Skip to main content

Best Practices for Securing RTP Media Signaled with SIP
draft-ietf-sipbrandy-rtpsec-08

Revision differences

Document history

Date Rev. By Action
2020-10-08
08 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2020-07-20
08 (System) RFC Editor state changed to AUTH48 from RFC-EDITOR
2020-03-16
08 (System) RFC Editor state changed to RFC-EDITOR from REF
2020-01-16
08 (System) RFC Editor state changed to REF from EDIT
2019-08-16
08 (System) RFC Editor state changed to EDIT from MISSREF
2019-08-15
08 (System) RFC Editor state changed to MISSREF from EDIT
2019-08-15
08 (System) RFC Editor state changed to EDIT from MISSREF
2019-05-15
08 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2019-05-15
08 (System) IANA Action state changed to Waiting on RFC Editor from Waiting on Authors
2019-05-14
08 (System) IANA Action state changed to Waiting on Authors from In Progress
2019-05-14
08 (System) RFC Editor state changed to MISSREF
2019-05-14
08 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2019-05-14
08 (System) Announcement was received by RFC Editor
2019-05-14
08 (System) IANA Action state changed to In Progress
2019-05-14
08 Amy Vezza IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2019-05-14
08 Amy Vezza IESG has approved the document
2019-05-14
08 Amy Vezza Closed "Approve" ballot
2019-05-14
08 Amy Vezza Ballot approval text was generated
2019-05-14
08 Alexey Melnikov IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup
2019-05-02
08 Benjamin Kaduk [Ballot comment]
Thank you for resolving my Discuss point!
2019-05-02
08 Benjamin Kaduk [Ballot Position Update] Position for Benjamin Kaduk has been changed to No Objection from Discuss
2019-04-25
08 (System) Sub state has been changed to AD Followup from Revised ID Needed
2019-04-25
08 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2019-04-25
08 Russ Housley New version available: draft-ietf-sipbrandy-rtpsec-08.txt
2019-04-25
08 (System) New version approved
2019-04-25
08 (System) Request for posting confirmation emailed to previous authors: Russ Housley , Richard Barnes , Jon Peterson
2019-04-25
08 Russ Housley Uploaded new revision
2019-04-24
07 Alexey Melnikov [Ballot comment]
Taking over as the responsible AD from Ben.
2019-04-24
07 Alexey Melnikov [Ballot Position Update] Position for Alexey Melnikov has been changed to Yes from No Objection
2019-03-27
07 Cindy Morgan Shepherding AD changed to Alexey Melnikov
2019-03-07
07 Cindy Morgan IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation
2019-03-07
07 Ignas Bagdonas [Ballot Position Update] New position, No Objection, has been recorded for Ignas Bagdonas
2019-03-07
07 Benjamin Kaduk
[Ballot discuss]
I think we need to have a bit more clarity on exactly how/what parts of
4916 are updated (per Section 4.3).  Thta is, …
[Ballot discuss]
I think we need to have a bit more clarity on exactly how/what parts of
4916 are updated (per Section 4.3).  Thta is, we have some text that's
indented as if it's supposed to be logically inserted into a "revised
4916", but no indication of where or whether anything else is removed.
Furthermore, that text includes section references to portions of 4916
that are incorrect; normally an Update: would point to such text and say
"this is removed" or "this is replaced by ", and the current
formulation looks like it's constructing a virtual document that is
internally inconsistent.
2019-03-07
07 Benjamin Kaduk
[Ballot comment]
Thanks to the authors for putting together this comprehensive treatment
of what we need for full-stack media protection via SIP/SDP/etc.; it's a
pleasure …
[Ballot comment]
Thanks to the authors for putting together this comprehensive treatment
of what we need for full-stack media protection via SIP/SDP/etc.; it's a
pleasure to read.

That said, I'm a little confused at whether I signal in-band that I'm using the
Section 3.1 Comprehensive Protection vs. Section 3.2 Opportunistic Security.
Does the "msec" type get used in both cases?

Section 3.1

              Broadly, it is the responsibility of SIP to provide
  integrity protection for the media keying attributes conveyed by SDP,
  and those attributes will in turn identify the keys used by endpoints
  in the RTP media session(s) that SDP negotiates.  Note that this
  framework does not apply to keys that also require confidentiality
  protection in the signaling layer, such as the SDP "k=" line, which
  MUST NOT be used in conjunction with this profile.  In that way, once

Maybe s/keys/key exchange mechanisms/?  I misread this the first time around.

  SIP and SDP have exchanged the necessary information to initiate a
  session, media endpoints will have a strong assurance that the keys
  they exchange have not been tampered with by third parties, and that
  end-to-end confidentiality is available.

