Re: [siprec] Stephen Farrell's Discuss on draft-ietf-siprec-protocol-17: (with DISCUSS and COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 11 September 2015 23:58 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: siprec@ietfa.amsl.com
Delivered-To: siprec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E39E1B4F22; Fri, 11 Sep 2015 16:58:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7SMlCAz4emml; Fri, 11 Sep 2015 16:58:26 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F90E1AD2D5; Fri, 11 Sep 2015 16:58:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 73BBBBE49; Sat, 12 Sep 2015 00:58:23 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Le2yET3MCr67; Sat, 12 Sep 2015 00:58:21 +0100 (IST)
Received: from [10.87.48.73] (unknown [86.46.27.30]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 80865BE3F; Sat, 12 Sep 2015 00:58:20 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1442015901; bh=hFjVPQgiZ1aXzeCYJFU/BKpO164GpC6192SQqyqKadc=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=dJLEv/Sb/a4r27liPoP3LGKRpVOiRjG+t8nM6QVmSlbAxdyEj/uCx1s8qUs8wEloc i+Pp3ZYfiRzqJkYRGpP6igZoyEsD15o4Jjt1vo8waoZPQR9gaK1UdUc7tVqxfyZbep A/yHTmEe6JqdCyBfmQoZz9ulEa/XDbcoAKJo4TrQ=
To: Alissa Cooper <alissa@cooperw.in>
References: <20150713233656.26754.53140.idtracker@ietfa.amsl.com> <D1CC0989.526BF%eckelcu@cisco.com> <D1D6C365.535E9%eckelcu@cisco.com> <C8EFABAA-4447-44A7-B7A9-C8C2600EE7DF@cooperw.in>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <55F36A9B.5090001@cs.tcd.ie>
Date: Sat, 12 Sep 2015 00:58:19 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <C8EFABAA-4447-44A7-B7A9-C8C2600EE7DF@cooperw.in>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/siprec/h7XwUbcviKCtuo7jm0FJ9OifjV8>
Cc: "siprec@ietf.org" <siprec@ietf.org>, "siprec-chairs@ietf.org" <siprec-chairs@ietf.org>, "draft-ietf-siprec-protocol@ietf.org" <draft-ietf-siprec-protocol@ietf.org>, IESG <iesg@ietf.org>, "draft-ietf-siprec-protocol.ad@ietf.org" <draft-ietf-siprec-protocol.ad@ietf.org>, "draft-ietf-siprec-protocol.shepherd@ietf.org" <draft-ietf-siprec-protocol.shepherd@ietf.org>
Subject: Re: [siprec] Stephen Farrell's Discuss on draft-ietf-siprec-protocol-17: (with DISCUSS and COMMENT)
X-BeenThere: siprec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Recording Working Group Discussion List <siprec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/siprec>, <mailto:siprec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/siprec/>
List-Post: <mailto:siprec@ietf.org>
List-Help: <mailto:siprec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/siprec>, <mailto:siprec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Sep 2015 23:58:29 -0000
Hiya, On 12/09/15 00:10, Alissa Cooper wrote: > Stephen, thoughts on this? Thought#1: I've lost context;-) Thought#2; I met with Charles in Prague after that was sent (I think) and explained the kinds of change that could sort this out. Basically, (iirc) either you explain that this scheme is only moderately secure (so not e.g. suited for large financial transaction scenarios) or else you change it to ensure that the call participants cannot fake the recording even if they have access the the right/wrong bit of network. But I may be mis-remembering. Anyway, having met with Charles I think he took an action to figure out if the above kind of change worked in this case and I don't think I've heard back since. Cheers, S. > > Thanks, > Alissa > >> On Jul 23, 2015, at 7:19 AM, Charles Eckel (eckelcu) <eckelcu@cisco.com> wrote: >> >> Hi Stephen, >> >> I was waiting for your answer to this and just now realized you never >> answered because I never asked anything. Seems my email suffered from >> being composed over two time periods and my brain lost the context in >> between. Please see below: >> >> On 7/15/15, 1:12 PM, "Charles Eckel (eckelcu)" <eckelcu@cisco.com> wrote: >> >>> Hi Stephen, >>> >>> Please see in the proposed change (inline) would address your remaining >>> concern. >>> >>> On 7/13/15, 4:36 PM, "siprec on behalf of Stephen Farrell" >>> <siprec-bounces@ietf.org on behalf of stephen.farrell@cs.tcd.ie> wrote: >>> >>>> Stephen Farrell has entered the following ballot position for >>>> draft-ietf-siprec-protocol-17: Discuss >>>> >>>> When responding, please keep the subject line intact and reply to all >>>> email addresses included in the To and CC lines. (Feel free to cut this >>>> introductory paragraph, however.) >>>> >>>> >>>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html >>>> for more information about IESG DISCUSS and COMMENT positions. >>>> >>>> >>>> The document, along with other ballot positions, can be found here: >>>> https://datatracker.ietf.org/doc/draft-ietf-siprec-protocol/ >>>> >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> DISCUSS: >>>> ---------------------------------------------------------------------- >>>> >>>> >>>> (1) cleared >>>> >>>> (2) 12.2: Thanks for fixing up the ekt reference. I still >>>> would like to know how, in a case where the recording >>>> is for audit/compliance purposes, one can ever allow >>>> the RS to not be re-encrypted since that creates the >>>> potential for the CS peers to fake the traffic to the RS. >>> >>> Section 12.2 currently reads as follows: >>> >>> At a minimum, the SRC and SRS MUST support the SDP >>> Security Descriptions (SDES) key negotiation mechanism [RFC4568]. >>> For cases in which DTLS-SRTP is used to encrypt a CS media stream, an >>> SRC may use SRTP Encrypted Key Transport (EKT) >>> [I-D.ietf-avtcore-srtp-ekt] in order to use SRTP-SDES in the RS >>> without needing to re-encrypt the media. >> >> How about if I add the following text to the next version of the draft? >> >>> >>> >>> Note that when using EKT in this manner, it is possible for participants >>> in the CS to send traffic that appears to be from other participants and >>> have this forwarded by the SRC to the SRS within the RS. If this is a >>> concern (e.g. the RS is intended for audit or compliance purposes), EKT is >>> likely not an appropriate choice. >> >> Would that address your remaining concern? >> >> Cheers, >> Charles >> >>> >>> Cheers, >>> Charles >>> >>>> >>>> (3) cleared >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> COMMENT: >>>> ---------------------------------------------------------------------- >>>> >>>> >>>> I had a discuss point that said: "5.3: How does a UA know if >>>> it's preference to not be recorded has been ignored?" >>>> Maybe there's a missing timer there. >>>> >>>> I also had a discuss point that said: >>>> I'll clear once you answer: but wouldn't it be easier >>>> all around to just mandate use of mutually authenticated >>>> TLS between SRC and SRS in all cases? (Even if some >>>> hop-by-hop stuff is needed when there are proxies between >>>> SRC and SRS.) Also - how is it ok to ever not re-encrypt >>>> the media in the RS since if you do not, anyone from the >>>> CS who has the right session key can send the SRS bogus >>>> packets that it'll accept. >>>> >>>> >>>> _______________________________________________ >>>> siprec mailing list >>>> siprec@ietf.org >>>> https://www.ietf.org/mailman/listinfo/siprec >>> >> >
- [siprec] Stephen Farrell's Discuss on draft-ietf-… Stephen Farrell
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Alissa Cooper
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Stephen Farrell
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Alissa Cooper
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Stephen Farrell
- Re: [siprec] Stephen Farrell's Discuss on draft-i… Charles Eckel (eckelcu)