From jon.peterson@neustar.biz Thu Dec 12 15:23:08 2013 Return-Path: X-Original-To: vipr@ietfa.amsl.com Delivered-To: vipr@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 676141AE139 for ; Thu, 12 Dec 2013 15:23:08 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.6 X-Spam-Level: X-Spam-Status: No, score=-101.6 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gK0flSBveo7I for ; Thu, 12 Dec 2013 15:23:06 -0800 (PST) Received: from neustar.com (smartmail.neustar.com [156.154.25.104]) by ietfa.amsl.com (Postfix) with ESMTP id 88A961AE07D for ; Thu, 12 Dec 2013 15:23:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neustar.biz; s=neustarbiz; t=1386890634; x=1702236150; q=dns/txt; h=From:Subject:Date:Message-ID:Content-Language: Content-Type; bh=Mq7OVe5gN/vF+JmAf/GfnZzIt1dztGg9gfNWalDT8Fo=; b=d8lnsNnCwF1ubYWh34Th0XZHVlUGH4nBBLnzbSfLzvvEqL55yHZZpxJARcs9DT 8HN7FjUuEhm/CqgM1jPCfSfA== Received: from ([10.31.58.70]) by chihiron2.nc.neustar.com with ESMTP with TLS id J041123125.30941908; Thu, 12 Dec 2013 18:23:53 -0500 Received: from STNTEXMB10.cis.neustar.com ([169.254.5.245]) by stntexhc11.cis.neustar.com ([::1]) with mapi id 14.02.0342.003; Thu, 12 Dec 2013 18:22:57 -0500 From: "Peterson, Jon" To: "vipr@ietf.org" Thread-Topic: vipr-overview-06 Thread-Index: AQHO95EXxM+mSnbfFEGJsRuzJOEZew== Date: Thu, 12 Dec 2013 23:22:57 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.6.130613 x-originating-ip: [192.168.129.151] x-ems-proccessed: R64IxjzeHPwwd+efoj3ZcA== x-ems-stamp: bsde+YaIz3eBxp9rkRlqJQ== Content-Type: multipart/alternative; boundary="_000_CECF854ECBE6Fjonpetersonneustarbiz_" MIME-Version: 1.0 Subject: [VIPR] vipr-overview-06 X-BeenThere: vipr@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Verification Involving PSTN Reachability working group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Dec 2013 23:23:08 -0000 --_000_CECF854ECBE6Fjonpetersonneustarbiz_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable At the seasonal risk of raising a Ghost of Working Groups Past - for those = of you still on this list, please do note the recent publication of vipr-ov= erview-06. This document is no longer being considered as a Standards Track= RFC, or even as a working group item of this now-defunct effort. It is bei= ng considered now as an individual Informational submission that documents = the VIPR architecture for the benefit of posterity, but also explains why w= e stopped working on VIPR as a potential Standard. If you are still interested, please do read this document and send any comm= ents to this list. For the most part, useful comments at this point will be= those that point out respects in which vipr-overview either fails to chara= cterize the VIPR system or fails to correctly document its shortcomings. Th= e new section 7.5 of the overview document is a good place to read up on th= e latter. It would be great to see any comments before the end of the year. After tha= t, this mailing list will formally give up the ghost. Jon Peterson Neustar, Inc. --_000_CECF854ECBE6Fjonpetersonneustarbiz_ Content-Type: text/html; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable

At the seasonal risk of raising a Ghost of Working Groups Past - for t= hose of you still on this list, please do note the recent publication of vi= pr-overview-06. This document is no longer being considered as a Standards = Track RFC, or even as a working group item of this now-defunct effort. It is being considered now as an in= dividual Informational submission that documents the VIPR architecture for = the benefit of posterity, but also explains why we stopped working on VIPR = as a potential Standard.

If you are still interested, please do read this document and send any= comments to this list. For the most part, useful comments at this point wi= ll be those that point out respects in which vipr-overview either fails to = characterize the VIPR system or fails to correctly document its shortcomings. The new section 7.5 of the o= verview document is a good place to read up on the latter.

It would be great to see any comments before the end of the year. Afte= r that, this mailing list will formally give up the ghost.

