Re: [siprec] Stephen Farrell's Discuss on draft-ietf-siprec-protocol-17: (with DISCUSS and COMMENT)
"Charles Eckel (eckelcu)" <eckelcu@cisco.com> Fri, 25 September 2015 20:37 UTC
Return-Path: <eckelcu@cisco.com>
X-Original-To: siprec@ietfa.amsl.com
Delivered-To: siprec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63D5F1A1BF2; Fri, 25 Sep 2015 13:37:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0KeTHfbfPa8i; Fri, 25 Sep 2015 13:37:11 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D357B1A1BE6; Fri, 25 Sep 2015 13:37:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6695; q=dns/txt; s=iport; t=1443213431; x=1444423031; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=UQ+9bXDaulBTQ0UV8VmF6ARa6ItNVvYM8v3GkTj8ZH0=; b=TQy+C7rMErJxFD5bORBL8uxW+9jP2eDwL4SVqQ4wqdTiQ0ii30Ry/OEx W3BaATAclqtuqYgjKx7ogbgi+jnc30IOqNqES7ZfFUChqbVaJhJqxfmd6 GETA/UbFzppToXud2mJh9urPSnDvAyOgLa5lEgNAhrBM7wjVaK87xzdrE Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AYAgA5sAVW/4oNJK1dgyRULTwGvTIBDYFxCoUvSgKBLDgUAQEBAQEBAYEKhCUBAQQBAQE3NAsQAgEIGB4FCycLJQIEAQ0FiC4NzB0BAQEBAQEBAQEBAQEBAQEBAQEBAQETBIpqgQaEKhEBUQIFhCwFhzSLDoMqAYUTgm6FC4FPhDaRPINsAR8BAUKCERwWgT5xAYdhOoEFAQEB
X-IronPort-AV: E=Sophos;i="5.17,588,1437436800"; d="scan'208";a="191682383"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by alln-iport-7.cisco.com with ESMTP; 25 Sep 2015 20:37:10 +0000
Received: from XCH-RCD-019.cisco.com (xch-rcd-019.cisco.com [173.37.102.29]) by alln-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id t8PKb9MH007579 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 25 Sep 2015 20:37:09 GMT
Received: from xch-aln-018.cisco.com (173.36.7.28) by XCH-RCD-019.cisco.com (173.37.102.29) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Fri, 25 Sep 2015 15:36:53 -0500
Received: from xch-aln-018.cisco.com ([173.36.7.28]) by XCH-ALN-018.cisco.com ([173.36.7.28]) with mapi id 15.00.1104.000; Fri, 25 Sep 2015 15:36:53 -0500
From: "Charles Eckel (eckelcu)" <eckelcu@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Alissa Cooper <alissa@cooperw.in>
Thread-Topic: [siprec] Stephen Farrell's Discuss on draft-ietf-siprec-protocol-17: (with DISCUSS and COMMENT)
Thread-Index: AQHQvcTScQwGBHFFHkCgZWyZi9KVEJ3c2BWAgAzGhQCATwfTgIAADVGA//+U0ACAFgfAgIAAEKoA//+lx4A=
Date: Fri, 25 Sep 2015 20:36:53 +0000
Message-ID: <D22AFE43.5A01B%eckelcu@cisco.com>
References: <20150713233656.26754.53140.idtracker@ietfa.amsl.com> <D1CC0989.526BF%eckelcu@cisco.com> <D1D6C365.535E9%eckelcu@cisco.com> <C8EFABAA-4447-44A7-B7A9-C8C2600EE7DF@cooperw.in> <55F36A9B.5090001@cs.tcd.ie> <D218C0C3.580FD%eckelcu@cisco.com> <C0D5F377-C3AB-49DB-B642-697414CF1CB7@cooperw.in> <560599A2.5000801@cs.tcd.ie>
In-Reply-To: <560599A2.5000801@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.5.150821
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.236.217]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <A4A96D9F214B814D82968060345CDD4F@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/siprec/DS4waDiItkKslHULrb64R_iJang>
Cc: "siprec@ietf.org" <siprec@ietf.org>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org>, "draft-ietf-siprec-protocol@ietf.org" <draft-ietf-siprec-protocol@ietf.org>, IESG <iesg@ietf.org>, "draft-ietf-siprec-protocol.ad@ietf.org" <draft-ietf-siprec-protocol.ad@ietf.org>, "draft-ietf-siprec-protocol.shepherd@ietf.org" <draft-ietf-siprec-protocol.shepherd@ietf.org>
Subject: Re: [siprec] Stephen Farrell's Discuss on draft-ietf-siprec-protocol-17: (with DISCUSS and COMMENT)
