[VIPR] Minutes for 2011/10/28 conference call
Marc Petit-Huguenin <petithug@acm.org> Wed, 02 November 2011 23:49 UTC
Return-Path: <petithug@acm.org>
X-Original-To: vipr@ietfa.amsl.com
Delivered-To: vipr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBE2311E8094 for <vipr@ietfa.amsl.com>; Wed, 2 Nov 2011 16:49:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.57
X-Spam-Level:
X-Spam-Status: No, score=-102.57 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IkNCY0AJKj7S for <vipr@ietfa.amsl.com>; Wed, 2 Nov 2011 16:49:57 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 6A17811E8073 for <vipr@ietf.org>; Wed, 2 Nov 2011 16:49:57 -0700 (PDT)
Received: from [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08] (shalmaneser.org [IPv6:2001:470:1f05:616:213:d4ff:fe04:3e08]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client CN "petithug", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id 390B520885 for <vipr@ietf.org>; Wed, 2 Nov 2011 23:41:03 +0000 (UTC)
Message-ID: <4EB1D720.3040704@acm.org>
Date: Wed, 02 Nov 2011 16:49:52 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.23) Gecko/20111010 Iceowl/1.0b2 Icedove/3.1.15
MIME-Version: 1.0
To: "vipr@ietf.org" <vipr@ietf.org>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Subject: [VIPR] Minutes for 2011/10/28 conference call
X-BeenThere: vipr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Verification Involving PSTN Reachability working group <vipr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vipr>, <mailto:vipr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vipr>
List-Post: <mailto:vipr@ietf.org>
List-Help: <mailto:vipr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vipr>, <mailto:vipr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2011 23:49:58 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VIPR Design Team conference call on Friday October 28th, from 9:05am to 9:55am PST. o Attendees: Mary Barnes Daryl Malas Jon Peterson Marc Petit-Huguenin Michael Procter o Regrets: Hakim Mehmood Muthu Arul Mozhi Perumal John Ward Dean Willis o Agenda - - Replacement ticket by client certificate (10 min) - - PVP privacy (10 min) - - PVP method entropy (10 min) - - Ticket renewal (10 min) - - Infrastructure overlays (10 min) - - VIPR troubleshooting (10 min) o Action items - - Remove method "a" and design method "c" that will hash the Caller-ID. - - Incorporate some text about ticket renewal. - - Add more text on ICE, TLS (but no profile). o Minutes - - Agenda Marc: I propose to have one more conference call next week, then to restart the work on November 28th, after the IETF meeting. Daryl: No objection. - - Replacement ticket by client certificate Marc: The discussion stalled on the certificate vs ticket discussion in the mailing-list, mostly my fault. Jon: It's a major change, so we should have a requirement process. Second running a CA is really complicated, and requiring all this system to constantly acting as CA is not optimum. Created certificates like this really is overkill. My 3rd point is that binding this with TLS does not seem to fit with SIP. I think that putting the signature is an header is a better idea, but there is thousand of other solutions and this seems disproportionate. Marc: You have a point that using the ticket as certificate for TLS is a problem, as it permit people to sell their tickets. As for the discussion about CA, the proposal is just to use X.509 as a container for everything that is already in the ticket. It's just a format change, and the only difference is for the developer, where libraries are available for X.509, but not for the Ticket. This is not different from what RELOAD is doing. Jon: [audio garbled] Marc: Yes in RELOAD you send a key, it send back a certificate, it would be the same thing. [audio lost] - - PVP privacy [audio lost] Michael: [...] the data will be significant for someone, so whether it's 48 hours or 2 years, that will be wrong for someone. Jon: We can design methods to increase the duration. We just need an argument that people won't laugh at. Definitively it can't be two years. Marc: What I mean is that it will take 2 years to crack the hash. Jon: Yes. We need to say something that we can put defensively in the draft. Marc: So do we want to keep method "a" as it is and define a method "c" that is hashing the Caller-ID, or replacing method "a' by hashing the Caller-ID, or do we want to do sometime else? My preference is for the first one. Michael: OK Mary: OK for method "c". Jon: Let's get rid of method "a" and make method "c". - - PVP method entropy Marc: We were stuck on the method entropy in the last meeting, so I sent the 3 solutions in the mailing-list. #1 is we do not care about entropy, #2 we care but it's done purely on the server side, #3 we care about entropy but the storage is done in the client side. Michael: Instead of a cookie, can it be stored in the Ticket? Marc: This was the plan, and you need this, to authenticate the entropy. The idea is to add a field that contains the entropy accumulated, and