Jon Peterson
Neustar, Inc.
--_000_CECF854ECBE6Fjonpetersonneustarbiz_-- From michael@voip.co.uk Tue Dec 31 12:59:03 2013 Return-Path: X-Original-To: vipr@ietfa.amsl.com Delivered-To: vipr@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E61DA1AE348 for ; Tue, 31 Dec 2013 12:59:03 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.68 X-Spam-Level: X-Spam-Status: No, score=-1.68 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WMeZlrC_sXmn for ; Tue, 31 Dec 2013 12:59:02 -0800 (PST) Received: from na3sys009aog102.obsmtp.com (na3sys009aog102.obsmtp.com [74.125.149.69]) by ietfa.amsl.com (Postfix) with SMTP id 4B2E31AE2A4 for ; Tue, 31 Dec 2013 12:59:02 -0800 (PST) Received: from mail-wg0-f49.google.com ([74.125.82.49]) (using TLSv1) by na3sys009aob102.postini.com ([74.125.148.12]) with SMTP ID DSNKUsMwEHpYSriO/1gPAWnjgTLuCQEFKcWf@postini.com; Tue, 31 Dec 2013 12:58:56 PST Received: by mail-wg0-f49.google.com with SMTP id x12so11157351wgg.28 for ; Tue, 31 Dec 2013 12:58:54 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=i93Z4rjn0ZaWtL4YqxCgQ8AWFH3FQM9PnOmfWX73odA=; b=Nl6AVqymajQhxsy0F4x32g+TG9ATZcXcTYb4asfWHlExVtwZ1gVGOtvO680SMUy2+z j91Bb+NM9n0T6wOfU8vH3t3Y9uR0FRSqS6+0bctEG/QigGMOg9IAQsgYvkqQwPUuWrdT Sislf8/qPImg1jdpaMnK9ZLNBdBxoPU0t+8ykFb1z3bob6OyZcdTgTrUsxbxZ0s0qTs9 q+P29UXfjbnH0mQEuHPkbatREuQBO8cUXKkj/xsyZZxMUdyKC2CrdfnK/j2yK9aOILmD uc92s/5tiePGpkQa6y8cLdtZQYs4R5vjPy3XwsdKu6PmkxKZo3SoRfY0AEJ60yPCPBij QPtA== X-Gm-Message-State: ALoCoQkbA0WHhPa/CHQWh+wGCA70Um3qVTtm9XlmAvjjK8+4wywzfpA01yKu9nQRPxdM87fTHmniqaiHgWUATt+vWjBcGYjQA0pwPvzQQIc+XGgex+1yEqU36pvW76Vi0W8J+yW1M8kizkz4SDNgfUpuicsxn0jMiw== X-Received: by 10.194.57.130 with SMTP id i2mr946854wjq.69.1388523534979; Tue, 31 Dec 2013 12:58:54 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.194.57.130 with SMTP id i2mr946850wjq.69.1388523534911; Tue, 31 Dec 2013 12:58:54 -0800 (PST) Received: by 10.194.42.195 with HTTP; Tue, 31 Dec 2013 12:58:54 -0800 (PST) In-Reply-To: References: Date: Tue, 31 Dec 2013 20:58:54 +0000 Message-ID: From: Michael Procter To: "Peterson, Jon" Content-Type: text/plain; charset=ISO-8859-1 Cc: "vipr@ietf.org" Subject: Re: [VIPR] vipr-overview-06 X-BeenThere: vipr@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Verification Involving PSTN Reachability working group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Dec 2013 20:59:04 -0000 Hi Jon, Sorry for leaving comments until the last moment. I've mainly read section 7.5, as that seems to be the main area of change. The main attack that doesn't seem to be mentioned is the one that allows the approximate call start/end times to be used in conjunction with multiple registrations in the RELOAD DHT to find accurate call start/end times. A malicious server can then use these to authenticate itself as the caller to the called party, and perform a MITM attack on all signalling and media for future calls. This is described in section 2.2 of draft-procter-vipr-privacy-concerns-00, in the context of pranks, but it is certainly more widely applicable with an increased number of registrations. The reason I feel this attack should be included is that using call start/end times is likely to play a part in any similar effort in the future, and this is one of the attacks we should learn from. A number of the other attacks listed are likely to be avoided simply by increased awareness of the risks of 'pervasive passive monitoring', but this one is more active and should be noted for future attempts. Best regards, Michael