X-BeenThere: siprec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Recording Working Group Discussion List <siprec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/siprec>, <mailto:siprec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/siprec/>
List-Post: <mailto:siprec@ietf.org>
List-Help: <mailto:siprec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2015 20:37:14 -0000
On 9/25/15, 11:59 AM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote: > >Hiya, > >On 25/09/15 19:00, Alissa Cooper wrote: >> Stephen, does this work for you? > >Sorry for the slow response. > >> >> Thanks, >> Alissa >> >>> On Sep 11, 2015, at 5:34 PM, Charles Eckel (eckelcu) >>><eckelcu@cisco.com> wrote: >>> >>> I have added the following note to my working version of the draft, >>>which >>> will become draft-ietf-siprec-protocol-18: >>> >>> Note: When using EKT in this manner, it is possible for >>> participants in the CS to send traffic that appears to be from >>> other participants and have this forwarded by the SRC to the SRS >>> within the RS. If this is a concern (e.g. the RS is intended for >>> audit or compliance purposes), EKT is likely not an appropriate >>> choice. > >Yes, that addresses the issue, thanks. Great. > >I'd suggest s/likely not/not/ would be better. Ok. Cheers, Charles > >Cheers, >S. > >>> >>> >>> Cheers, >>> Charles >>> >>> >>> >>> >>> On 9/11/15, 4:58 PM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> >>>wrote: >>> >>>> >>>> Hiya, >>>> >>>> On 12/09/15 00:10, Alissa Cooper wrote: >>>>> Stephen, thoughts on this? >>>> >>>> Thought#1: I've lost context;-) >>>> >>>> Thought#2; I met with Charles in Prague after that was sent (I think) >>>> and explained the kinds of change that could sort this out. Basically, >>>> (iirc) either you explain that this scheme is only moderately secure >>>> (so not e.g. suited for large financial transaction scenarios) or else >>>> you change it to ensure that the call participants cannot fake the >>>> recording even if they have access the the right/wrong bit of network. >>>> But I may be mis-remembering. >>>> >>>> Anyway, having met with Charles I think he took an action to figure >>>> out if the above kind of change worked in this case and I don't think >>>> I've heard back since. >>>> >>>> Cheers, >>>> S. >>>> >>>>> >>>>> Thanks, >>>>> Alissa >>>>> >>>>>> On Jul 23, 2015, at 7:19 AM, Charles Eckel (eckelcu) >>>>>> <eckelcu@cisco.com> wrote: >>>>>> >>>>>> Hi Stephen, >>>>>> >>>>>> I was waiting for your answer to this and just now realized you >>>>>>never >>>>>> answered because I never asked anything. Seems my email suffered >>>>>>from >>>>>> being composed over two time periods and my brain lost the context >>>>>>in >>>>>> between. Please see below: >>>>>> >>>>>> On 7/15/15, 1:12 PM, "Charles Eckel (eckelcu)" <eckelcu@cisco.com> >>>>>> wrote: >>>>>> >>>>>>> Hi Stephen, >>>>>>> >>>>>>> Please see in the proposed change (inline) would address your >>>>>>> remaining >>>>>>> concern. >>>>>>> >>>>>>> On 7/13/15, 4:36 PM, "siprec on behalf of Stephen Farrell" >>>>>>> <siprec-bounces@ietf.org on behalf of stephen.farrell@cs.tcd.ie> >>>>>>> wrote: >>>>>>> >>>>>>>> Stephen Farrell has entered the following ballot position for >>>>>>>> draft-ietf-siprec-protocol-17: Discuss >>>>>>>> >>>>>>>> When responding, please keep the subject line intact and reply to >>>>>>>>all >>>>>>>> email addresses included in the To and CC lines. (Feel free to cut >>>>>>>> this >>>>>>>> introductory paragraph, however.) >>>>>>>> >>>>>>>> >>>>>>>> Please refer to >>>>>>>> https://www.ietf.org/iesg/statement/discuss-criteria.html >>>>>>>> for more information