Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
"Salz, Rich" <rsalz@akamai.com> Wed, 22 April 2015 17:14 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B3251B3884; Wed, 22 Apr 2015 10:14:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.611
X-Spam-Level:
X-Spam-Status: No, score=-2.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YD6tUGkyZlge; Wed, 22 Apr 2015 10:14:06 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [72.246.2.115]) by ietfa.amsl.com (Postfix) with ESMTP id 8D83F1AD1A6; Wed, 22 Apr 2015 10:14:02 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id E138148F39; Wed, 22 Apr 2015 17:14:01 +0000 (GMT)
Received: from prod-mail-relay07.akamai.com (prod-mail-relay07.akamai.com [172.17.121.112]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id D4CE748F38; Wed, 22 Apr 2015 17:14:01 +0000 (GMT)
Received: from email.msg.corp.akamai.com (ecp.msg.corp.akamai.com [172.27.123.34]) by prod-mail-relay07.akamai.com (Postfix) with ESMTP id C959380040; Wed, 22 Apr 2015 17:14:01 +0000 (GMT)
Received: from USMA1EX-DAG1MB2.msg.corp.akamai.com (172.27.123.102) by usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP Server (TLS) id 15.0.913.22; Wed, 22 Apr 2015 13:14:01 -0400
Received: from USMA1EX-DAG1MB2.msg.corp.akamai.com ([172.27.123.102]) by usma1ex-dag1mb2.msg.corp.akamai.com ([172.27.123.102]) with mapi id 15.00.0913.011; Wed, 22 Apr 2015 13:13:42 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Thread-Topic: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
Thread-Index: AdB3YVGPz12ySXkWT06k1SM3uWcWXAFIhZcAAA98AgAAB6HLsP//6CYAgABCdGCAAJMLAIAAPutw
Date: Wed, 22 Apr 2015 17:13:42 +0000
Message-ID: <c64fcc847dfb4027861bed06ff498a36@usma1ex-dag1mb2.msg.corp.akamai.com>
References: <913383AAA69FF945B8F946018B75898A4120E0BD@xmb-rcd-x10.cisco.com> <55369856.7050203@akamai.com> <913383AAA69FF945B8F946018B75898A41214674@xmb-rcd-x10.cisco.com> <a20208ec333b45d29956e5bda4a61686@usma1ex-dag1mb2.msg.corp.akamai.com> <913383AAA69FF945B8F946018B75898A4121478B@xmb-rcd-x10.cisco.com> <30eaf35d875745128662076920f72ae8@usma1ex-dag1mb2.msg.corp.akamai.com> <CAKKJt-eTFgXNQUF_SvSwyJmXuxmBH0ejqz-T7OZepOBPn4oj0A@mail.gmail.com>
In-Reply-To: <CAKKJt-eTFgXNQUF_SvSwyJmXuxmBH0ejqz-T7OZepOBPn4oj0A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.19.41.188]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tram/vPY8X3jt7i3TQodZcs6gl-1MC9g>
X-Mailman-Approved-At: Fri, 24 Apr 2015 03:43:12 -0700
Cc: "tram-chairs@ietf.org" <tram-chairs@ietf.org>, "tram@ietf.org" <tram@ietf.org>, "rlb@ipv.sx" <rlb@ipv.sx>, "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>, "Williams, Brandon" <bowill@akamai.com>, Martin Thomson <martin.thomson@gmail.com>, "Stephen Farrell (stephen.farrell@cs.tcd.ie)" <stephen.farrell@cs.tcd.ie>
Subject: Re: [tram] Stephen Farrell's Discuss on draft-ietf-tram-turn-third-party-authz-13: (with DISCUSS and COMMENT)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Apr 2015 17:14:08 -0000
> but could you explain to me (I'm thinking like a sentence, not like a thesis) on why those concerns don't apply? Sure. First, look at https://tools.ietf.org/html/rfc6194#section-3 and quote that :) Second, this is not being used as a public signature mechanism, but as a private key for an HMAC. So you can't modify "original content" to find a collision since you don't have the content, and more importantly, you don't have the digest value for which the attacker is trying to find a collision. Hope that helps.
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- [tram] Stephen Farrell's Discuss on draft-ietf-tr… Stephen Farrell
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Martin Thomson
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Oleg Moskalenko
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Brandon Williams
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Spencer Dawkins at IETF
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Spencer Dawkins at IETF
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Tirumaleswar Reddy (tireddy)
- Re: [tram] Stephen Farrell's Discuss on draft-iet… Salz, Rich