: > >s/... for P-header fields.../ ... for these P-header fields... I¹ll fix as suggested (ass new text above). Regards, Christer
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Gonzalo Salgueiro (gsalguei)
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Christer Holmberg
- [sipcore] AD Evaluation of draft-holmberg-dispatc… Ben Campbell
- [sipcore] AD Evaluation of draft-holmberg-dispatc… Ben Campbell
- Re: [sipcore] AD Evaluation of draft-holmberg-dis… Ben Campbell