about IESG DISCUSS and COMMENT positions. >>>>>>>> >>>>>>>> >>>>>>>> The document, along with other ballot positions, can be found >>>>>>>>here: >>>>>>>> https://datatracker.ietf.org/doc/draft-ietf-siprec-protocol/ >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>------------------------------------------------------------------- >>>>>>>>--- >>>>>>>> DISCUSS: >>>>>>>> >>>>>>>> >>>>>>>>------------------------------------------------------------------- >>>>>>>>--- >>>>>>>> >>>>>>>> >>>>>>>> (1) cleared >>>>>>>> >>>>>>>> (2) 12.2: Thanks for fixing up the ekt reference. I still >>>>>>>> would like to know how, in a case where the recording >>>>>>>> is for audit/compliance purposes, one can ever allow >>>>>>>> the RS to not be re-encrypted since that creates the >>>>>>>> potential for the CS peers to fake the traffic to the RS. >>>>>>> >>>>>>> Section 12.2 currently reads as follows: >>>>>>> >>>>>>> At a minimum, the SRC and SRS MUST support the SDP >>>>>>> Security Descriptions (SDES) key negotiation mechanism [RFC4568]. >>>>>>> For cases in which DTLS-SRTP is used to encrypt a CS media stream, >>>>>>>an >>>>>>> SRC may use SRTP Encrypted Key Transport (EKT) >>>>>>> [I-D.ietf-avtcore-srtp-ekt] in order to use SRTP-SDES in the RS >>>>>>> without needing to re-encrypt the media. >>>>>> >>>>>> How about if I add the following text to the next version of the >>>>>>draft? >>>>>> >>>>>>> >>>>>>> >>>>>>> Note that when using EKT in this manner, it is possible for >>>>>>> participants >>>>>>> in the CS to send traffic that appears to be from other >>>>>>>participants >>>>>>> and >>>>>>> have this forwarded by the SRC to the SRS within the RS. If this >>>>>>>is a >>>>>>> concern (e.g. the RS is intended for audit or compliance purposes), >>>>>>> EKT is >>>>>>> likely not an appropriate choice. >>>>>> >>>>>> Would that address your remaining concern? >>>>>> >>>>>> Cheers, >>>>>> Charles >>>>>> >>>>>>> >>>>>>> Cheers, >>>>>>> Charles >>>>>>> >>>>>>>> >>>>>>>> (3) cleared >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>------------------------------------------------------------------- >>>>>>>>--- >>>>>>>> COMMENT: >>>>>>>> >>>>>>>> >>>>>>>>------------------------------------------------------------------- >>>>>>>>--- >>>>>>>> >>>>>>>> >>>>>>>> I had a discuss point that said: "5.3: How does a UA know if >>>>>>>> it's preference to not be recorded has been ignored?" >>>>>>>> Maybe there's a missing timer there. >>>>>>>> >>>>>>>> I also had a discuss point that said: >>>>>>>> I'll clear once you answer: but wouldn't it be easier >>>>>>>> all around to just mandate use of mutually authenticated >>>>>>>> TLS between SRC and SRS in all cases? (Even if some >>>>>>>> hop-by-hop stuff is needed when there are proxies between >>>>>>>> SRC and SRS.) Also - how is it ok to ever not re-encrypt >>>>>>>> the media in the RS since if you do not, anyone from the >>>>>>>> CS who has the right session key can send the SRS bogus >>>>>>>> packets that it'll accept. >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> siprec mailing list >>>>>>>> siprec@ietf.org >>>>>>>> https://www.ietf.org/mailman/listinfo/siprec >>>>>>> >>>>>> >>>>> >>> >>
- [siprec] Stephen Farrell's Discuss on draft-ietf-… Stephen Farrell
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Alissa Cooper
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Stephen Farrell
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Alissa Cooper
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Stephen Farrell
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)