I think I'm missing a step in the reasoning here.  Just because the keys
themselves don't go in cleartext we're confident there's no tampering?

  To establishing the identity of the endpoints of a SIP session, this
  specification uses STIR [RFC8224].  The STIR Identity header has been

nit: 8224 doesn't really call itself "STIR" anywhere.

  STIR generates a signature over certain features of SIP requests,
  including header field values that contain an identity for the
  originator of the request, such as the From header field or P-
  Asserted-Identity field, and also over the media keys in SDP if they
  are present.  As currently defined, STIR only provides a signature
  over the "a=fingerprint" attribute, which is a key fingerprint
  utilized by DTLS-SRTP [RFC5763]; consequently, STIR only offers
  comprehensive protection for SIP sessions, in concert with SDP and
  SRTP, when DTLS-SRTP is the media security service.  [...]

I think that "over the media keys" is potentially confusing.  What seems
to be signed here is the [fingerprint of the] asymmetric keys used as
intput to a key-exchange mechanism that is used to generate the
(symmetric) media keys.

Section 3.2

  Opportunistic encryption approaches typically have no integrity
  protection for the keying material in SDP.  Sending SIP over TLS hop-
  by-hop between user agents and any intermediaries will reduce the
  prospect that active attackers can alter keys for session requests on
  the wire.  However, opportunistic confidentiality for media will
  prevent passive attacks of the form most common in the threat of
  pervasive monitoring.

I'm a little confused by this statement.  How is the capability of
active attackers reduced?

Section 4

"SIP UAS" (or even "UAS") are not listed as "well-known" at
https://www.rfc-editor.org/materials/abbrev.expansion.txt, so UAS should
be expanded on first use (or the terminology section expanded to note
documents with which the reader is assumed to be familiar).

  The SIPBRANDY deployment profile of STIR for media confidentiality
  thus shifts these responsibilities to the endpoints rather than the
  intermediaries.  [...]

Which responsibilities?

  When generating either an offer or an answer [RFC3264], compliant
  implementations MUST include an "a=fingerprint" attribute containing
  the fingerprint of an appropriate key (see Section 4.1).

nit: since this stuff crosses many different layers, is it friendly to
the reader to be explicit about "SDP offer or answer"?

Section 4.2

  Even for anonymous sessions, providing media confidentiality and
  partial SDP integrity is still desirable.  This specification
  RECOMMENDS using one-time self-signed certificates for anonymous
  communications, with a subjectAltName of
  "sip:anonymous@anonymous.invalid".  [...]

Should we recommend that the commonName be absent?

                This signature only provides protection against non-
  Identity aware entities that might modify SDP without altering the
  PASSporT conveyed in the Identity header.

It also protects against passive observers, right?

Section 4.4

  For this profile, however, a compliant verification service that
  receives a dialog-forming SIP request containing an Identity header
  with a PASSporT type of "msec", after validating the request per the
  steps described in Section 6.2 of [RFC8224], MUST reject the request
  if there is any failure in that validation process with the
  appropriate status code per Section 6.2.2.  [...]

nit: that's 6.2.2 of RFC8224 still, but the tooling (and arguably some
readers as well) will pick it up as section 6.2.2 of the current
document (which does not exist).

                    As any verification service that receives an
  Identity header in a SIP request with an unrecognized PASSporT type
  will simply ignore that Identity header, an authentication service
  will know whether or not the terminating side supports "msec" based
  on whether or not its user agent receives a signed request in the
  backwards direction per Section 4.3.  [...]

Is this actually the case?  My understanding was that an active MITM
could drop the authentication bits and obscure whether the actual
peer supports "msec".

Section 6

                  In many such implementations, only hop-by-hop media
  confidentiality is possible.  Work is ongoing to specify a means to
  encrypt both the hop-by-hop media between a user agent and a
  centralized server as well as the end-to-end media between user
  agents, but is not sufficiently mature at this time to make a
  recommendation for a best practice here.  [...]

Tantalizing, but you're not going to give an informative reference?

Section 7

  Note that in the comprehensive protection case, the use of Connected
  Identity [RFC4916] with ICE entails that the answer containing the
  key fingerprints, and thus the STIR signature, will come in an UPDATE
  sent in the backwards direction a provisional response and
  acknowledgment (PRACK), rather than in any earlier SDP body.  [...]

nit: there seems to be a missing word here.

