Re: [sipcore] SIP Digest - SHA2 Support
"Olle E. Johansson" <oej@edvina.net> Sat, 14 January 2017 08:10 UTC
Return-Path: <oej@edvina.net>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC23912945C for <sipcore@ietfa.amsl.com>; Sat, 14 Jan 2017 00:10:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27sbnvUKUzVx for <sipcore@ietfa.amsl.com>; Sat, 14 Jan 2017 00:10:10 -0800 (PST)
Received: from smtp7.webway.se (smtp7.webway.se [212.3.14.205]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E87012943D for <sipcore@ietf.org>; Sat, 14 Jan 2017 00:10:10 -0800 (PST)
Received: from [192.168.40.8] (h87-96-134-129.cust.se.alltele.net [87.96.134.129]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp7.webway.se (Postfix) with ESMTPSA id 947463D02; Sat, 14 Jan 2017 09:09:52 +0100 (CET)
Content-Type: multipart/alternative; boundary="Apple-Mail=_32C59EEE-B392-4A2B-B1E4-5023F0CFC96F"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: "Olle E. Johansson" <oej@edvina.net>
In-Reply-To: <CAGL6epKRc+xL90_ru5+rv0p0cHfu2Q-SiD4RDiyzJSz7C_7WAA@mail.gmail.com>
Date: Sat, 14 Jan 2017 09:09:52 +0100
Message-Id: <E02C3708-65F2-4B7F-BAB9-C436FF950E53@edvina.net>
References: <CAGL6epKH__zdHfsMgXe+yE1LMhp23G6F1ZVn0ZWXM41e_Bficw@mail.gmail.com> <87lgug6xds.fsf@hobgoblin.ariadne.com> <CAGL6epLaVJwVpkpDqz1ukb0ce6MYZrOypUxcsJfuc2ouxr+Svw@mail.gmail.com> <0F8841CC-1F08-463E-8C61-4AB8FBF08A4D@edvina.net> <CAGL6epKRc+xL90_ru5+rv0p0cHfu2Q-SiD4RDiyzJSz7C_7WAA@mail.gmail.com>
To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sipcore/cjka3Kh9c8HxP7FuedZxvwSUmH4>
Cc: "Dale R. Worley" <worley@ariadne.com>, Olle E Johansson <oej@edvina.net>, "sipcore@ietf.org" <sipcore@ietf.org>
Subject: Re: [sipcore] SIP Digest - SHA2 Support
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Jan 2017 08:10:13 -0000
> On 13 Jan 2017, at 18:49, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> wrote: > > Thanks Olle, > > This document gives the operator the tools to migrate, but migration policy is probably be out of scope this document. Agree that policy is out of scope, but advice to implementors should be in scope so we do not cause security flaws in software. /O > > > What do others think? > > Regards, > Rifaat > > > > On Fri, Jan 13, 2017 at 3:29 AM, Olle E. Johansson <oej@edvina.net <mailto:oej@edvina.net>> wrote: > Rifaat, > THank you for your work on this and coming back. > > I feel we need to have some writing about how to migrate. There is a significant risk of downgrade attacks > if we have both mechanisms running, like you get two challenges or one challenge with two algorithms > (if that’s possible). The web has a simpler upgrade path, given the small amount of browsers that operate > a majority of the requests. We have many years of legacy software that propably will not upgrade unless customers > require it. And it will take some time to get new firmware out there with support for this unless there’s significant > customer demand. > > We definitiely need to get this done and move SIPconnect 2.x to require this on public networks and > forbid MD5 in those situations as a first step. Hopefully that can help some customers to demand the right thing. > > How do an operator of a service upgrade to SHA2? Do we have to have a cut-off date and stop > accepting MD5, do we migrate somehow or do we mark “new” phones for ONLY SHA2 and old clients > for MD5 and SHA2 in some authentication service database? > > Implementors need to know how to handle this and I haven’t figured out any good solution in my own > head since we started this discussion five years ago or so…. > > If we can solve this process now, we’re in better shape when SHA2 becomes the algorithm that no one > wants to use any more. > > /O > > > >> On 12 Jan 2017, at 19:07, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com <mailto:rifaat.ietf@gmail.com>> wrote: >> >> Thanks Dale! >> >> Please, see my reply inline... >> >> Regards, >> Rifaat >> >> >> On Thu, Jan 12, 2017 at 11:44 AM, Dale R. Worley <worley@ariadne.com <mailto:worley@ariadne.com>> wrote: >> Rifaat Shekh-Yusef <rifaat.ietf@gmail.com <mailto:rifaat.ietf@gmail.com>> writes: >> > RFC7617 updated the *HTTP Digest* mechanism and added support for *SHA2* to >> > replace the MD5 algorithm. >> > >> > I am trying to revolve this old draft that does the same for SIP: >> > https://datatracker.ietf.org/doc/draft-yusef-sipcore-digest-scheme/ <https://datatracker.ietf.org/doc/draft-yusef-sipcore-digest-scheme/> >> >> It makes sense to do this, of course, as MD-5 is thoroughly obsolete. >> >> As a matter of exposition, you say "This section does NOT maintain >> backward compatibility with RFC 2069." But of course as a consequence >> of that, it isn't compatible with RFC 3261 either. >> >> The statement you quoted was in the previous version of the document, but not in v05. >> If I remember correctly, we discussed that and during one of the IETF meetings and it was deemed unnecessary to maintain that. >> We did the same with the new HTTP Digest mechanism defined in RFC7616. >> >> Is that a problem for SIP? >> >> >> >> >> I'd like to see a description of how the draft's section 2.6 compares >> with the existing SIP authentication scheme -- is this just adding the >> new algorithms and making qop mandatory? >> >> Yes, the idea is that this draft will add the SHA2 algorithms as the recommended algorithms, and only keep the MD5 for backward compatibility. >> >> Regards, >> Rifaat >> >> >> >> Dale >> >> _______________________________________________ >> sipcore mailing list >> sipcore@ietf.org <mailto:sipcore@ietf.org> >> https://www.ietf.org/mailman/listinfo/sipcore <https://www.ietf.org/mailman/listinfo/sipcore> > > > _______________________________________________ > sipcore mailing list > sipcore@ietf.org <mailto:sipcore@ietf.org> > https://www.ietf.org/mailman/listinfo/sipcore <https://www.ietf.org/mailman/listinfo/sipcore> > > > _______________________________________________ > sipcore mailing list > sipcore@ietf.org > https://www.ietf.org/mailman/listinfo/sipcore
- Re: [sipcore] SIP Digest - SHA2 Support Rifaat Shekh-Yusef
- [sipcore] SIP Digest - SHA2 Support Rifaat Shekh-Yusef
- Re: [sipcore] SIP Digest - SHA2 Support Rifaat Shekh-Yusef
- Re: [sipcore] SIP Digest - SHA2 Support Dale R. Worley
- Re: [sipcore] SIP Digest - SHA2 Support Rifaat Shekh-Yusef
- Re: [sipcore] SIP Digest - SHA2 Support Olle E. Johansson
- Re: [sipcore] SIP Digest - SHA2 Support Dale R. Worley
- Re: [sipcore] SIP Digest - SHA2 Support Olle E. Johansson
- Re: [sipcore] SIP Digest - SHA2 Support Rifaat Shekh-Yusef
- Re: [sipcore] SIP Digest - SHA2 Support Rifaat Shekh-Yusef