From nobody Tue Aug 9 23:32:40 2022 Return-Path: X-Original-To: spasm@ietfa.amsl.com Delivered-To: spasm@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69B53C14F732 for ; Tue, 9 Aug 2022 23:32:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.91 X-Spam-Level: X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=keyfactorinc.onmicrosoft.com Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wWciOV4xhgqC for ; Tue, 9 Aug 2022 23:32:37 -0700 (PDT) Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80123.outbound.protection.outlook.com [40.107.8.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6F9DC14F72D for ; Tue, 9 Aug 2022 23:32:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KkHD7ojCxb59nEhD8A3Ce+huPM9g99jUtuB/sxImeLM2Re7WLrT1qUNcp/0EbzpmBsPo2XikKoS3xGFKLNgGwauhzkSHaqKFCwE1KzPoPnxbRkgSKfv1FgA8UmTshqqcn26awLLCjrE3hxEMqsoW+kiDwhsVxTSXBZ28Y7hljVDx4p0t77hry4ssG9occKBCKPWakzjaebwr1b5FueKuMfS6NnGzS3opOSaWeoJyxO6MFjnoqHDGsOP837/DvENzSpY9GTltXa2lwv9bJXSdYZvSNw58XcOYDe/heMeqNJY02w0FzyCgwEvwk6xOs9wIfKscCL9khyeae7j5lUiIwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pvMBDlQ43+0gFCezBd1kQov9cifeih5pfQGp+4qduFQ=; b=PcuHPSqgYFbPQcHafCWTNlvc6AI+VL//XKVgMRxTuJOube11C6HpkkD/ezb0PiicdpU2NKPFDvfkM7fLbeCw6tBZi4QOZZVzOF+8CkTquoQxE9kxErJpqGc+de/b/HMXb4KYlXk9kTPmO5gDUZnDtyVhZyfDh4QaKJBSfoySxdbsupZCF78WargItyC1ObsqtoO8FwlSLGSJXifyzy+mZLjG7+bvTBDzO3wSSxfUtJpywImgpgevst7rWrcA/oWsy1Tf2kbHmApH8GgDA6lBky8T33E9IoZF/CM0Na/InLpfHGlvp9lUyuOpa6Dg9Do+dSdgBEproloHdCBvHr2K3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=keyfactor.com; dmarc=pass action=none header.from=keyfactor.com; dkim=pass header.d=keyfactor.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=KeyfactorInc.onmicrosoft.com; s=selector1-KeyfactorInc-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pvMBDlQ43+0gFCezBd1kQov9cifeih5pfQGp+4qduFQ=; b=lgVq7wSaf93A31Stx06bkfG1R5BjWbGoiRgwahOSQq6RjDKWV2KwwMVWaSGc2cHZJsStJev/Z+fiUJxboPnHjmfPzZ5yaCtCI0OnKsUeuWd/pHDk6M9WGwTRC2GzWCdH4/mWgBIW24/Noni/OxtIaKl9YXdjEHiuqJ89rhF3d3I= Received: from DU0PR03MB8696.eurprd03.prod.outlook.com (2603:10a6:10:3ef::5) by DB7PR03MB4588.eurprd03.prod.outlook.com (2603:10a6:10:18::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.21; Wed, 10 Aug 2022 06:32:32 +0000 Received: from DU0PR03MB8696.eurprd03.prod.outlook.com ([fe80::a0d5:cd69:f5dc:e325]) by DU0PR03MB8696.eurprd03.prod.outlook.com ([fe80::a0d5:cd69:f5dc:e325%4]) with mapi id 15.20.5504.021; Wed, 10 Aug 2022 06:32:32 +0000 From: Tomas Gustavsson To: tirumal reddy , Russ Housley CC: LAMPS Thread-Topic: [lamps] Call for adoption of draft-housley-lamps-3g-nftypes Thread-Index: AdioGUYtAvPef2ZnSemZ7Rq3QuoaAAAhBf2AAAur1QAAiEngAAATrq4AAE9L2gAAAkgSeQ== Date: Wed, 10 Aug 2022 06:32:31 +0000 Message-ID: References: <2404FB76-F49E-4DBE-A8F9-7655EE210440@vigilsec.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=keyfactor.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1f7bcbe8-2161-4ff8-11e7-08da7a9a1adc x-ms-traffictypediagnostic: DB7PR03MB4588:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: tBphYfo7z9CGsn//6KTF7c/N7lmlVL0pIRzKNnT1pgM4tlNWslSDN4cB+s+7W2I73apAQjAyGknXaStONzjJHPGzyG63fBiaWe1Sh0vVQ+d0aMip/YBmFhtdGU4ioQrYmAPgufaRRghfccaA4KA391Hp3VP6xwznlaApBK+86ZBhfexZak7iF9b3HNVt7RoW3xE6JVJw93E/pRdcopAPWIYRziZm+FgMflXP8FmPPWd4b9KEnvQmHSyOiem2jsCvO9otAvsustvFQTlh5StYREpsUzQKVFgWDoLDE+5KPKfBovzMyjtWhXuApyMQsfqGpbdRTSxWzbZaY5VNr9H5Zln64/nXOYERV+14ZjLsvKipOI9buWY5j5MQZUkN9UKDYBT1foIce8OV0oatvxKhpbyzxCY+879WKN/ZczuonWWbKcQspAeggmGg6GakPrT2Zn16cz/L89ICmFvW/V+cCJCxjUIws2drLC2DZCApOApINcJcvDYjRHERIwUmf0X7XXFiIV5N68PXbzhRGfV4ZrJoDpro/MSx+h7OMv6t0mMVRXAhGJWWMsp5YINCsaHafcVyRGonUFGKEhBip+SaEAkoSEXdrjWR5fBOIXvISfidKx8nnVqsPpEz9TYYO140VavJGZDSU4GSJWuHRKa+lvnOSz7K1/qLN6ghHQu2XPhEmpubrcr8+yc17COKeOd4djGKC9Ve4dipnnvAOekqZeiYRq+hqsgGMhg0xOfBSY5J7EtJoZTEytqYTZnO/tL+AgbyQz3p/2WLGrv3dTvzC8SBys/L11qxMcuCDC23btej86Rfe+NanvgWeXhd5f2D x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0PR03MB8696.