Re: [stir] Roman Danyliw's Discuss on draft-ietf-stir-passport-rcd-23: (with DISCUSS and COMMENT)
Ben Campbell <ben@nostrum.com> Mon, 06 March 2023 19:12 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08A00C1522C6; Mon, 6 Mar 2023 11:12:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZBui1XlzbLjc; Mon, 6 Mar 2023 11:12:13 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F72CC1522BD; Mon, 6 Mar 2023 11:12:13 -0800 (PST)
Received: from smtpclient.apple (mta-70-120-133-87.satx.rr.com [70.120.133.87] (may be forged)) (authenticated bits=0) by nostrum.com (8.17.1/8.17.1) with ESMTPSA id 326JC6U8064497 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 6 Mar 2023 13:12:07 -0600 (CST) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1678129928; bh=Owm32GXuFpkTB67SwiLIb9Nsb5odOIPzk7aO8sOI994=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=SMeP8E9KCsEWDbPWl55cwWGfr/bttbgK68zKj6stOKS1YuB+gLAfpFRPJ/pjoHLiI 5NmuyI4YscIkTq/+SorQHJJkMMyKapEMSu0yN24vQVGIqsFhB4vYNXBs6HUHJkeOHf 5dX+A7v6g9NDmz4n+Zj6T0KO0U7jHDF00SqCgqzE=
X-Authentication-Warning: raven.nostrum.com: Host mta-70-120-133-87.satx.rr.com [70.120.133.87] (may be forged) claimed to be smtpclient.apple
From: Ben Campbell <ben@nostrum.com>
Message-Id: <2A964DAC-C465-4E68-92CA-59FE79E8A477@nostrum.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1A544333-9C21-4271-B272-ABCB9137F106"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
Date: Mon, 06 Mar 2023 13:11:51 -0600
In-Reply-To: <C27B367B-3DE8-4A91-8E3C-51060C6FDA8E@nostrum.com>
Cc: Chris Wendt <chris-ietf@chriswendt.net>, Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>, draft-ietf-stir-passport-rcd@ietf.org, STIR Chairs <stir-chairs@ietf.org>, IETF STIR Mail List <stir@ietf.org>, Russ Housley <housley@vigilsec.com>
To: pierce@numeracle.com
References: <166977514888.24379.6431023985333578193@ietfa.amsl.com> <B1A2B8C8-C478-4D67-86D1-5326E0206316@chriswendt.net> <9C71358E-DB39-40FC-BA18-734175B6BEA3@nostrum.com> <A78C373B-82DF-4504-ACC3-240F35291671@chriswendt.net> <089901d95050$eddd0130$c9970390$@numeracle.com> <C27B367B-3DE8-4A91-8E3C-51060C6FDA8E@nostrum.com>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/DMuU0fcqhB-Gf9G1ulbUJNYSf-I>
Subject: Re: [stir] Roman Danyliw's Discuss on draft-ietf-stir-passport-rcd-23: (with DISCUSS and COMMENT)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2023 19:12:17 -0000
I meant to add “There’s always the potential for adversarial content in that body part” to the list. Thanks! Ben. > On Mar 6, 2023, at 1:09 PM, Ben Campbell <ben@nostrum.com> wrote: > > (No hats) > > I think that CID security requirements are similar but not identical to HTTPS: CID URLs would reference body parts imbedded in the SIP INVITE, so there’s effectively no server. But we are still talking about content external to the PASSporT not directly covered by the PASSporT signature, so integrity protection still matters. > > Given that this is not something the WG has really thought about, I propose we limit this to HTTPS for the time being. If anyone really needs CID, they can always bring an update or bis draft with the appropriate security considerations. > > Thanks! > > Ben. > >> On Mar 6, 2023, at 11:27 AM, pierce@numeracle.com wrote: >> >> I don’t know how much CID is in use, so I think you have to require HTTPS at least. >> >> I don’t have an opinion on whether you should specify “MUST be HTTPS or CID”. >> >> I remember that Alec Fenichel added some requirements to the ATIS-1000074 spec with regard to caching, port numbers for HTTPS and defense against SSRF. I