Section 12.2

It looks like trickle ICE should be normative (as we RECOMMEND its
implementation).
2019-03-07
07 Benjamin Kaduk [Ballot Position Update] New position, Discuss, has been recorded for Benjamin Kaduk
2019-03-07
07 Terry Manderson [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson
2019-03-07
07 Martin Vigoureux [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux
2019-03-06
07 Spencer Dawkins [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins
2019-03-06
07 Alissa Cooper
[Ballot comment]
Very glad to see this work coming to a close.

= Section 3.2 =

OLD
Work is already underway on defining approaches to …
[Ballot comment]
Very glad to see this work coming to a close.

= Section 3.2 =

OLD
Work is already underway on defining approaches to opportunistic media security for SIP in [I-D.johnston-dispatch-osrtp]

NEW
At the time of this writing, work was underway to define approaches to opportunistic media security for SIP in [draft-ietf-sipbrandy-osrtp]

= Section 4 =

s/at the endpoint obtain/at the endpoint to obtain/

= Section 5 =

Please update the OSRTP citation to point to draft-ietf-sipbrandy-osrtp.

= Section 10 =

Presumably "PASSporT Type registry" should say "PASSporT Resource Priority Header (rph) Types registry."
2019-03-06
07 Alissa Cooper [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper
2019-03-06
07 Deborah Brungard [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard
2019-03-06
07 Eric Rescorla
[Ballot comment]
Rich version of this review at:
https://mozphab-ietf.devsvcdev.mozaws.net/D4970



IMPORTANT
S 4.1.

>  4.1.  Credentials

>      In order to implement the …
[Ballot comment]
Rich version of this review at:
https://mozphab-ietf.devsvcdev.mozaws.net/D4970



IMPORTANT
S 4.1.

>  4.1.  Credentials

>      In order to implement the authentication service function in the user
>      agent, SIP endpoints will need to acquire the credentials needed to
>      sign for their own identity.  That identity is typically carried in

How do relying parties determine whether the certificate is attached
to an intermediary or the client.


S 4.1.
>      possession certificates similar to those used in the email world
>      could be offered for SIP, either for greenfield identifiers or for
>      telephone numbers, this specification does not require their use.

>      For users who do not possess such certificates, DTLS-SRTP [RFC5763]
>      permits the use of self-signed keys.  This profile of STIR employs

This doesn't seem quite right. DTLS-SRTP uses self-signed certs that
go in a fingerprint which is then transitively signed by the cert via
STIR

COMMENTS
S 1.
>      Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  14

>  1.  Introduction

>      The Session Initiation Protocol (SIP) [RFC3261] includes a suite of
>      security services, ranging from Digest authentication for

Nit: maybe "including". Ranging is an odd phrase with three things


S 1.
>      available, such as Secure RTP [RFC3711].  However, the practices
>      needed to bind security at the media layer to security at the SIP
>      layer, to provide an assurance that protection is in place all the
>      way up the stack, rely on a great many external security mechanisms
>      and practices, and require a central point of documentation to
>      explain their optimal use as a best practice.

This sentence is kind of run-on.


S 1.
>      and practices, and require a central point of documentation to
>      explain their optimal use as a best practice.

>      Revelations about widespread pervasive monitoring of the Internet
>      have led to a reevaluation of the threat model for Internet
>      communications [RFC7258].  In order to maximize the use of security

I don't actually agree that this is a reevaluation. 3552 already told
you what you needed to know here.


S 3.1.
>      STIR generates a signature over certain features of SIP requests,
>      including header field values that contain an identity for the
>      originator of the request, such as the From header field or P-
>      Asserted-Identity field, and also over the media keys in SDP if they
>      are present.  As currently defined, STIR only provides a signature
>      over the "a=fingerprint" attribute, which is a key fingerprint

Not "only" because you just said that it covered other things. Maybe
"in additon"


S 3.1.
>      Asserted-Identity field, and also over the media keys in SDP if they
>      are present.  As currently defined, STIR only provides a signature
>      over the "a=fingerprint" attribute, which is a key fingerprint
>      utilized by DTLS-SRTP [RFC5763]; consequently, STIR only offers
>      comprehensive protection for SIP sessions, in concert with SDP and
>      SRTP, when DTLS-SRTP is the media security service.  The underlying

I would remove the commas around , in concert,..
2019-03-06
07 Eric Rescorla [Ballot Position Update] New position, No Objection, has been recorded for Eric Rescorla
2019-03-06
07 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2019-03-05
07 Adam Roach
[Ballot comment]
Thanks to the work that the authors and other contributors have put into
describing these practices. I have a handful of relatively minor …
[Ballot comment]
Thanks to the work that the authors and other contributors have put into
describing these practices. I have a handful of relatively minor comments.

