Re: [straw] Alissa Cooper's Discuss on draft-ietf-straw-b2bua-dtls-srtp-09: (with DISCUSS and COMMENT)
"Ben Campbell" <ben@nostrum.com> Wed, 02 December 2015 23:26 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: straw@ietfa.amsl.com
Delivered-To: straw@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 918E81A908C; Wed, 2 Dec 2015 15:26:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CvLwcS9gcrxR; Wed, 2 Dec 2015 15:26:11 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA61D1A1B1F; Wed, 2 Dec 2015 15:26:11 -0800 (PST)
Received: from [10.0.1.10] (cpe-70-119-203-4.tx.res.rr.com [70.119.203.4]) (authenticated bits=0) by nostrum.com (8.15.2/8.14.9) with ESMTPSA id tB2NQ4Lk071897 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 2 Dec 2015 17:26:05 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-119-203-4.tx.res.rr.com [70.119.203.4] claimed to be [10.0.1.10]
From: Ben Campbell <ben@nostrum.com>
To: Alissa Cooper <alissa@cooperw.in>
Date: Wed, 02 Dec 2015 17:26:04 -0600
Message-ID: <273F968A-84B6-4516-A83F-15BA9CE6C815@nostrum.com>
In-Reply-To: <A89556EE-3F18-4040-B7E9-97371F4A493B@cooperw.in>
References: <20151201045818.23491.19134.idtracker@ietfa.amsl.com> <4823C88F-6158-453D-A3EE-4AB7CEF055AA@nostrum.com> <A89556EE-3F18-4040-B7E9-97371F4A493B@cooperw.in>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9.3r5187)
Archived-At: <http://mailarchive.ietf.org/arch/msg/straw/v-hgdbFL35t3h01r6ofHZX93FY0>
Cc: draft-ietf-straw-b2bua-dtls-srtp@ietf.org, straw@ietf.org, IESG <iesg@ietf.org>, straw-chairs@ietf.org, christer.holmberg@ericsson.com
Subject: Re: [straw] Alissa Cooper's Discuss on draft-ietf-straw-b2bua-dtls-srtp-09: (with DISCUSS and COMMENT)
X-BeenThere: straw@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Sip Traversal Required for Applications to Work \(STRAW\) working group discussion list" <straw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/straw>, <mailto:straw-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/straw/>
List-Post: <mailto:straw@ietf.org>
List-Help: <mailto:straw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/straw>, <mailto:straw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2015 23:26:13 -0000
On 2 Dec 2015, at 9:17, Alissa Cooper wrote: >> On Nov 30, 2015, at 9:31 PM, Ben Campbell <ben@nostrum.com> wrote: >> >> A couple of quick comments on your discuss item 3 below. (I will >> leave it to the authors to respond to the rest) >> >> On 30 Nov 2015, at 22:58, Alissa Cooper wrote: >> >>> Alissa Cooper has entered the following ballot position for >>> draft-ietf-straw-b2bua-dtls-srtp-09: Discuss >>> [...] >>> >>> ---------------------------------------------------------------------- >>> DISCUSS: >>> ---------------------------------------------------------------------- [...] >>> >>> (3) >>> The characterization of the RFC 4474 mechanism seems to contradict >>> the >>> way the mechanism is actually specified. The 4474 mechanism was >>> designed >>> such that intermediaries would be able to provide signatures on >>> behalf of >>> users (e.g., see RFC 4474 Section 3, "This specification allows >>> either a >>> user agent or a proxy server to provide identity services and to >>> verify >>> identities ... in the initial use of this mechanism, it is likely >>> that >>> intermediaries will instantiate the authentication service role"). >>> So the >>> claim that terminating DTLS-SRTP would cause 4474 identity and >>> integrity >>> checks to fail isn't true, because an SBC can decrypt and re-sign >>> the >>> request itself. A B2BUA that bridges two administrative domains can >>> check >>> the validity of the signature in the domain on on side as >>> authorization >>> to form a new signature that is valid in the domain in the other >>> side. >>> >>> The fact that user-provided identity assertions are not guaranteed >>> to >>> persist end-to-end is one key reason for the ongoing work in the >>> STIR WG. >>> The work there and elsewhere shows that it's fairly widely >>> acknowledged >>> that 4474 has not seen the deployment that was hoped for when it was >>> specified. Making its use a normative requirement here again seems >>> out of >>> sync with deployment reality. I would encourage you to review >>> draft-ietf-stir-rfc4474bis and reconsider what security mechanism >>> should >>> form the basis of the recommendations in this draft. >> >> There was