Re: [tram] Sync STUN and SIP auth
Marc Petit-Huguenin <petithug@acm.org> Thu, 19 March 2015 13:55 UTC
Return-Path: <petithug@acm.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE3E51AC3F8 for <tram@ietfa.amsl.com>; Thu, 19 Mar 2015 06:55:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.236
X-Spam-Level:
X-Spam-Status: No, score=-1.236 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BRFuBrhrNnyd for <tram@ietfa.amsl.com>; Thu, 19 Mar 2015 06:55:09 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 349B81AC3F7 for <tram@ietf.org>; Thu, 19 Mar 2015 06:55:09 -0700 (PDT)
Received: from [IPv6:2602:43:2da:6400:f9c1:b626:6a91:92e2] (unknown [IPv6:2602:43:2da:6400:f9c1:b626:6a91:92e2]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id EA6D4203C1; Thu, 19 Mar 2015 14:55:07 +0100 (CET)
Message-ID: <550AD53A.6090007@acm.org>
Date: Thu, 19 Mar 2015 07:55:06 -0600
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.5.0
MIME-Version: 1.0
To: Simon Perreault <sperreault@jive.com>, Alan Johnston <alan.b.johnston@gmail.com>, "tram@ietf.org" <tram@ietf.org>
References: <CAKhHsXEcvr8W7qk3Czx1E+DqqVOk_8V_+Bn3ZB5yjXdf=7aGJQ@mail.gmail.com> <550AAF8A.9080205@acm.org> <550AD275.1010804@jive.com>
In-Reply-To: <550AD275.1010804@jive.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/gPyP_QqaUdh-eLSAvkrxsdxW09E>
Subject: Re: [tram] Sync STUN and SIP auth
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Mar 2015 13:55:15 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/19/2015 07:43 AM, Simon Perreault wrote: > Le 2015-03-19 07:14, Marc Petit-Huguenin a écrit : >>> Does the use of salted SHA256 for passwords match up with what is planned >>> for SIP? See: >>> >>> https://tools.ietf.org/html/draft-yusef-sipcore-digest-scheme >>> >>> Does H(A1) match up? Also, I'm not aware if this draft is moving forward: >>> >>> https://tools.ietf.org/html/draft-veltri-sip-alt-auth >> It is not, which is sad because I find it better than draft-yusef-sipcore-digest-scheme. It also fits better with STUN where the hash algorithm (SHA-1 and now SHA256) has been split off the password hash algorithm (MD5) from the beginning. draft-yusef-sipcore-digest-scheme does not even talk about the password algorithm, continuing the (I think) rather bad idea of linking the two together. > > What you're saying makes sense, yet does not bring us closer to syncing > STUN and SIP auth. I don't know if it is a possible goal, but I feel it > is our duty to at least explore the possibility. > > I note that the two drafts above are not working-group drafts. It would > be good to have a chat with the sipcore chairs in Dallas and reach a > common understanding of the situation... Let's do that, but I noticed that sipcore will not have a session in Dallas. > > Simon > - -- Marc Petit-Huguenin Email: marc@petit-huguenin.org Blog: http://blog.marc.petit-huguenin.org Profile: http://www.linkedin.com/in/petithug -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVCtU5AAoJECnERZXWan7EHyYP/1gnBqKC/J1zuPYg+M4Xg3qV tXFQwAcTv9CuF+/9j0+vkSyUluopXTPP4i9hf8Ms4PRZc6QT3ZkBqpDwkZZYuXQK zPyxT1o2D5XV1dnjYfZXZcN68Bf/5rR23EHYRdY1j/fMPrEJkVP7vtu3Sr3xfXA7 m4zcdKLA4u2OmK5aeDHP24+zcRAXOJ07WW6gudKSb3MAzOyn3sL4hC56tgQdJWNO wEyZXhIP4VdBjGy0Cs9wNrvZsgi7AR9J3HkOGZMv9gpH5ZI3yJYBHbyn3IuGa/ig u+rEXwXjdvBVPEmrNyd3PURop1V9szsHg2x86wn58DbH4YmRJeqXHT8uPiug+c7A 59rEPxiN3ajRQaN+KVEE7Zp5iQeFpPRKz6FJtd1261eMFawE0vMApGC4oaVZuEL8 KQIGu+trEixJG8SI29UwYq5YLOOQsDBLP+q6uV6nqYgz9G8I2d4MeTZpTHQxOoGl 3+8OFkUJzqiteo59PP281NW4GCwS63iuRNzGHkpdb14X9SA91MJ0EEU0tcfMbro7 u7APmH40ID8TqzfW2WQiL4ZlxxoyAIdMT4GkE13wAkxbJWQdEDJ19yfmMX6rtqnn lpMKsQFmZC3fyfZ43IuzJEziGcq+QDbltqetmef1kKnoDKTIHE3TX7FldUyIo7Ap P2FJWLCJksSm6yKh2O/2 =5Iz6 -----END PGP SIGNATURE-----
- [tram] Comments on draft-ietf-tram-stun-bis-01 Alan Johnston
- Re: [tram] Comments on draft-ietf-tram-stun-bis-01 Marc Petit-Huguenin
- [tram] Sync STUN and SIP auth Simon Perreault
- Re: [tram] Sync STUN and SIP auth Marc Petit-Huguenin
- Re: [tram] Sync STUN and SIP auth Alan Johnston