[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Where Dean Went Wrong With Signing P-Asserted-Identity

To: "'Adam Roach'" <adam at nostrum.com>, "'Dean Willis'" <dean.willis at softarmor.com>
Subject: Re: [Sip] Where Dean Went Wrong With Signing P-Asserted-Identity
From: "Dan Wing" <dwing at cisco.com>
Date: Fri, 18 Jul 2008 14:38:40 -0700
Authentication-results: sj-dkim-2; header.From=dwing at cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
Cc: 'SIP IETF' <sip at ietf.org>
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=2893; t=1216417121; x=1217281121; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing at cisco.com; z=From:=20=22Dan=20Wing=22=20<dwing at cisco.com> |Subject:=20RE=3A=20[Sip]=20Where=20Dean=20Went=20Wrong=20W ith=20Signing=20P-Asserted-Identity |Sender:=20; bh=2JhDoRQvXB01sXbWb53N7TjZ7Jlfa7oN+2XfYsOEA9U=; b=wIdFuETqM5tued4HzTNRN6YYAQ8HTXwEHuD0iRccgtSr+swcKg/3bzXR+o /4VrGx3pz8Ry0dqn7Ir+gyRANP7YbPEX96YpQALIy4b9KAH9bsvwBGwhaHZ0 hAgJKqqzt7;
In-reply-to: <4880FDF2.6050308@nostrum.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <E6C2E8958BA59A4FB960963D475F7AC30EEDF3C361@mail.acmepacket.com> <048901c8e20d$1dddda70$eaa36b80@cisco.com> <48753393.5090307@nostrum.com> <48753605.5010604@cisco.com> <487536D9.900@nostrum.com> <48753B83.40205@cisco.com> <5D1A7985295922448D5550C94DE291800210D663@DEEXC1U01.de.lucent.com> <0D5F89FAC29E2C41B98A6A762007F5D0E3B735@GBNTHT12009MSX.gb002.siemens.net> <4877812B.1090802@nostrum.com> <48778FB9.4070206@cisco.com> <0D5F89FAC29E2C41B98A6A762007F5D0E3BC54@GBNTHT12009MSX.gb002.siemens.net> <4877AAEA.5040906@cisco.com> <4877ACE8.! ! 5060206@nostrum.com> <E6C2E8958BA59A4FB960963D475F7AC30EEE09B636@mail.acmepacket.com> <7BFB3CDA-4EFD-41C3-9CAB-210BE9BCF19F@softarmor.com> <E6C2E8958BA59A4FB960963D475F7AC30EEE09B652@mail.acmepacket.com> <4AE4272D-1A8E-45D6-8649-84114C423CEB@softarmor.com> <! 487BA4DA.2000909@nostrum.com> <A8E422CF-686B-4F08-B636-245D98477EAB@softarmor.com> <487E4DA3.10001@soft!armor.com> <E45364CA-318B-4409-B96F-D70B13E9A71C@softarmor.com> <4880FDF2. 6050308@nostrum.com>
Sender: sip-bounces at ietf.org
Thread-index: AcjpFXzzqXHqOJAfT6aXQJ+wwpIx1gACPiFg