---------------------------------------------------------------------------

During the development of this document, was there any discussion of the
issues raised by draft-ietf-mmusic-sdp-uks?  Minimally, it seems that the
problem described there should be summarized and an informative link to that
document provided, probably somewhere in §3.1.

---------------------------------------------------------------------------

§4:

>  needs to be repeated at the endpoint obtain the end-to-end assurance.

Nit: "...at the endpoint to obtain end-to-end assurance."
                        ^^      ^

>  Intermediaries supporting this specification MUST NOT block or
>  otherwise redirects calls

Nit: "...redirect..."


---------------------------------------------------------------------------

§4:

>  STIR
>  authentication services MUST signal their compliance with this
>  specification by adding the "msec" header element defined in this
>  specification to the PASSporT header.

The use of the term "header element" threw me off for a few moments. It almost
sounds like the document is proposing a new  PASSporT parameter, rather than
defining a new value for the "ppt" parameter. I think this means to say
something like "...by adding a PASSporT with a type of "msec"..."

This phrasing also appears in section 8.

---------------------------------------------------------------------------

§4.1:

>  service on behalf of an entire domain, just as in SIP an proxy server

Nit: "...a proxy server..."

---------------------------------------------------------------------------

§4.3:

>  Identity header for the recipient of an INVITE.  The procedures in

Nit: "...Identity header field..."

---------------------------------------------------------------------------

§4.3:

>  STIR [RFC8224] provides integrity protection for the SDP bodies of
>  SIP requests...

I thought that generalized body protection was one of the things we removed
between 4474 and 8224. On a quick check, it looks like the only body-level
integrity protection 8224 affords is "a=fingerprint" attributes. I propose:

  "...provides integrity protection for the fingerprint attributes in SIP
  request bodies..."

(and similar changes for the other two mentions of "body" in this paragraph)

---------------------------------------------------------------------------

§4.4:

>  Identity header in a SIP request with an unrecognized PASSporT type

Nit: "...Identity header field..."

---------------------------------------------------------------------------

§6:

>  Another class of entities that might relay SIP media are back-to-back
>  user agents (B2BUAs).  If a B2BUA follows the guidance in [RFC7879],
>  it may be possible for those devices to act as media relays while
>  still permitting end-to-end confidentiality between user agents.

I'm a little surprised to see no mention of the interaction between B2BUAs and
the "trust on first use" technique described in Section 4.1. In particular, an
endpoint that is persistently behind a B2BUA, where that B2BUA implements the
Identity handling described in this document (acting as an endpoint) could
persistently receive the same identity for a remote user -- where that remote
identity is actually one created by the B2BUA.

I don't think mitigation is something this document needs to figure out; but I
think the situation should be called out explicitly.

---------------------------------------------------------------------------

§7:

>  In order to best enable end-to-end connectivity between user agents,
>  and to avoid media relays as much as possible, implementations of
>  this specification must support ICE [RFC8445].

It seems this is intended to be a normative "MUST."

---------------------------------------------------------------------------

§7:

>  ...will come in an UPDATE
>  sent in the backwards direction a provisional response and
>  acknowledgment (PRACK)...

I can't parse this clause. I think it means to say:

  ...will come in an UPDATE
  sent in the backwards direction, a provisional response, and
  a provisional acknowledgment (PRACK)...
2019-03-05
07 Adam Roach [Ballot Position Update] New position, Yes, has been recorded for Adam Roach
2019-03-05
07 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK
2019-03-05
07 Warren Kumari [Ballot comment]
Please also see Dan Romascanu's OpsDir review - it makes some really good points. Thanks Dan!
2019-03-05
07 Warren Kumari [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari
2019-03-05
07 Suresh Krishnan
[Ballot comment]
* Section 4.3.

I had a hard time understanding this updated text. Either this is incorrect (e.g. Should this refer to 8224 instead …
[Ballot comment]
* Section 4.3.

I had a hard time understanding this updated text. Either this is incorrect (e.g. Should this refer to 8224 instead of 4474?) or it needs some clarification.

