[secdir] sec-dir review of draft-ietf-stox-presence-07
Ben Laurie <benl@google.com> Mon, 03 February 2014 17:50 UTC
Return-Path: <benl@google.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6F451A01DA for <secdir@ietfa.amsl.com>; Mon, 3 Feb 2014 09:50:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.914
X-Spam-Level:
X-Spam-Status: No, score=-1.914 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 453jtx7VaepU for <secdir@ietfa.amsl.com>; Mon, 3 Feb 2014 09:50:26 -0800 (PST)
Received: from mail-vc0-x22f.google.com (mail-vc0-x22f.google.com [IPv6:2607:f8b0:400c:c03::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 08E381A01C9 for <secdir@ietf.org>; Mon, 3 Feb 2014 09:50:25 -0800 (PST)
Received: by mail-vc0-f175.google.com with SMTP id ij19so4906976vcb.6 for <secdir@ietf.org>; Mon, 03 Feb 2014 09:50:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=p7MK6Sw9aCrjAVOOv710wc55vtwZnfhsGiGEAbSDfhY=; b=OK1dCJ8nDvOM3YruGU5V8q8XHXY/PPpOUO915D3VJFzPQPzCyiHJ+E/LLGHWso1nX2 7GHS76ZQpRQLYQCgCnQi5HKhFdjnKc8QocG39vUHYSrch53eMgDggifsmVZO2seQuYEp zctn34aSjYXP5j4OGsLpPmWARPbZfb0J/V7zJFCYhfPMTwRZaygLfR8QYpZxce1SFcBN EfDewN+OGk5wYMwfZ4WJKpkrX6ZmdvjVzeujRyj6MzsX2Nj+DU3eTY0Aq0SxCp2GJxeK GBV7F1Jzedbl9qr1ftVQLrEbhCn3qNaeviJA1KecdwfjWIMIk5QlOM1DYKzk35S0pbDQ PNCA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=p7MK6Sw9aCrjAVOOv710wc55vtwZnfhsGiGEAbSDfhY=; b=dP4LAAmhHUfvYGbsvcX9jWOWdeI8Fp4c/mhnqbZpZ5F6vrYKNfmxDOa9DVSPW7Mvih 4RQ+z83qcmbzI/de0nkLdaTAL75qrzVKQGxQKdcBh1a1OTc4udEqihLYNCirO8yV9Ost 4oeGUjRGBGs0Xn2mpS1S/zgup5iFaB2/UoIoRe/C20kvmEjxJNq57feJYqC6+5biGlq5 JYcdHXce3Z4LvqoBMLZEj0iduoXTayM8S2HQMBAmAjBIUi8POQukOjcPVC3CNaXfadM3 Up0399aq3XdnT2RWJWIs7FyrgFd77YcRGPj27oyxw84eS/kSvJAigEUfcQ0rIn8NzPOZ GiFg==
X-Gm-Message-State: ALoCoQl9/PUisR+lrVbp0fKfCodA19WH6XkgpLO3/HCdY5BYT79E9P3p/gGvPzN4MNXNYqfItZAAJ4lojlXVlWeJGbzeR3SATux/mdiGmcWuhQOeExvISt3I0y3M3xUdk0Zc9fjdf6R0bDwCx5KJgH+K9OYsaKr9EWVEaOqRHi1F3x3Ys2y0qLm6BElzLdfiqIbh1azXz8/q
MIME-Version: 1.0
X-Received: by 10.220.58.202 with SMTP id i10mr2623581vch.23.1391449825545; Mon, 03 Feb 2014 09:50:25 -0800 (PST)
Received: by 10.52.230.105 with HTTP; Mon, 3 Feb 2014 09:50:25 -0800 (PST)
Date: Mon, 03 Feb 2014 17:50:25 +0000
Message-ID: <CABrd9SQ7EV5hZ-cEP3DLsBTN5WAwxUFpxndX=iUXzhJ68fu-6A@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-stox-presence.all@tools.ietf.org
Content-Type: text/plain; charset="UTF-8"
Subject: [secdir] sec-dir review of draft-ietf-stox-presence-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2014 17:50:27 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: ready with nits Detail: the I-D documents a mapping between two fairly well-matched presence protocols, and hence does not introduce much danger. The one area of concern is that SIP presence subscriptions are short-lived and XMPP's are long-lived, thus opening the possibility of an amplification attack against SIP via XMPP. The suggested mitigation is weak: "To help prevent such an attack, access to an XMPP- SIP gateway that is hosted on the XMPP network SHOULD be restricted to XMPP users associated with a single domain or trust realm (e.g., a gateway hosted at simple.example.com ought to allow only users within the example.com domain to access the gateway, not users within example.org, example.net, or any other domain)" Many XMPP servers allow open registration and so this defence is no defence at all in that case. Perhaps some kind of rate limitation would be useful? Also, this part: "Furthermore, whenever an XMPP-SIP gateway seeks to refresh an XMPP user's long-lived subscription to a SIP user's presence, it MUST first send an XMPP <presence/> stanza of type "probe" from the address of the gateway to the "bare JID" (user@domain.tld) of the XMPP user, to which the user's XMPP server MUST respond in accordance with [RFC6121]; however, the administrator of an XMPP-SIP gateway MAY (based on local service provisioning) exempt "known good" XMPP servers from this check (e.g., the XMPP server associated with the XMPP-SIP gateway as described above)." is unclear: how does it help?
- [secdir] sec-dir review of draft-ietf-stox-presen… Ben Laurie
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Peter Saint-Andre
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Peter Saint-Andre
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Ben Laurie
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Peter Saint-Andre
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Peter Saint-Andre
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Ben Laurie
- Re: [secdir] sec-dir review of draft-ietf-stox-pr… Peter Saint-Andre