> On 7/17/08 7:23 PM, Dean Willis wrote:
> >
> > -------
> > I've been informed that despite what I incorrectly thought, 
> > transitive  signing doesn't require any modification to RFC 4474.
> >
> > The 4474 spec requires that the subject of the cert used to sign  
> > correspond to the domain of the From. This is different from 
> > requiring  that the common names match. So any SBC can re-sign 
> > anything at any  time and break nothing, at the expense of 
> some crypto 
> > work.
> >
> > So, let's say adam at nostrum.com calls mat at cisco.com. Nostrum's AS 
> > might  sign Adam's INVITE.  Cisco's SBC might verify the signature, 
> > munge the  fields, mint itself a cert with a subject of 
> "nostrum.com" 
> > (using its  well-known Cisco CA key to sign that cert!) , and then 
> > sign the  request (replacing the Nostrum signature) using the new 
> > cert. Then mat at cisco.com  would verify Cisco's signature, and 
> > transitive trust is created. Of  course this doesn't say anything 
> > about why Michael should trust that  signature, although in this 
> > simplest case the rationale is obvious.  But for a 3rd service 
> > provider "in the middle", it is much less obvious.
> > ------
> >
> > I hastily typed "using its well known Nostrum CA key" instead of 
> > "using its well known Cisco CA key" in the last paragraph. 
> I knew what 
> > I meant, I just typed the wrong word. Sorry.
> >
> > This (as corrected) AFAIK cryptographically works. But it 
> doesn't work 
> > any better than P-Asserted-Identity and TLS. It still lacks a 
> > reversible chain-of-trust that is visible to the end user.
> >
> > I suppose the advantage is that, in the absence of an evil 
> > crypto-mangling SBC, you'd still get the benefit of 
> end-to-end (or at 
> > least authentication server to verifier) RFC 4474, which 
> MIGHT involve 
> > less transitive trust. But that doesn't seem too useful to 
> me. I think 
> > it would be much better to just patch RFC 4474 to work 
> through the SBC.
> 
> 
> The key difference is that one merely requires an explanation of how 
> things can be made to work;

Publishing a document that describes how RFC4474 is expected to work
with SBCs would be very valuable.  Such a document is long overdue.

-d


> the other requires development of Another 
> Way To Do The Same Thing, which (in protocols) is pretty much 
> always a 
> bad thing -- to be reasonably interoperable, implementations 
> are forced 
> to implement both (or all of) the defined mechanisms.
> 
> /a
> _______________________________________________
> Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
> This list is for NEW development of the core SIP Protocol
> Use sip-implementors at cs.columbia.edu for questions on current sip
> Use sipping at ietf.org for new developments on the application of sip

_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

References:
- [Sip] Signing P-Asserted-Identity
  - From: Hadriel Kaplan
- Re: [Sip] Signing P-Asserted-Identity
  - From: Dan Wing
- Re: [Sip] Signing P-Asserted-Identity
  - From: Adam Roach
- Re: [Sip] Signing P-Asserted-Identity
  - From: Jonathan Rosenberg
- Re: [Sip] Signing P-Asserted-Identity
  - From: Adam Roach
- Re: [Sip] Signing P-Asserted-Identity
  - From: Jonathan Rosenberg
- Re: [Sip] Signing P-Asserted-Identity
  - From: DRAGE, Keith $Keith$
- Re: [Sip] Signing P-Asserted-Identity
  - From: Elwell, John
- Re: [Sip] Signing P-Asserted-Identity
  - From: Adam Roach
- Re: [Sip] Signing P-Asserted-Identity
  - From: Paul Kyzivat
- Re: [Sip] Signing P-Asserted-Identity
  - From: Elwell, John
- Re: [Sip] Signing P-Asserted-Identity
  - From: Michael Thomas
- Re: [Sip] Signing P-Asserted-Identity
  - From: Hadriel Kaplan
- Re: [Sip] Signing P-Asserted-Identity
  - From: Dean Willis
- Re: [Sip] Signing P-Asserted-Identity
  - From: Hadriel Kaplan
- Re: [Sip] Signing P-Asserted-Identity
  - From: Dean Willis
- Re: [Sip] Signing P-Asserted-Identity
  - From: Dean Willis
- [Sip] Where Dean Went Wrong With Signing P-Asserted-Identity
  - From: Dean Willis
- Re: [Sip] Where Dean Went Wrong With Signing P-Asserted-Identity
  - From: Adam Roach

Prev by Date: Re: [Sip] Where Dean Went Wrong With Signing P-Asserted-Identity
Next by Date: Re: [Sip] Draft agenda, SIP at IETF 72
Previous by thread: Re: [Sip] Where Dean Went Wrong With Signing P-Asserted-Identity
Next by thread: Re: [Sip] Signing P-Asserted-Identity
Index(es):
- Date
- Thread