"The examples in [RFC4916] are based on the original [RFC4916], and will not match signatures using [RFC4474]."
2019-03-05
07 Suresh Krishnan [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan
2019-03-04
07 Pete Resnick Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Pete Resnick. Sent review to list.
2019-02-28
07 Mirja Kühlewind [Ballot comment]
Given that use of ietf-mmusic-trickle-ice-sip is recommended, it feels like this doc should be a normative reference.
2019-02-28
07 Mirja Kühlewind [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind
2019-02-27
07 Alexey Melnikov [Ballot Position Update] New position, No Objection, has been recorded for Alexey Melnikov
2019-02-26
07 Dan Romascanu Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Dan Romascanu. Sent review to list.
2019-02-21
07 Ben Campbell IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead
2019-02-21
07 Ben Campbell Ballot has been issued
2019-02-21
07 Ben Campbell [Ballot Position Update] New position, Yes, has been recorded for Ben Campbell
2019-02-21
07 Ben Campbell Created "Approve" ballot
2019-02-21
07 Ben Campbell Ballot approval text was generated
2019-02-21
07 (System) IANA Review state changed to IANA - Not OK from IANA - Review Needed
2019-02-21
07 Amanda Baber
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-sipbrandy-rtpsec-07. If any part of this review is inaccurate, please let …
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-sipbrandy-rtpsec-07. If any part of this review is inaccurate, please let us know.

The IANA Functions Operator understands that upon approval of this document, there is a single action to complete.

In the PASSporT Resource Priority Header (rph) Types registry on the Personal Assertion Token (PASSporT) registry page located at

https://www.iana.org/assignments/passport/

a single new registration is to be made:

Type: msec
Reference: [ RFC-to-be ]

As this document is requesting registration in a Specification Required (see RFC 8126) registry, we have initiated the required expert review via a separate request. Expert review should be completed before your document is approved for publication as an RFC.

Note:  The actions requested in this document will not be completed until the document has been approved for publication. This message is meant only to confirm the list of actions that will be performed.

Thank you,

Amanda Baber
Lead IANA Services Specialist
2019-02-21
07 (System) IESG state changed to Waiting for AD Go-Ahead from In Last Call
2019-02-19
07 Liang Xia Request for Last Call review by SECDIR Completed: Ready. Reviewer: Liang Xia. Sent review to list.
2019-02-14
07 Tero Kivinen Request for Last Call review by SECDIR is assigned to Liang Xia
2019-02-14
07 Tero Kivinen Request for Last Call review by SECDIR is assigned to Liang Xia
2019-02-12
07 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Dan Romascanu
2019-02-12
07 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Dan Romascanu
2019-02-07
07 Jean Mahoney Request for Last Call review by GENART is assigned to Pete Resnick
2019-02-07
07 Jean Mahoney Request for Last Call review by GENART is assigned to Pete Resnick
2019-02-07
07 Amy Vezza Placed on agenda for telechat - 2019-03-07
2019-02-07
07 Amy Vezza IANA Review state changed to IANA - Review Needed
2019-02-07
07 Amy Vezza
The following Last Call announcement was sent out (ends 2019-02-21):

From: The IESG
To: IETF-Announce
CC: ben@nostrum.com, sipbrandy@ietf.org, sipbrandy-chairs@ietf.org, gonzalo.camarillo@ericsson.com, draft-ietf-sipbrandy-rtpsec@ietf.org …
The following Last Call announcement was sent out (ends 2019-02-21):

From: The IESG
To: IETF-Announce
CC: ben@nostrum.com, sipbrandy@ietf.org, sipbrandy-chairs@ietf.org, gonzalo.camarillo@ericsson.com, draft-ietf-sipbrandy-rtpsec@ietf.org, Gonzalo Camarillo
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (Best Practices for Securing RTP Media Signaled with SIP) to Best Current Practice


The IESG has received a request from the SIP Best-practice Recommendations
Against Network Dangers to privacY WG (sipbrandy) to consider the following
document: - 'Best Practices for Securing RTP Media Signaled with SIP'
  as Best Current Practice

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2019-02-21. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


  Although the Session Initiation Protocol (SIP) includes a suite of
  security services that has been expanded by numerous specifications
  over the years, there is no single place that explains how to use SIP
  to establish confidential media sessions.  Additionally, existing
  mechanisms have some feature gaps that need to be identified and
  resolved in order for them to address the pervasive monitoring threat
  model.  This specification describes best practices for negotiating
  confidential media with SIP, including both comprehensive protection
  solutions which bind the media to SIP-layer identities as well as
  opportunistic security solutions.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-sipbrandy-rtpsec/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-sipbrandy-rtpsec/ballot/


No IPR declarations have been submitted directly on this I-D.



