IETF Logo Mail Archive

Re: [stir] Rollout timeframe (was: RE: Draft STIR Charter)

Hadriel Kaplan <hadriel.kaplan@oracle.com> Tue, 16 July 2013 15:23 UTC

Return-Path: <hadriel.kaplan@oracle.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACAC821F9AF5 for <stir@ietfa.amsl.com>; Tue, 16 Jul 2013 08:23:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.481
X-Spam-Level:
X-Spam-Status: No, score=-6.481 tagged_above=-999 required=5 tests=[AWL=0.118, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wfR2fgmFQNDI for <stir@ietfa.amsl.com>; Tue, 16 Jul 2013 08:23:00 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 57B3F21F9B90 for <stir@ietf.org>; Tue, 16 Jul 2013 08:22:59 -0700 (PDT)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r6GFMuOg021584 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 16 Jul 2013 15:22:57 GMT
Received: from aserz7021.oracle.com (aserz7021.oracle.com [141.146.126.230]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r6GFMt4A019808 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 16 Jul 2013 15:22:55 GMT
Received: from abhmt102.oracle.com (abhmt102.oracle.com [141.146.116.54]) by aserz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r6GFMt4U019801; Tue, 16 Jul 2013 15:22:55 GMT
Received: from [192.168.1.108] (/66.31.4.117) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 16 Jul 2013 08:22:55 -0700
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Hadriel Kaplan <hadriel.kaplan@oracle.com>
In-Reply-To: <7A9C6940-5BC1-4A22-A4C8-85EF5495D4EC@brianrosen.net>
Date: Tue, 16 Jul 2013 11:22:53 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <128B5434-F59B-4347-A7BB-AC8AF5412FC9@oracle.com>
References: <CE08B40C.6836A%jon.peterson@neustar.biz> <51E371BA.9060009@dcrocker.net> <011601ce818b$7bdd48e0$7397daa0$@shockey.us> <E6A16181E5FD2F46B962315BB05962D01FB88405@fcc.gov> <71E797DB-492C-4731-9888-A3FFBF2BBC5A@oracle.com> <B13DEB6C-26B0-46DC-857D-10F9D9782F0A@brianrosen.net> <EFBA6F31-1242-45D9-A630-3BCB6296E6A7@oracle.com> <29029_1373979285_51E54294_29029_4240_1_B5939C6860701C49AA39C5DA5189448B0B46D9@PEXCVZYM12.corporate.adroot.infra.ftgroup> <009f01ce8229$6509e3a0$2f1daae0$@shockey.us> <27376377-8220-4AEC-97A2-A1D59DAA54DA@oracle.com> <7A9C6940-5BC1-4A22-A4C8-85EF5495D4EC@brianrosen.net>
To: Brian Rosen <br@brianrosen.net>
X-Mailer: Apple Mail (2.1508)
X-Source-IP: acsinet21.oracle.com [141.146.126.237]
Cc: IETF STIR Mail List <stir@ietf.org>, Richard Shockey <richard@shockey.us>
Subject: Re: [stir] Rollout timeframe (was: RE: Draft STIR Charter)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2013 15:23:07 -0000

On Jul 16, 2013, at 10:45 AM, Brian Rosen <br@brianrosen.net> wrote:

> If INSIPID's session ID won't survive end to end, what do you suggest we use here to avoid replay?

We just need to put something into the new header we create for the signature and other stuff.  That's what both draft-kaplan-sip-asserter-identity and draft-kaplan-stir-ikes-out-00 do.  RFC4474 used the Call-ID and Cseq number to prevent replay because they were conveniently available, and because at a SIP layer getting the same values would reject the message even due to normal SIP processing rules.  But we won't have the latter benefit even with Session-ID, and we basically have to rely on only the verifier being the one to detect/prevent replays.

BTW, it doesn't have to be a random value, either - it could be a sequential number.  It just has to provide enough uniqueness within one second of time, for the same source-dest E.164 pair, so that the signer can successfully generate another message for the same source-dest pair within the same second without the signer itself being detected as a replay.  As long as the verifier remembers there was a message from the source-dest pair and its timestamp and its sequence number, for the ~15 minutes a timestamp is valid for, then the verifier can prevent replays.  So I do that in the IKES mechanism, by requiring the verifier to remember the IKES-IF string value for 20 minutes, and comparing future request IKES-IF strings against it.  (it doesn't need to be for a full 20 minutes though - the draft needs to be tightened up some)

-hadriel

v2.23.0 | Report a Bug | By Email