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(346002)(39840400004)(376002)(136003)(366004)(396003)(6506007)(53546011)(19627405001)(478600001)(26005)(9686003)(71200400001)(186003)(41300700001)(7696005)(38100700002)(122000001)(38070700005)(66574015)(8676002)(4326008)(83380400001)(33656002)(66556008)(66946007)(66476007)(66446008)(76116006)(5660300002)(91956017)(2906002)(8936002)(52536014)(110136005)(64756008)(86362001)(316002)(55016003); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?8ObkBT9hin52so2ecM0ulM4bEhMvjqt8dZn0CPziW2o6+opt0X38eTBIDDwf?= =?us-ascii?Q?WNrPELs5orEHMgRdFZ3k4qtWEOvpy4ZGsrt0Ze7KctBM8yIc+uOcKi8BN4zs?= =?us-ascii?Q?19CJmkfeulO1pEEkoYi9cLEo8ggN3pwjvLVlzx5pOlWQsy/loo1+iqN8kdOT?= =?us-ascii?Q?JnAHnjmGARuuTam7rbIMxHrArY92hrI1E3BjD21BkZdGubPmQ8lssFLdIWmb?= =?us-ascii?Q?jDWb1AsgKMYodhyw0aeLCcvenjBdXgV8H3ZfTnUpOIWbjkOi/8Ah67Ec1IBz?= =?us-ascii?Q?f/vpzJ39c2pp6yNXtBJOagZBcR+ojCknVmWhNXJExPi9XdZNIgbZu7C0rTg0?= =?us-ascii?Q?1RfB1vPniHnjSPKwWQ0qPbO3QXvM0PPAolw2rMs9k2azw8KBdUPxmKZAjPLi?= =?us-ascii?Q?oEXcSQL9YbMIuMZr6ihGhQ3lMdzZxXenTodmAqmQWjWprAMGtUALFqFGIdyF?= =?us-ascii?Q?4FnMeID/3w+2nVqsSK5GCr36PwbvlHPpan8xMfHxmU9nis/IHF/zN+IULIYI?= =?us-ascii?Q?FVaFc7cVJFHZEJNn1fOk7Z+TiiGqcsuLAs6B6u7tVUkfa97yMjmlpEgi7Wao?= =?us-ascii?Q?ZGMfNTcSPM6Ns8CLLpZpjWaMG6RvU4RRiVmXqUGwRpM0BjQPmXxHQ+r8yo7v?= =?us-ascii?Q?FNc9d+rEEnlYUk0g8eVT5hMnd50MPt19tJZSnmlHqR5QwD5fBD3Jw6QDZ+9W?= =?us-ascii?Q?UI6LN8E58qPxJ0+M9w7qVG7bECVL9qYuIbpmSNCpcxWOnNpoGVQFTwR7HSys?= =?us-ascii?Q?DQnP8v/612pssnvGGp9UovPCveNW/7v5/k7nZenDPzT969QJxtswKmZ0JIsG?= =?us-ascii?Q?5tPg+ochSQtp7EOtCRca5dxMPDdVgbjA405EmnG2y5nm/uO4Vmi7n5gT8Bc+?= =?us-ascii?Q?Il7j3tLsrab082a4JmwctFZ/cnqHFMBuA+otm0Mcysn6z66Y/DDRFqvhCbVi?= =?us-ascii?Q?omI4gyTrNsU+VgQdES15GbKTnx/23BEBEaBENcq5W9WRT2RZtPRptZ82uSqy?= =?us-ascii?Q?Zdf7MVYeRZkUW1bBcMLi3Pu2k3zXATNpbICJurIta8iL3qIJV0QhDtDR9mry?= =?us-ascii?Q?A9t/BR0vLqgudD+uOpLdAH721QvXIBnY04ZM0RCrYI8bkQvMhCoqz1n5Szp1?= =?us-ascii?Q?iZeXAqgtptdA+GmZrjufYnLBDPj9r+vfEisEDlkafSjJpZlP3eWqbLE1a6Oo?= =?us-ascii?Q?CQmAfjJW1jU5AOhniq1dNn0iTn1fO2cbKoCNU46H2xty+fMnOdLwE2CK3TVD?= =?us-ascii?Q?DMtW4ZKOdZbLc7swNlf9ueGtgTPmGRxPOZhpSuHMyeBD/fmAB6AjjVCTrdz5?= =?us-ascii?Q?LSv0Rbhpxk8zA2X9UQTGeERBRvIQW6QeFF4iZfGCEFy7Ledc9MZ2HQdlGvHd?= =?us-ascii?Q?Cn07Jgk2Aa5Ehg8Af5VN80zYiyVZPCnFNAYkqMCfBy7dHxhlXig/GZMOEf+N?= =?us-ascii?Q?R5bY+8Dn0xsABtL0V3jZSTM5NPRBsRqX4+M27iXwo/pJtXygasgIwAAoiTG7?= =?us-ascii?Q?79q83Zvfa66ldC2ffRqncZuPf4yfiaR8p+L/OAKCQAVReE1mmJcP36MSoPGz?= =?us-ascii?Q?2nh7vUkMD0EfkvREAJzfom6mM2KmqdbmF6NTuZHl?= Content-Type: multipart/alternative; boundary="_000_DU0PR03MB86963D63921A321097313CDE86659DU0PR03MB8696eurp_" MIME-Version: 1.0 X-OriginatorOrg: keyfactor.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DU0PR03MB8696.