don’t know if those would have been good to have also included the IETF RFC 8224 spec, but just want to mention that if there are similar performance and/or security considerations for CID, and you decide to include CID in this spec, you might want to see if there are any similar recommendations for CID as were available for HTTPS. >> >> Pierce >> >> >> From: stir <stir-bounces@ietf.org <mailto:stir-bounces@ietf.org>> On Behalf Of Chris Wendt >> Sent: Sunday, March 5, 2023 9:03 AM >> To: Ben Campbell <ben@nostrum.com <mailto:ben@nostrum.com>> >> Cc: Roman Danyliw <rdd@cert.org <mailto:rdd@cert.org>>; The IESG <iesg@ietf.org <mailto:iesg@ietf.org>>; draft-ietf-stir-passport-rcd@ietf.org <mailto:draft-ietf-stir-passport-rcd@ietf.org>; STIR Chairs <stir-chairs@ietf.org <mailto:stir-chairs@ietf.org>>; IETF STIR Mail List <stir@ietf.org <mailto:stir@ietf.org>>; Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com>> >> Subject: Re: [stir] Roman Danyliw's Discuss on draft-ietf-stir-passport-rcd-23: (with DISCUSS and COMMENT) >> >> Hi Ben, >> >> Yes, thanks for catching that, perhaps HTTPS or CID is best path. Curious for other opinions. >> >> -Chris >> >> >>> On Mar 2, 2023, at 5:01 PM, Ben Campbell <ben@nostrum.com <mailto:ben@nostrum.com>> wrote: >>> >>> (No hats) >>> >>> I have a context related comment on one item: >>> >>> Thanks! >>> >>> Ben. >>> >>> >>>> On Mar 1, 2023, at 12:02 PM, Chris Wendt <chris-ietf@chriswendt.net <mailto:chris-ietf@chriswendt.net>> wrote: >>> >>> […] >>> >>> >>>> >>>>> >>>>> ** 5.*. Inconsistent requirements for URIs >>>>> >>>>> -- icn: appears to be any URI per Section 5.1.3. This would make gopher://, >>>>> ftp://, https:// all equally valid. These have different security >>>>> characteristics. >>>>> >>>>> -- jcd: per Section 5.1.4 “is intended to directly match the Call-Info header >>>>> field value defined in [I-D.ietf-sipcore-callinfo-rcd].” Section 4 of that >>>>> document says it “MUST define the use HTTPS or a transport that can validate >>>>> the integrity of the source of the resource as well as the transport channel >>>>> through which the resource is retrieved”. >>>>> >>>>> -- jcl: is an HTTPS URL (per Section 5.1.5) >>>>> >>>>> Why are these different? Support different levels of transport security? >>>> >>>> You are correct, i fixed “icn” to specifically be an HTTPS URL vs generic URI. jcd is not a URI, it’s a directly included JSON jcard object in the “rcd" claim. >>>> >>> >>> IIRC, a previous version did specify HTTPS URLs for “icn”, but we discussed the possibility that an icon could be imbedded in a body part of the SIP request and be referenced with a “cid” URL. I suppose that if that is true for “icn”, it is probably also true for “jcl”. >>> >>> That being said, I am not aware of anyone actually doing that (yet) will not object if we think it is better to limit it to HTTPS. (Or as a compromise, say it MUST be either HTTPS or CID?) >>> >>> >>> >>>> […] >
- [stir] Roman Danyliw's Discuss on draft-ietf-stir… Roman Danyliw via Datatracker
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… Chris Wendt
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… Ben Campbell
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… Chris Wendt
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… pierce
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… Alec Fenichel
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… Ben Campbell
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… Ben Campbell
- Re: [stir] Roman Danyliw's Discuss on draft-ietf-… DOLLY, MARTIN C