you resent your ticket for the next PVP transaction. The server validates, adds entropy and resends a new ticket. We need protection against someone using twice the same call to accumulate entropy. The easiest way for us is to do everything in the server, because we do not need text for that. Or we can make things easier for deployment, which is to do this on the client side. Jon: I want to get sufficient entropy, but I am not sure how much we get with PSTN calls. Marc: Yes, that's the first choice, one call, one route. - - Ticket renewal Marc: We discussed that in Quebec City, but without conclusion, and I made a proposal later. The idea is that it is acceptable to have a first call on the PSTN, but it is not acceptable to have periodical PSTN calls after this to renew the ticket. My proposal uses a draft which is in last call, and which is named - -sdp-cs. This permits to trigger a PSTN call based on an INVITE. So just before the expiration of the ticket, one of the call is selected to use PSTN and Internet in parallel. The PSTN call is used to trigger a validation. The advantage is that you do not switch back to PSTN. The problem is that you need to have access to the media, so SIP intermediaries could not use that. Michael: On this approach, you run the audio on the PSTN? Marc: You need to run the audio on both the PSTN and Internet because if we invent a new validation method in the future, like fingerprint, we need to recognize it on the PSTN. And we still need audio on the Internet side, because of wideband audio. Michael: Do we use the normal process, or is it more realtime? Marc: It is possible to use a method based on call duration, and the calling side can just use a random duration for the call. If for example the method is based on fingerprint, the call can hangup immediately. And this can provide us a path to a quicker validation. Jon: This is probably on the right track. Marc: I will try to incorporate something like this in the document. - - Infrastructure overlays Marc: We have to start thinking how VIPR will be deployed. And for VIPR to work, we absolutely need to have only one overlay. So the question is how to achieve this goal. So I submitted a draft to DISPATCH about Infrastructure Overlays. This draft contains only requirements. Michael: On the subject of having one overlay all around the planet, how does that square with previous discussions where we said that VIPR is not intended to be used by service providers or international grannies? We seems to try to make one universal thing that is not quite universal. Marc: I do not agree that this thing is not for everybody. Jon: The IETF is not in the business of mandating this, it is in the business of mandating what needs to be implemented in order to make interoperability work. The discussion we had about VIPR not been for service providers has been about the fact that VIPR is different from ENUM or SPEERMINT is. The discussion about this been for theses people is separate from the administrative problem of having one overlay. If there is islands of VIPR, then we made a mistake. Marc: There is some precedents to this in the IETF, like the DNS, ENUM and all the arpa stuff. So if someone want to participate in VIPR, how are we sure that they are all in the same overlay? Another related problem is that because VIPR is automatic, you do not have the possibility to do a interop test between VIPR domains. So we need to have a profile to make the calls. Jon: I would hesitate to say that we need a SIP profile. SIP has negotiation mechanism and VIPR should not constraint what VIPR should do. VIPR permits to do things that cannot be done today, but it should not require to do those things. Do you mean that we should profile codecs, or you should not do VIPR if you do not support Opus? Marc: Do we want to let people use G.711 after receiving a VIPR route? Jon: That would be pointless, But I see profile as a narrow list of things that need to be supported, There is a bunch of wideband codecs, or video codecs and other things that we should not have in the future. We can say that wideband should be supported, or what the options are, but mandating would be a mistake. Marc: I agree, but if you say that you need to support wideband, you still need a baseline. Do we want to have a SIP call failing after receiving a route? Jon: But, for example, having presence alone would be worth it, so I would really hesitate that we would mandate something. Daryl: I agree with that. Michael: I agree also. But we should specify things like TLS or ICE support and providing more guidelines to improve the probability of successful calls. Mary: I agree too. - -- Marc Petit-Huguenin Personal email: marc@petit-huguenin.org Professional email: petithug@acm.org Blog: http://blog.marc.petit-huguenin.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk6x1x8ACgkQ9RoMZyVa61fFKwCgja8ClzlLVwcr7nhGtHytAD4N FiMAn1mAOHbVRq22o8B4Be1kBkAITQ0V =wz++ -----END PGP SIGNATURE-----
- [VIPR] Minutes for 2011/10/28 conference call Marc Petit-Huguenin