[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lemonade] Security Considerations Pawn Ticket URLs

To: Arnt Gulbrandsen <arnt at oryx.com>
Subject: Re: [lemonade] Security Considerations Pawn Ticket URLs
From: Neil Cook <neil.cook at noware.co.uk>
Date: Wed, 24 Sep 2008 14:00:26 +0000
Authentication-results: ncookx smtp.user=ncook; auth=pass (LOGIN)
Cc: lemonade at ietf.org
Delivered-to: ietfarch-lemonade-web-archive at core3.amsl.com
Delivered-to: lemonade at core3.amsl.com
In-reply-to: <tNasjzU+8A9iOtNviybCCw.md5 at lochnagar.oryx.com>
List-archive: <https://www.ietf.org/mailman/private/lemonade>
List-help: <mailto:lemonade-request@ietf.org?subject=help>
List-id: Enhancements to Internet email to support diverse service enivronments <lemonade.ietf.org>
List-post: <mailto:lemonade@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/lemonade>, <mailto:lemonade-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/lemonade>, <mailto:lemonade-request@ietf.org?subject=unsubscribe>
References: <67980E1E-10BD-419D-9989-2FA1F176C022 at noware.co.uk> <13073304-D8ED-443D-8712-0EAD560F993A at standardstrack.com> <E2vzVloFHx1bdtPVpD7xHQ.md5 at lochnagar.oryx.com> <4D9EBFB3-7FBF-407B-9239-58475DFAECA0 at noware.co.uk> <tNasjzU+8A9iOtNviybCCw.md5 at lochnagar.oryx.com>
Sender: lemonade-bounces at ietf.org

Arnt,

Access to the media server is via SIP, which already has hasmechanisms to restrict access to authorized users, such as byrequesting authentication. For example, media servers might allowunauthenticated access from clients in the same administrative domain,but request credentials (or deny access) from clients in a differentadministrative domain.

In my opinion, the above mechanisms (policies for which would be inplace regardless of streaming) would be enough to make such attacks asyou describe below extremely difficult/unlikely. Media servers areextremely unlikely to allow access to the resources from any oldnetwork, and if they did, they probably wouldn't qualify to beincluded in the list of trusted servers. However, I think thepossibility of this type of attack should be mentioned in the SecurityConsiderations section.


Neil

On 24 Sep 2008, at 13:35, Arnt Gulbrandsen wrote:

Neil Cook writes:
The concern is about trust in the media server, i.e. that theclient is passing a URI to a media server that may or may not betrusted to do the right thing with the content. What this proposesis a way to restrict the URL from being used by media servers thatare not trusted by the IMAP server.
An untrusted malevolent media server can use the data if it canguess the name of an a trusted media server.
An innocent end user requests stream from an untrusted media server,which turns around, guesses a trusted server, connects to it,forwards the request and the stream and does something evil whileforwarding.
This attack breaks down if either a) media servers tend to be secureagainst MITM attacks or b) guessing the name of the trusted mediaserver is really difficult.
I guess I'm for or against the change depending on whether thisattack works or not.
Arnt


_______________________________________________
lemonade mailing list
lemonade at ietf.org
https://www.ietf.org/mailman/listinfo/lemonade
Supplemental Web Site:
http://www.standardstrack.com/ietf/lemonade

Follow-Ups:
- Re: [lemonade] Security Considerations Pawn Ticket URLs
  - From: Eric Burger
- Re: [lemonade] Security Considerations Pawn Ticket URLs
  - From: Arnt Gulbrandsen

References:
- Re: [lemonade] Security Considerations Pawn Ticket URLs
  - From: Eric Burger
- Re: [lemonade] Security Considerations Pawn Ticket URLs
  - From: Arnt Gulbrandsen
- Re: [lemonade] Security Considerations Pawn Ticket URLs
  - From: Neil Cook
- Re: [lemonade] Security Considerations Pawn Ticket URLs
  - From: Arnt Gulbrandsen

Prev by Date: Re: [lemonade] Security Considerations Pawn Ticket URLs
Next by Date: Re: [lemonade] Security Considerations Pawn Ticket URLs
Previous by thread: Re: [lemonade] Security Considerations Pawn Ticket URLs
Next by thread: Re: [lemonade] Security Considerations Pawn Ticket URLs
Index(es):
- Date
- Thread