IETF Logo Mail Archive

Re: [stir] "iat" value to use during PASSPorT construction

"Asveren, Tolga" <tasveren@rbbn.com> Fri, 20 July 2018 19:53 UTC

Return-Path: <tasveren@rbbn.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 745BB131250 for <stir@ietfa.amsl.com>; Fri, 20 Jul 2018 12:53:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.089
X-Spam-Level:
X-Spam-Status: No, score=-4.089 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=sonusnetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jylMPGl8TuqC for <stir@ietfa.amsl.com>; Fri, 20 Jul 2018 12:53:42 -0700 (PDT)
Received: from us-smtp-delivery-181.mimecast.com (us-smtp-delivery-181.mimecast.com [63.128.21.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 705A5131249 for <stir@ietf.org>; Fri, 20 Jul 2018 12:53:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=SonusNetworks.onmicrosoft.com; s=selector1-rbbn-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jsPSXhZ4cv0ka3/ov8bcnxOu8YPrTpSpJOPL43XKvJ0=; b=jtC0iOj15o8KtUXLKTrJeqxfL14hsjQiloFU7Ig8Nri2sbUdQF52oC8T+gvu6s+3uw8qdbxqoPYpr+XH0eZMgZzqd3MDJ8P46HMNRs/GiFvhC6Bmp+H3iLfVg8W9oEMMeAWRvGyWZhIduUUgu2nL0OK69QUEkuftEDq6E5//S8k=
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02lp0088.outbound.protection.outlook.com [207.46.163.88]) (Using TLS) by us-smtp-1.mimecast.com with ESMTP id us-mta-208-Vg3pvw1rMU-ISd_BBeVTTw-1; Fri, 20 Jul 2018 15:53:39 -0400
Received: from MWHPR03MB2815.namprd03.prod.outlook.com (10.175.135.9) by MWHPR03MB3246.namprd03.prod.outlook.com (10.174.249.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.973.16; Fri, 20 Jul 2018 19:53:36 +0000
Received: from MWHPR03MB2815.namprd03.prod.outlook.com ([fe80::c5c3:5bad:a1f7:52e9]) by MWHPR03MB2815.namprd03.prod.outlook.com ([fe80::c5c3:5bad:a1f7:52e9%9]) with mapi id 15.20.0973.018; Fri, 20 Jul 2018 19:53:36 +0000
From: "Asveren, Tolga" <tasveren@rbbn.com>
To: "Gorman, Pierce A [CTO]" <Pierce.Gorman@sprint.com>, williw <wilhelm@wimmreuter.de>
CC: "stir@ietf.org" <stir@ietf.org>
Thread-Topic: [stir] "iat" value to use during PASSPorT construction
Thread-Index: AdPrT9q/oUbx39SISTyhzIa9uuwWlA07J40AAAUuR2AAAxj3AAABNlBQ
Date: Fri, 20 Jul 2018 19:53:35 +0000
Message-ID: <MWHPR03MB2815AC2B559FC4C7B9772C9EA5510@MWHPR03MB2815.namprd03.prod.outlook.com>
References: <CY4PR03MB3160EE4F4502CCF974B070CFA59C0@CY4PR03MB3160.namprd03.prod.outlook.com> <0C2B7B00-AB77-48E1-A666-F76A592DDC51@wimmreuter.de> <MWHPR03MB2815E6CDBA2DF7CD0D8E5BD0A5510@MWHPR03MB2815.namprd03.prod.outlook.com> <bcd76a29456e4456aab0a38d74d1f3ec@plswe13m04.ad.sprint.com>
In-Reply-To: <bcd76a29456e4456aab0a38d74d1f3ec@plswe13m04.ad.sprint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [73.29.251.142]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR03MB3246; 20:Pn8F78iVyCIjjS5zi7VfMuTewy84yOTrqtfPyXaXfgRaKX4sXmMg/JRd4MH4ULBjZWD0t7R5AVZqwkguomUvf5GnkOiGy+tl1qQCjqCMLT59+SaVDUp6ls5uTHX8QlTz8IzchBAWdwcYsofNAJ+297ecbSPF7Ko3UAAPC/HQdf8=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 121028a4-37a6-47f3-cee4-08d5ee7a7b17
x-microsoft-antispam: UriScan:(18430343700868)(223705240517415); BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600053)(711020)(2017052603328)(7153060)(7193020); SRVR:MWHPR03MB3246;
x-ms-traffictypediagnostic: MWHPR03MB3246:
x-microsoft-antispam-prvs: <MWHPR03MB3246914D488D3EFE81B6022CA5510@MWHPR03MB3246.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(18430343700868)(159968658992688)(223705240517415)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231311)(944501410)(52105095)(3002001)(93006095)(93001095)(10201501046)(149027)(150027)(6041310)(20161123564045)(20161123558120)(20161123562045)(20161123560045)(201703131423095)(201703031522075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:MWHPR03MB3246; BCL:0; PCL:0; RULEID:; SRVR:MWHPR03MB3246;
x-forefront-prvs: 073966E86B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(366004)(396003)(346002)(376002)(39850400004)(199004)(189003)(110136005)(316002)(25786009)(105586002)(7736002)(296002)(9686003)(5250100002)(54896002)(6306002)(55016002)(236005)(74316002)(26005)(606006)(229853002)(97736004)(5660300001)(14444005)(256004)(186003)(6436002)(3846002)(6116002)(790700001)(99286004)(33656002)(486006)(2906002)(6246003)(966005)(7696005)(53936002)(76176011)(478600001)(2900100001)(446003)(11346002)(14454004)(8936002)(19609705001)(4326008)(106356001)(93886005)(86362001)(68736007)(53546011)(81166006)(6506007)(476003)(66066001)(81156014)(8676002)(102836004); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR03MB3246; H:MWHPR03MB2815.namprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
x-microsoft-antispam-message-info: hSf62g9nUUWlc+idH4CBxeONBGnk9ONCj1hTS43N4iTuCCOi2W1eqTAVe12rHAgNZ546/dATFlWgJxSPUR+Sux7P1QFUC0vnOhwamE00a0XxIkkEEYYRmztynXLXVIK05x8ce5jeLCmsVeD53+7ZpC7HL0QFvXB1qgjOE7X4NJkkW+/Jf7Dv/Oepx15mVOUqxTXXmxmcQaYyfMWlFoj5AhUenEksXBcT9eROcH8J3KO8paP8HyOQE5b8SykI4yyWHrRzakAJ7qnFy5R+VY3GaORBMyreMa9NmDDS/UJJ2LMY827bu225SIYpAHEfvLF1Upy4WVYE7//kVOYncE8wvzBq1lAJ+Iw/t1PWrgPB/CY=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: rbbn.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 121028a4-37a6-47f3-cee4-08d5ee7a7b17
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jul 2018 19:53:35.9940 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR03MB3246
X-MC-Unique: Vg3pvw1rMU-ISd_BBeVTTw-1
Content-Type: multipart/alternative; boundary="_000_MWHPR03MB2815AC2B559FC4C7B9772C9EA5510MWHPR03MB2815namp_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/9UnoYR9qlZv3AKHn89rNB6WWZJE>
Subject: Re: [stir] "iat" value to use during PASSPorT construction
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 19:53:53 -0000