2019-02-07
07 Amy Vezza IESG state changed to In Last Call from Last Call Requested
2019-02-07
07 Amy Vezza Last call announcement was changed
2019-02-06
07 Ben Campbell Last call was requested
2019-02-06
07 Ben Campbell IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2019-02-06
07 Ben Campbell Last call announcement was changed
2019-02-06
07 Ben Campbell Last call announcement was generated
2019-02-06
07 Ben Campbell Ballot writeup was changed
2019-02-06
07 Ben Campbell Ballot approval text was generated
2019-02-01
07 (System) Sub state has been changed to AD Followup from Revised ID Needed
2019-02-01
07 Russ Housley New version available: draft-ietf-sipbrandy-rtpsec-07.txt
2019-02-01
07 (System) New version approved
2019-02-01
07 (System) Request for posting confirmation emailed to previous authors: Russ Housley , Richard Barnes , Jon Peterson
2019-02-01
07 Russ Housley Uploaded new revision
2018-12-28
06 Ben Campbell
This is my AD Evaluation of draft-ietf-sipbrandy-rtpsec-06. I have a few substantive comments, and some editorial and nit comments. I’d like to resolve the substantive …
This is my AD Evaluation of draft-ietf-sipbrandy-rtpsec-06. I have a few substantive comments, and some editorial and nit comments. I’d like to resolve the substantive comments prior to IETF Last Call.
------------------------------

*** Substantive Comments ***

§4:
- general: The section explains the requirement that the AS and VS to be colocated with the caller and recipient UAs as because putting them in an intermediary could allow that intermediary to act as a MitM. Isn’t this more a question of trust than physical location? Users already need to trust the AS and VS for STIR to work at all. In particular, I don’t think it’s safe to imply that a local AS _can’t_ act as a MiTM unless the code is inspected (and perhaps signed) by a trusted entity.

For the record, I do not necessarily object to the colocation requirement; I’m just not entirely buying the explanation for it.

- 2nd paragraph: "While intermediaries MAY provide the verification service function of STIR for SIPBRANDY transactions,”: That seems to contradict the statement in the following paragraph that the user agent implementations MUST implement both the AS and VS.

§4.1:
- General: This section talks about self-signed certs and TOFU. Would you characterize those as comprehensive security? I suspect not, since they offer more exposure to active attacks. But I’m not sure they qualify as “opportunistic”, since they don’t (necessarily) allow a fallback to cleartext. In any case, some text discussing this question might be helpful. (This also includes §4.2)

- third paragraph: "This profile of STIR therefore relaxes the authority requirements of [RFC8224]”
Does that require this draft to formally update 8224?

§4.3: Does this draft need to formally update 4916? It’s not clear to me if this draft intends to update these, or is stating that these are some updates we should do in the future. The last paragraph suggests the latter, but the rest of the section seems to be more the former.

§4.4, last paragraph: Is there an expectation that the UA will alert the user if it allows the dialog to continue without media security?


*** Editorial Comments ***

- Abstract: Is it really still true that this draft provides solutions for opportunistic security? The draft mentions OS, but it seems to delegate the solutions to the osrtp draft.

§3.1, last paragraph:

- s/“To establishing”/“To establish”
- " STIR generates a signature over certain features of SIP requests,”: Is “features” the right word? Maybe “parameters”?
- "As currently defined, STIR only provides a signature over the "a=fingerprint" attribute”: That’s not really true. I think you mean to say that this is the only key exchange mechanism that STIR will sign as currently specced?

§3.2:
- first paragraph (and elsewhere in the doc): Please update the reference for the osrtp draft to "draft-ietf-sipbrandy-osrtp”
- last paragraph: “ opportunistic confidentiality for media will prevent passive attacks”: Should “will” be “may”, given that osrtp allows fallback to no confidentiality protection?

§4:
- Please expand UAS on first mention.
- is there something that could be cited for STIR’s “core threat model”?
- 2nd to last paragraph: "Implementations MUST provide key fingerprints in SDP ...” seems redundant to the last paragraph.

§4.1:
- first paragraph (and elsewhere): I found the use of the term “greenfield” to describe SIP URIs a bit confusing. I assume that is meant to contrast with “legacy” phone numbers, but there is no explanation to that effect. Is it insufficient to just say “SIP URIs” and “telephone numbers” without the additional qualification?

-2nd paragraph: This will hopefully eventually be over taken by events. Would it make sense to add an “At the time of this writing...” disclaimer?

§6: s/mux/multiplex, s/muxed/multiplexed

§7: “implementations of this specification must support ICE”: Should the “must” be “MUST”?
2018-12-28
06 Ben Campbell IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation
2018-10-30
06 Ben Campbell IESG state changed to AD Evaluation from Publication Requested
2018-10-30
06 Gonzalo Camarillo
PROTO Writeup for draft-ietf-sipbrandy-rtpsec-06

(1) What type of RFC is being requested (BCP, Proposed Standard,
    Internet Standard, Informational, Experimental, or Historic)? Why
  …
PROTO Writeup for draft-ietf-sipbrandy-rtpsec-06

(1) What type of RFC is being requested (BCP, Proposed Standard,
    Internet Standard, Informational, Experimental, or Historic)? Why
    is this the proper type of RFC? Is this type of RFC indicated in
    the title page header?

