[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] comments on draft-kupwade-sip-iba-00

To: Eric Rescorla <ekr at networkresonance.com>, Dean Willis <dean.willis at softarmor.com>
Subject: Re: [Sip] comments on draft-kupwade-sip-iba-00
From: Hadriel Kaplan <HKaplan at acmepacket.com>
Date: Thu, 28 Feb 2008 22:26:13 -0500
Accept-language: en-US
Acceptlanguage: en-US
Cc: "sip at ietf.org" <sip at ietf.org>
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
In-reply-to: <20080228191408.677435081A at romeo.rtfm.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
References: <20080227170702.5A5C05081A at romeo.rtfm.com> <132324.81291.qm at web65509.mail.ac4.yahoo.com> <20080227171901.8EAE95081A at romeo.rtfm.com> <47C7017D.5020301 at softarmor.com> <20080228191408.677435081A at romeo.rtfm.com>
Sender: sip-bounces at ietf.org
Thread-index: Ach6Pg0Uj2oPtqKrTCOl6qxgkS+bCQAP+KuA
Thread-topic: [Sip] comments on draft-kupwade-sip-iba-00


> -----Original Message-----
> From: sip-bounces at ietf.org [mailto:sip-bounces at ietf.org] On Behalf Of Eric
> Rescorla
> Sent: Thursday, February 28, 2008 2:14 PM
>
> > And of
> > course, IBE could provide for message privacy as well as integrity
> > across the untrusted peers that will be serving as proxies.
>
> And now we're talking about something totally different: IBE.
> I agree that IBE has significantly different characteristics from
> PKI. The problems with IBE in SIP are totally different: namely
> not knowing the actual identity of the recipietn of the message.
> This is the norm in both SIP (retargeting) and P2P (churn)
> systems.

Not to belabor this topic, but I don't think retargeting is an issue for SIP use of IBE, if by that you mean Alice sent a request to Bob and it got retargeted to Charles and thus Charles could not decrypt it.  It would be considered a feature to some folks.  It would take a second request to fix it, but that's only if retargeting occurs, and then the caller gets to decide if they want to do it to Charles.

The real killer for SIP usage of IBE is that Alice has no idea what KG group Bob is a member of a priori.  For example if Alice is a member of a KG group called "CLINTON", and Bob is a member of KG group "OBAMA".  Alice won't know ahead of time that Bob is a member of OBAMA.  Even if Alice had the OBAMA keying info at hand to use, she wouldn't know Bob is a member of it until she tries reaching Bob.  Since that would happen a lot, there's no serious advantage over conventional pub-key retrieval to encrypt, methinks.

-hadriel
_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Dean Willis

References:
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Eric Rescorla
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Harsh Kupwade
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Eric Rescorla
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Dean Willis
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Eric Rescorla

Prev by Date: Re: [Sip] Revised agenda for SIP -- needs more work yet
Next by Date: Re: [Sip] comments on draft-kupwade-sip-iba-00
Previous by thread: Re: [Sip] comments on draft-kupwade-sip-iba-00
Next by thread: Re: [Sip] comments on draft-kupwade-sip-iba-00
Index(es):
- Date
- Thread