Re: [Slim] Alissa Cooper's No Objection on draft-ietf-slim-negotiating-human-language-22: (with COMMENT)
Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 11 January 2018 20:53 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: slim@ietfa.amsl.com
Delivered-To: slim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8102A12EC40 for <slim@ietfa.amsl.com>; Thu, 11 Jan 2018 12:53:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.934
X-Spam-Level:
X-Spam-Status: No, score=-1.934 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RBESHNjQACTG for <slim@ietfa.amsl.com>; Thu, 11 Jan 2018 12:53:00 -0800 (PST)
Received: from resqmta-ch2-02v.sys.comcast.net (resqmta-ch2-02v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E37CE12EC3A for <slim@ietf.org>; Thu, 11 Jan 2018 12:52:59 -0800 (PST)
Received: from resomta-ch2-04v.sys.comcast.net ([69.252.207.100]) by resqmta-ch2-02v.sys.comcast.net with ESMTP id Zjq1ewM7hK5G0ZjqMeO4uZ; Thu, 11 Jan 2018 20:52:58 +0000
Received: from PaulKyzivatsMBP.localdomain ([24.62.227.142]) by resomta-ch2-04v.sys.comcast.net with SMTP id ZjqLeLYTKTEttZjqMeYj0K; Thu, 11 Jan 2018 20:52:58 +0000
To: Randall Gellens <rg+ietf@randy.pensive.org>, slim@ietf.org
References: <151552189475.2065.12973411169880140522.idtracker@ietfa.amsl.com> <p06240606d67acbc7af70@[99.111.97.136]> <6123cac0-a946-b26b-2b3b-68ff7b28874f@alum.mit.edu> <p06240604d67bede7af48@[99.111.97.136]>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <14c38c8d-1dbd-79f2-6959-bbf00d196a62@alum.mit.edu>
Date: Thu, 11 Jan 2018 15:52:57 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <p06240604d67bede7af48@[99.111.97.136]>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-CMAE-Envelope: MS4wfEsRfQguDSMZxSQo5hyAkLHd4BxaC+RtnidCbvlcVb/fldW7BPuqVNfkGqDIW2ayfvz6NlkBpwDB/u24bd8m4GS86JB/qCsAkfw/BWdfMwOemTpaqHrp +F4Iofpoupfkxli7SqxhYr80GIATahn7jZSExv2hO5PsA+/LkAZ7rIZMYnPaddXtmZpYImO8U+JB1TY3D6rHJtwQIl+mtZyRESEPqHvRlE6qxKTs3RZbGX29
Archived-At: <https://mailarchive.ietf.org/arch/msg/slim/CP2YfbRZenHTy1VoYjpg6LhaEVc>
Subject: Re: [Slim] Alissa Cooper's No Objection on draft-ietf-slim-negotiating-human-language-22: (with COMMENT)
X-BeenThere: slim@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Selection of Language for Internet Media <slim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/slim>, <mailto:slim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/slim/>
List-Post: <mailto:slim@ietf.org>
List-Help: <mailto:slim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/slim>, <mailto:slim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jan 2018 20:53:01 -0000
On 1/10/18 11:27 AM, Randall Gellens wrote: > At 11:01 AM -0500 1/10/18, Paul Kyzivat wrote: > >> On 1/9/18 3:08 PM, Randall Gellens wrote: >>> Hi Alissa, >>> >>> Good point. I can reword the Security Considerations section to read: >>> >>> The Security Considerations of BCP 47 [RFC5646] apply here. An >>> attacker with the ability to modify signaling could prevent a call >>> from succeeding by altering any of several crucial elements, >>> including the 'hlang-send' or 'hlang-recv' values. RFC 5069 >>> [RFC5069] discusses such threats. Use of TLS or IPSec can protect >>> against such threats. Emergency calls are of particular >>> concern; RFC >>> 6881 [RFC6881], which is specific to emergency calls, mandates >>> use of >>> TLS or IPSec (in ED-57/SP-30). >> >> Is this a real concern? IIUC the processing of emergency calls >> prioritizes completion of the call above everything else. Lack of >> support for a requested language should never result in call failure. > > It's a concern for calls in general that an attacker who is able to > modify the signaling can cause calls to fail. The attacker could modify > the Request-URI, causing the call to be routed to, e.g., a pothole > reporting line instead of the police, or to a completely bogus > destination, or modify the Contact-URI or any other crucial element. But that is nothing unique to SLIM. In this respect it is the same as any sip call. Thanks, Paul > It's true that where emergency calls are concerned, normally the > priority is for the call to complete no matter what. A PSAP is highly > unlikely to fail a call if there are no languages in common. RFC 6881 > mandates use of TLS or IPSec but also that a call proceeds even if TLS > or IPSec fail. > > >>> At 10:18 AM -0800 1/9/18, Alissa Cooper wrote: >>> >>>> Alissa Cooper has entered the following ballot position for >>>> draft-ietf-slim-negotiating-human-language-22: No Objection >>>> >>>> When responding, please keep the subject line intact and reply to all >>>> email addresses included in the To and CC lines. (Feel free to cut >>>> this >>>> introductory paragraph, however.) >>>> >>>> >>>> Please refer to >>>> https://www.ietf.org/iesg/statement/discuss-criteria.html >>>> for more information about IESG DISCUSS and COMMENT positions. >>>> >>>> >>>> The document, along with other ballot positions, can be found here: >>>> >>>> https://datatracker.ietf.org/doc/draft-ietf-slim-negotiating-human-language/ >>>> >>>> >>>> >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> COMMENT: >>>> >>>> ---------------------------------------------------------------------- >>>> >>>> == Section 7 == >>>> >>>> "In >>>> addition, if the 'hlang-send' or 'hlang-recv' values are >>>> altered or >>>> deleted en route, the session could fail or languages >>>> incomprehensible to the caller could be selected; however, this is >>>> also a risk if any SDP parameters are modified en route." >>>> >>>> Given that one of the primary use cases for the attributes defined >>>> here is for >>>> emergency calling, it seems worthwhile to call out the new >>>> specific threat that >>>> these attributes enable in that case, namely the targeted >>>> manipulation/forgery >>>> of the language attributes for the purposes of denying emergency >>>> services to a >>>> caller. This general class of attacks is contemplated in Section >>>> 5.2.2 of RFC >>>> 5069, although there may be a better reference to cite here for >>>> what to do if >>>> you don't want your emergency calls subject to that kind of attack >>>> (I can't >>>> recall another document off the top of my head). >>>> >>>> == Section 8 == >>>> >>>> This seems weak for not including some words to indicate what to >>>> do to mitigate >>>> the risks of exposing this information. >>> >>> >> >> _______________________________________________ >> SLIM mailing list >> SLIM@ietf.org >> https://www.ietf.org/mailman/listinfo/slim > >
- [Slim] Alissa Cooper's No Objection on draft-ietf… Alissa Cooper
- Re: [Slim] Alissa Cooper's No Objection on draft-… Randall Gellens
- Re: [Slim] Alissa Cooper's No Objection on draft-… Alissa Cooper
- Re: [Slim] Alissa Cooper's No Objection on draft-… Paul Kyzivat
- Re: [Slim] Alissa Cooper's No Objection on draft-… Randall Gellens
- Re: [Slim] Alissa Cooper's No Objection on draft-… Paul Kyzivat
- Re: [Slim] Alissa Cooper's No Objection on draft-… Randall Gellens