    BCP, as indicated in the title page header.

(2) The IESG approval announcement includes a Document Announcement
    Write-Up. Please provide such a Document Announcement
    Write-Up. Recent examples can be found in the "Action"
    announcements for approved documents. The approval announcement
    contains the following sections:

Technical Summary:

    Although the Session Initiation Protocol (SIP) includes a suite of
    security services that has been expanded by numerous
    specifications over the years, there is no single place that
    explains how to use SIP to establish confidential media sessions.
    Additionally, existing mechanisms have some feature gaps that need
    to be identified and resolved in order for them to address the
    pervasive monitoring threat model.  This specification describes
    best practices for negotiating confidential media with SIP,
    including both comprehensive protection solutions which bind the
    media to SIP-layer identities as well as opportunistic security
    solutions.

Working Group Summary:

    There is consensus in the WG around this document.

Document Quality:

    While parts of the specification have been implemented, we are not
    aware of any implementation that implements all of it. In fact,
    the goal with publishing this RFC is to get more implementations
    out there.

Personnel:

Who is the Document Shepherd? Who is the Responsible Area Director?

    Gonzalo Camarillo is the Document Shepherd. Ben Campbell is the
    responsible AD.

(3) Briefly describe the review of this document that was performed by
    the Document Shepherd. If this version of the document is not
    ready for publication, please explain why the document is being
    forwarded to the IESG.

    The document shepherd reviewed revision 06 of this document, which
    was ready for publication.

(4) Does the document Shepherd have any concerns about the depth or
    breadth of the reviews that have been performed?

    No.

(5) Do portions of the document need review from a particular or from
    broader perspective, e.g., security, operational complexity, AAA,
    DNS, DHCP, XML, or internationalization? If so, describe the
    review that took place.

    No.

(6) Describe any specific concerns or issues that the Document
    Shepherd has with this document that the Responsible Area Director
    and/or the IESG should be aware of? For example, perhaps he or she
    is uncomfortable with certain parts of the document, or has
    concerns whether there really is a need for it. In any event, if
    the WG has discussed those issues and has indicated that it still
    wishes to advance the document, detail those concerns here.

    No concerns.

(7) Has each author confirmed that any and all appropriate IPR
    disclosures required for full conformance with the provisions of
    BCP 78 and BCP 79 have already been filed. If not, explain why?

    Yes.

(8) Has an IPR disclosure been filed that references this document? If
    so, summarize any WG discussion and conclusion regarding the IPR
    disclosures.

    No.

(9) How solid is the WG consensus behind this document? Does it
    represent the strong concurrence of a few individuals, with others
    being silent, or does the WG as a whole understand and agree with
    it?

    The whole WG understands the document and agree with
    it. Nevertheless, the number of active participants in the
    SIPBRANDY WG is limited at this point.

(10) Has anyone threatened an appeal or otherwise indicated extreme
    discontent? If so, please summarise the areas of conflict in
    separate email messages to the Responsible Area Director. (It
    should be in a separate email because this questionnaire is
    publicly available.)

    No.

(11) Identify any ID nits the Document Shepherd has found in this
    document. (See http://www.ietf.org/tools/idnits/ and the
    Internet-Drafts Checklist). Boilerplate checks are not enough;
    this check needs to be thorough.

    The document contains no relevant nits.   

(12) Describe how the document meets any required formal review
    criteria, such as the MIB Doctor, media type, and URI type
    reviews.
   
    No formal reviews are needed.

(13) Have all references within this document been identified as
    either normative or informative?

    Yes.

(14) Are there normative references to documents that are not ready
    for advancement or are otherwise in an unclear state? If such
    normative references exist, what is the plan for their
    completion?

    No.

(15) Are there downward normative references references (see RFC
    3967
)? If so, list these downward references to support the Area
    Director in the Last Call procedure.

    No.

(16) Will publication of this document change the status of any
    existing RFCs? Are those RFCs listed on the title page header,
    listed in the abstract, and discussed in the introduction? If the
    RFCs are not listed in the Abstract and Introduction, explain
    why, and point to the part of the document where the relationship
    of this document to the other RFCs is discussed. If this
    information is not in the document, explain why the WG considers
    it unnecessary.

    No.

