IETF Logo Mail Archive

Re: [Tzdist] Stephen Farrell's No Objection on draft-ietf-tzdist-caldav-timezone-ref-04: (with COMMENT)

Cyrus Daboo <cyrus@daboo.name> Mon, 05 October 2015 15:52 UTC

Return-Path: <cyrus@daboo.name>
X-Original-To: tzdist@ietfa.amsl.com
Delivered-To: tzdist@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A77B81B31EF; Mon, 5 Oct 2015 08:52:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.912
X-Spam-Level:
X-Spam-Status: No, score=-1.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pcpabsBMs97W; Mon, 5 Oct 2015 08:52:24 -0700 (PDT)
Received: from daboo.name (daboo.name [173.13.55.49]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 174C61B31ED; Mon, 5 Oct 2015 08:52:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by daboo.name (Postfix) with ESMTP id 6A20E20E8DE8; Mon, 5 Oct 2015 11:52:23 -0400 (EDT)
X-Virus-Scanned: amavisd-new at example.com
Received: from daboo.name ([127.0.0.1]) by localhost (daboo.name [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tdt3PduRD2Gc; Mon, 5 Oct 2015 11:52:22 -0400 (EDT)
Received: from [192.168.1.35] (unknown [17.45.162.214]) by daboo.name (Postfix) with ESMTPSA id 61FC020E8DD7; Mon, 5 Oct 2015 11:52:21 -0400 (EDT)
Date: Mon, 05 Oct 2015 11:52:20 -0400
From: Cyrus Daboo <cyrus@daboo.name>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Message-ID: <31C472AFF9FCDED2E9D8A031@cyrus.local>
In-Reply-To: <20150930135935.9433.76218.idtracker@ietfa.amsl.com>
References: <20150930135935.9433.76218.idtracker@ietfa.amsl.com>
X-Mailer: Mulberry/4.1.0b1 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; size="3064"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tzdist/X0pSNy5SAVoXW-XwD9O33Z71F5I>
Cc: draft-ietf-tzdist-caldav-timezone-ref@ietf.org, tzdist@ietf.org, draft-ietf-tzdist-caldav-timezone-ref.shepherd@ietf.org, tzdist-chairs@ietf.org, draft-ietf-tzdist-caldav-timezone-ref.ad@ietf.org
Subject: Re: [Tzdist] Stephen Farrell's No Objection on draft-ietf-tzdist-caldav-timezone-ref-04: (with COMMENT)
X-BeenThere: tzdist@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <tzdist.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tzdist>, <mailto:tzdist-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tzdist/>
List-Post: <mailto:tzdist@ietf.org>
List-Help: <mailto:tzdist-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tzdist>, <mailto:tzdist-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2015 15:52:25 -0000

Hi Stephen,

--On September 30, 2015 at 6:59:35 AM -0700 Stephen Farrell 
<stephen.farrell@cs.tcd.ie> wrote:

> - 3.1.2: The tzdist protocol says clients SHOULD use TLS. A
> question then is ought servers here (be able to) include trust
> point information for tzdist for the service in question when
> they tell a client to use a particular tzdist service?

As in the CalDAV server includes some certificate information about the 
tzdist servers it connects to, so the clients can verify they see the same 
details when they connect? I think that is probably going a step too far 
given all the usual requirements to verify the tzdist service certs.

> - Given the three points below, maybe it is worth specifying
> some 'background' kind of traffic to be sent between client and
> tzdist services? What do you think?
>
> - section 4, point 5: that seems onerous - is a client supposed
> to retrieve all known timezones from all servers?  What if/when
> those change?

The client definitely needs to retrive the full time zone data for any time 
zones it is using in calendar data - there is no way around that. Beyond 
that they are really not required to retrive all time zone data. For those 
time zones they do retrive, they do need to keep those up to date by 
following suggestions in the tzdist protocol spec.

> - section 8: missing privacy issue: if I create an event using a
> weird TZ and can see who accesses the tzdist service, then I can
> find out who is subscribed to some calendars maybe. Worth
> noting? I don't see what can be done about it, except maybe to
> ask clients to occasionally make a random query to the tzdist
> service just to confuse matters, but that'd also have downsides
> if not done well.

I will add a new Privacy Considerations section that references the tzdist 
protocol privacy section (which is very comprehensive):

9.  Privacy Considerations

   The privacy recommendations in Section 9 of the Time Zone Data
   Distribution Service [I-D.ietf-tzdist-service] specification SHOULD
   be used to ensure that details of clients' interactions with CalDAV
   servers are not exposed to potential network observers.

> - section 8: missing security issue: if a lot of clients are
> fetching this information from a tzdist server, then that
> becomes an interesting thing to attack as the consequences could
> be significant. Maybe worth noting just to encourage folks to
> (document their code so as to get others to) think about this
> when deploying.

I can add the following as a new paragraph in the security considerations:

   This specifications adds Time Zone Data Distribution Service
   [I-D.ietf-tzdist-service] servers into the overall calendaring and
   scheduling client/server architecture, as a critical component, and
   thus adds a new vector of attack against such systems.  As such,
   administrators of CalDAV servers SHOULD ensure that any advertised
   time zone distribution servers are protected by a level of security
   commensurate with all the other components in the system.


-- 
Cyrus Daboo

v2.23.0 | Report a Bug | By Email