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1f7bcbe8-2161-4ff8-11e7-08da7a9a1adc X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Aug 2022 06:32:31.9904 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: c9ed4b45-9f70-418a-aa58-f04c80848ca9 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Ie4wLkM/YJM1lpTjkLf4OzkrfgkLUZMHFLgLqIT0Il+DC7MAakHwX1+EpsnOa5KE0vDdsLQbMVzl6To5215iy5qAQ2+8WpdelgK1e90yWE0= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR03MB4588 Archived-At: Subject: Re: [lamps] Call for adoption of draft-housley-lamps-3g-nftypes X-BeenThere: spasm@ietf.org X-Mailman-Version: 2.1.39 Precedence: list List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Aug 2022 06:32:39 -0000 --_000_DU0PR03MB86963D63921A321097313CDE86659DU0PR03MB8696eurp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I don't think 3GPP networks will make use of certificate transparency logs.= These are internal telco networks and will not use publicly trusted WebPKI= CAs for issuing TLS certificates. I don't think publicly trusted CAs could= even issue these certificates as it may contain other information than wha= t's allowed by Baseline Requirements, such as internal hostnames/IPs. There are some guards against malicious network functions built into the 3G= PP specification, by the usage of vendor certificates for authenticating th= e network functions the MNO plans to put into it's network. Cheers, Tomas ________________________________ From: Spasm on behalf of tirumal reddy Sent: Wednesday, August 10, 2022 7:22 AM To: Russ Housley Cc: LAMPS Subject: Re: [lamps] Call for adoption of draft-housley-lamps-3g-nftypes CAUTION: External Sender - Be cautious when clicking links or opening attac= hments. Please email InfoSec@keyfactor.com with any questions. Hi Russ, Please see inline On Mon, 8 Aug 2022 at 21:01, Russ Housley > wrote: Tiru: 1. Yes, this is a good topic to expand the Security Considerations. 2. This seems pretty obvious to me, but I will think about a sentence or tw= o for a more complete explanation. Thanks. You may want to also discuss the privacy and security implications = of using NFType in the certificate extension for RBAC. For example (1) If T= LS 1.2 is used by network functions, pervasive monitoring is possible for a= n attacker to identify the NFTypes visible in the TLS handshake and can pot= entially target a specific NFType (e.g., subject to DDoS or launch a target= ed attack). (3) Misuse of NFType to gain additional privileges and what are= the potential remediation techniques ? Yes, the certificate is plaintext when TLS 1.2 is used, and it it encrypted= when TLS 1.3 or IKEv2 is used. In TLS 1.3 (without encrypted client hello), SNI will not be encrypted and = it is possible for an attacker to get the certificate content from certific= ate transparency logs to identify the NFTypes associated with the FQDN. I'm not sure what you mean about misuse of the NFType. Are you talking abo= ut the trusted CA putting the wrong NFType in the certificate? No, trusted CA may not inject a wrong NFType and it can be validated by the= network function sending the CSR to the CA. I meant the NFTypes and FQDN of network functions will be available in the = certificate transparency logs. It exposes the internal/external network fun= ctions details to anyone on the Internet. It may also be possible for an in= ternal attacker to host a malicious network function and misuse the NFType = to gain additional privileges. Cheers, -Tiru Russ --_000_DU0PR03MB86963D63921A321097313CDE86659DU0PR03MB8696eurp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
I don't think 3GPP networks will make use of certificate transparency logs.= These are internal telco networks and will not use publicly trusted WebPKI= CAs for issuing TLS certificates. I don't think publicly trusted CAs could= even issue these certificates as it may contain other information than what's allowed by Baseline Requireme= nts, such as internal hostnames/IPs.