Not disagreeing with your points in general but:

I don’t think there is “protocol level” check possible whether a signature generated by an intermediary and verified successfully is created maliciously or not. This has to depend on policy. Depending on attestation level one may check whether signer is authoritative for  origin or whether it can be trusted for the particular attestation level without such a check. Whom to trust for which attestation level is really an operational/administrative decision and doesn’t have anything to do with protocol semantics AFAICS. But eventually, it may be “learned”, based on ratio of valid/spam/malicious/etc… calls signed by a certain organization.

Thanks,
Tolga

From: Gorman, Pierce A [CTO] <Pierce.Gorman@sprint.com>
Sent: Friday, July 20, 2018 3:12 PM
To: Asveren, Tolga <tasveren@rbbn.com>; williw <wilhelm@wimmreuter.de>
Cc: stir@ietf.org
Subject: RE: [stir] "iat" value to use during PASSPorT construction

________________________________
NOTICE: This email was received from an EXTERNAL sender
________________________________

Because of the large volume of porting and ported numbers I assume it is impractical (or at least undesirable) to validate in real-time that a number is “owned” by the originating carrier.  This also won’t work for the scenarios where the call is signed by a transit or gateway carrier (say for automated traceback).

It has been said many times that just as all unwanted and illegal robocalls do not use spoofed calling numbers, it should be assumed that bad actors will originate signed calls with bad intent.  Prepaid phones and ephemeral enterprise SIP trunks will be a good home for these kinds of calls.  And there are other scenarios as well.



From: Asveren, Tolga [mailto:tasveren@rbbn.com]
Sent: Friday, July 20, 2018 1:18 PM
To: williw <wilhelm@wimmreuter.de<mailto:wilhelm@wimmreuter.de>>
Cc: stir@ietf.org<mailto:stir@ietf.org>
Subject: Re: [stir] "iat" value to use during PASSPorT construction

I don’t think that is an issue as that signature is cryptographically valid doesn’t mean that is “completely fine”. It also should be checked that signing organization is authoritative for the claimed (and verified) origination.

Please consider that the scenario you mention is not related with “originating network signs only if the call leaves the network” policy. It can happen for any case: an intermediary (maybe with malicious intent) just can generate a valid signature for any call by using its own key; but then the above check I mentioned would detect that signer is not authoritative for the origination, i.e. signature is not generated by the originating network.

Thanks,
Tolga

From: stir <stir-bounces@ietf.org<mailto:stir-bounces@ietf.org>> On Behalf Of williw
Sent: Friday, July 20, 2018 11:15 AM
To: Asveren, Tolga <tasveren@rbbn.com<mailto:tasveren@rbbn.com>>
Cc: stir@ietf.org<mailto:stir@ietf.org>
Subject: Re: [stir] "iat" value to use during PASSPorT construction

________________________________
NOTICE: This email was received from an EXTERNAL sender
________________________________

Sorry, I unsuccessfully submitted my concern on jabber list during the meeting.
However, this could be valid in this and applies possibly other areas of stir as well.


My concern that came up while seeing the cat slides in meeting was the following:


Signing outbound / E-gres calls only.
This emulates the old PSTN paradigm and enables impersonation as we have it in SS7.
Without originating signatures this seems to be a big impersonation hole I assume.

In fact, operators will happily sign my robocalls and other malicious stuff.
And this will guarantee that my robocalls have a valid signature that will also be perfect for OOB signalling etc.

Is this concern valid?

Sorry this did not come through the scribe and to the mic.

Thanks

Willi

_______________________________________________
stir mailing list
stir@ietf.org<mailto:stir@ietf.org>
https://www.ietf.org/mailman/listinfo/stir<https://www.ietf.org/mailman/listinfo/stir>

________________________________

This e-mail may contain Sprint proprietary information intended for the sole use of the recipient(s). Any use by others is prohibited. If you are not the intended recipient, please contact the sender and delete all copies of the message.

v2.23.0 | Report a Bug | By Email