(17) Describe the Document Shepherd's review of the IANA
    considerations section, especially with regard to its consistency
    with the body of the document. Confirm that all protocol
    extensions that the document makes are associated with the
    appropriate reservations in IANA registries. Confirm that any
    referenced IANA registries have been clearly identified. Confirm
    that newly created IANA registries include a detailed
    specification of the initial contents for the registry, that
    allocations procedures for future registrations are defined, and
    a reasonable name for the new registry has been suggested (see
    RFC 5226).

    The IANA Considerations Section is complete and consistent.

(18) List any new IANA registries that require Expert Review for
    future allocations. Provide any public guidance that the IESG
    would find useful in selecting the IANA Experts for these new
    registries.

    No new registries are defined.

(19) Describe reviews and automated checks performed by the Document
    Shepherd to validate sections of the document written in a formal
    language, such as XML code, BNF rules, MIB definitions, etc.

    No such checks were needed.
2018-10-30
06 Gonzalo Camarillo Responsible AD changed to Ben Campbell
2018-10-30
06 Gonzalo Camarillo IETF WG state changed to Submitted to IESG for Publication from WG Document
2018-10-30
06 Gonzalo Camarillo IESG state changed to Publication Requested
2018-10-30
06 Gonzalo Camarillo IESG process started in state Publication Requested
2018-10-30
06 Gonzalo Camarillo Changed document writeup
2018-10-30
06 Gonzalo Camarillo Notification list changed to Gonzalo Camarillo <gonzalo.camarillo@ericsson.com>
2018-10-30
06 Gonzalo Camarillo Document shepherd changed to Gonzalo Camarillo
2018-10-30
06 Gonzalo Camarillo Changed consensus to Yes from Unknown
2018-10-30
06 Gonzalo Camarillo Intended Status changed to Best Current Practice from None
2018-10-15
06 Russ Housley New version available: draft-ietf-sipbrandy-rtpsec-06.txt
2018-10-15
06 (System) New version approved
2018-10-15
06 (System) Request for posting confirmation emailed to previous authors: Richard Barnes , Russell Housley , Jon Peterson
2018-10-15
06 Russ Housley Uploaded new revision
2018-10-12
05 Russ Housley New version available: draft-ietf-sipbrandy-rtpsec-05.txt
2018-10-12
05 (System) New version approved
2018-10-12
05 (System) Request for posting confirmation emailed to previous authors: sipbrandy-chairs@ietf.org, Richard Barnes , Eric Rescorla , Russell Housley , Jon Peterson
2018-10-12
05 Russ Housley Uploaded new revision
2018-05-01
04 Jon Peterson New version available: draft-ietf-sipbrandy-rtpsec-04.txt
2018-05-01
04 (System) New version approved
2018-05-01
04 (System) Request for posting confirmation emailed to previous authors: Jon Peterson , Eric Rescorla , Richard Barnes , sipbrandy-chairs@ietf.org, Russ Housley
2018-05-01
04 Jon Peterson Uploaded new revision
2017-10-30
03 Jon Peterson New version available: draft-ietf-sipbrandy-rtpsec-03.txt
2017-10-30
03 (System) New version approved
2017-10-30
03 (System) Request for posting confirmation emailed to previous authors: Jon Peterson , Richard Barnes , Eric Rescorla , Russ Housley
2017-10-30
03 Jon Peterson Uploaded new revision
2017-09-14
02 (System) Document has expired
2017-03-13
02 Jon Peterson New version available: draft-ietf-sipbrandy-rtpsec-02.txt
2017-03-13
02 (System) New version approved
2017-03-13
02 (System) Request for posting confirmation emailed to previous authors: Jon Peterson , Richard Barnes , Eric Rescorla , Russ Housley
2017-03-13
02 Jon Peterson Uploaded new revision
2016-11-13
01 Gonzalo Salgueiro Added to session: IETF-97: sipbrandy  Mon-0930
2016-10-31
01 Jon Peterson New version available: draft-ietf-sipbrandy-rtpsec-01.txt
2016-10-31
01 (System) New version approved
2016-10-31
00 (System) Request for posting confirmation emailed to previous authors: "Russ Housley" , "Eric Rescorla" , "Jon Peterson" , "Richard Barnes"
2016-10-31
00 Jon Peterson Uploaded new revision
2016-09-23
00 Jasmine Magallanes Request sent by Russ Housley on September 23, 2016.
2016-09-23
00 Jasmine Magallanes This document now replaces draft-peterson-sipbrandy-rtpsec instead of None
2016-09-09
00 Jon Peterson New version available: draft-ietf-sipbrandy-rtpsec-00.txt