There are some guards against malicious network functions built into the 3G= PP specification, by the usage of vendor certificates for authenticating th= e network functions the MNO plans to put into it's network.

Cheers,
Tomas

From: Spasm <spasm-bounc= es@ietf.org> on behalf of tirumal reddy <kondtir@gmail.com>
Sent: Wednesday, August 10, 2022 7:22 AM
To: Russ Housley <housley@vigilsec.com>
Cc: LAMPS <spasm@ietf.org>
Subject: Re: [lamps] Call for adoption of draft-housley-lamps-3g-nft= ypes
 
CAUTION: External Se= nder - Be cautious when clicking links or opening attachments. Please email= InfoSec@keyfactor.com with any questions.

Hi Russ,

Please see inline

On Mon, 8 Aug 2022 at 21:01, Russ H= ousley <housle= y@vigilsec.com> wrote:
Tiru:

1. Yes, this is a good topic to expand the Security Considerations.

2. This seems pretty obvious to me, but I will think about a sentence = or two for a more complete explanation.

Thanks. You may want to also discuss the privacy and security implicat= ions of using NFType in the certificate extension for RBAC. For example (1)= If TLS 1.2 is used by network functions, pervasive monitoring is possible = for an attacker to identify the NFTypes visible in the TLS handshake and can potentially target a specific= NFType (e.g., subject to DDoS or launch a targeted attack). (3) Misuse of = NFType to gain additional privileges and what are the potential remedi= ation techniques ? 

Yes, the certificate is plaintext when TLS 1.2 is used, and it it encrypted= when TLS 1.3 or IKEv2 is used.

In TLS 1.3 (without encrypted client hello), SNI will not be encrypted= and it is possible for an attacker to get the certificate content from cer= tificate transparency logs to identify the NFTypes associated with the FQDN= .
 

I'm not sure what you mean about misuse of the NFType.  Are you t= alking about the trusted CA putting the wrong NFType in the certificate?

No, trusted CA may not inject a wrong NFType and it can be validated b= y the network function sending the CSR to the CA. 
I meant the NFTypes and FQDN of network functions will be available in= the certificate transparency logs. It exposes the internal/external networ= k functions details to anyone on the Internet. It may also be possible for = an internal attacker to host a malicious network function and misuse the NFType to gain additional privileges.

Cheers,
-Tiru 

Russ

--_000_DU0PR03MB86963D63921A321097313CDE86659DU0PR03MB8696eurp_--