discussion that a b2bua could terminate dtls-srtp if it >> provided an identity service, or acted in collusion with an identity >> service. My understanding is that the authors felt that delving into >> special cases where it might be "okay" for a b2bua to terminate >> dtls-srtp would add too much complexity to the point. (There's also >> the fact that dtls-srtp says you SHOULD use 4474, not MUST). > > If you look at this through the lens of 4474 deployment, it isn’t > really a special case, since neither case is in much use. I think the > complexity arises because the document is trying to make > recommendations. If it were to just describe the implications of what > would happen if B2BUAs in various scenarios encountered 4474 > signatures, then at least it could be made to be a correct description > of the behaviors one could theoretically encounter. > >> >> I tend to agree on the complexity--but I think it would make sense to >> clarify this to say that a b2bua that is not also providing an >> identity service is likely to break things. > > I think the underlying problem here gets back to the question about > whether this draft is making recommendations that anyone implementing > a B2BUA is likely to follow, or whether it is making recommendations > for the sake of writing them down and attaching an RFC number to them. > Because if it’s the former, it doesn’t make much sense for the > basis of this to be 4474. > >> >> As far as 4474bis is concerned--they originally referenced 4474bis, >> and I suggested that they not do so. My reasoning was that both 4474 >> and 4474bis (as written at that time) protected the fingerprint, >> which was the important bit here--and that since 4474bis was expected >> to obsolete 4474, a reference to 4474 would "self upgrade", so to >> speak. Do you disagree with that? (But to be totally honest, my >> concern was entirely about avoiding an extended stay in MISSREF land. >> Maybe that's not as big of a concern now?) > > I think when we’re at the point where we spun up a working group for > the purpose of replacing the original document, we’re better off not > normatively requiring use of the original. But again here I question > whether it’s appropriate for this document, which is nominally about > B2BUA behavior, to be putting any requirements on endpoints in the > first place. The document shouldn't be making recommendations (especially normative ones) about client behavior here. (I thought we had taken that out, but obviously missed an instance.) > > The STIR work is advancing and there is demand for it to get done, so > I wouldn’t be worried about 4474bis not finishing. I'm confident it will get done. At the time I recommended 4474 rather than 4474bis, I was concerned it might take a while. I feel better about that after Yokohama :-). But in any case, we should think about wether this can be demoted to an informational reference, if we remove the attempt to specify endpoint behavior. Thanks! Ben.
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- [straw] Alissa Cooper's Discuss on draft-ietf-str… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- [straw] What is an "end"? Paul Kyzivat
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ram Mohan R (rmohanr)
- Re: [straw] What is an "end"? Ram Mohan R (rmohanr)
- Re: [straw] What is an "end"? Paul Kyzivat
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Tirumaleswar Reddy (tireddy)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ram Mohan R (rmohanr)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ram Mohan R (rmohanr)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ram Mohan R (rmohanr)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Tirumaleswar Reddy (tireddy)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Tirumaleswar Reddy (tireddy)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Paul Kyzivat
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Tirumaleswar Reddy (tireddy)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Tirumaleswar Reddy (tireddy)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Victor Pascual Avila
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ben Campbell
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Alissa Cooper
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ram Mohan R (rmohanr)
- Re: [straw] Alissa Cooper's Discuss on draft-ietf… Ram Mohan R (rmohanr)