STIR Problem Statement IETF 88 (Vancouver) Tuesday Session Jon Peterson.

Slides:



Advertisements
Similar presentations
SIP Interconnect Guidelines draft-hancock-sip-interconnect-guidelines-02 David Hancock, Daryl Malas.
Advertisements

IETF 71 SIPPING WG meeting draft-ietf-sipping-pai-update-00.
© 2006 NEC Corporation - Confidential age 1 November SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.
Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
STIR Secure Telephone Identity. Context and drivers STIR Working Group Charter Problem Statement Threats Status of work Related work and links Introduction.
1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
NSIS Transport Layer draft-ietf-nsis-ntlp-00.txt Slides:
Lucent Technologies - Proprietary 27 September, A look at security of Voice over IP protocols Irene Gassko Lucent Technologies Bell Laboratories.
Requirements for Resource Priority Mechanisms for the Session Initiation Protocol draft-ietf-ieprep-sip-reqs-01 Henning Schulzrinne Columbia University.
Spring Routing & Switching Umar Kalim Dept. of Communication Systems Engineering 06/04/2007.
Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.
Early Media in SIP: Problem Statement, Requirements, and Analysis of Solutions draft-barnes-sip-em-ps-req-sol Richard Barnes BBN Technologies IETF 68,
Voice over Internet Services and Privacy. Agenda Problem Description Scope Recommendations.
David A. Bryan, PPSP Workshop, Beijing, China, June 17th and 18th 2010 Tracker Protocol Proposal.
P2PSIP Charter Proposal Many people helped write this charter…
-framework Brian Rosen. -11 version deals with IESG comments All comment resolved one way or another One open issue – spec(t)
21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIH Protocol Security Date Submitted: December, 2007 Presented.
Working Group #4: Network Security – Best Practices March 6, 2013 Presenters: Rod Rasmussen, Internet Identity Tony Tauber, Comcast WG #4.
ICMP attacks against TCP draft-ietf-tcpm-icmp-attacks-01.txt Fernando Gont (UTN/FRH) 67 th IETF Meeting, San Diego, California, USA November 5-10, 2006.
1 A Path Forward on Identity Agreement on a problem space –We all agree that E.164 numbers don’t work well with RFC4474 –Less agreement about the requirements.
SDP negotiation of DataChannel sub-protocols draft-ejzak-mmusic-data-channel-sdpneg-02 draft-ejzak-dispatch-msrp-usage-data-channel-01 IETF 91 Honolulu.
STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.
SIPREC Conference Recording (draft-kyzivat-siprec-conference-use-cases-01) IETF 89, March 7, 2014 Authors: Michael Yan, Paul Kyzivat, Simon Romano.
Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.
Credentials Roadmap STIR WG IETF 90 (Toronto) Sean Turner
Karlstad University IP security Ge Zhang
Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon.
Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.
NEA Requirements Update -06 version summary. Posture Transport Considerations Issue –Ability of existing protocols used for network access to meet requirements.
1 Miscellaneous Capabilities for IP Network Infrastructure IETF 64 Vancouver, BC, Canada November 2005.
Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.
1 IETF 72 SIP WG meeting SIP Identity issues John Elwell et alia.
SIP working group IETF#70 Essential corrections Keith Drage.
ECSE Software Engineering 1I HO 4 © HY 2012 Lecture 4 Formal Methods A Library System Specification (Continued) From Specification to Design.
Rfc4474bis-01 IETF 90 (Toronto) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed,
1 IETF 88 (Vancouver) November 6, 2013 Cullen Jennings V3.
SIP PUBLISH draft-ietf-simple-publish-01 Aki Niemi
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Making SIP NAT Friendly Jonathan Rosenberg dynamicsoft.
Page 1 IETF Speermint Working Group Speermint Requirements/Guidelines for SIP session peering draft-ietf-speermint-requirements-02 IETF 69 - Monday July.
SIP Extensions for Network-Asserted Caller Identity and Privacy within Trusted Networks Flemming Andreasen W. Marshall, K. K. Ramakrishnan,
1 Pascal URIEN, IETF 63th Paris, France, 2nd August 2005 “draft-urien-eap-smartcard-type-02.txt” EAP Smart Card Protocol (EAP-SC)
Magnus Westerlund 1 The RTSP Core specification draft-ietf-mmusic-rfc2326bis-06.txt Magnus Westerlund Aravind Narasimhan Rob Lanphier Anup Rao Henning.
Emergency Context Resolution with Internet Technologies BOF (ecrit) Jon Peterson, Hannes Tschofenig BOF Chairs.
Rfc4474bis-03 IETF 92 (Texas) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed, signer/verifier.
1 Network Selection Problem Definition Draft-ietf-eap-netsel-problem-01.txt Jari Arkko Bernard Aboba.
GMPLS Recovery Signaling Issues draft-rhodes-rsvp-recovery-signaling-01 Nic Neate Data Connection Ltd (DCL)
1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.
Draft-ietf-sidr-roa-format draft-ietf-sidr-arch Matt Lepinski BBN Technologies.
RFC 4068bis draft-ietf-mipshop-fmipv6-rfc4068bis-01.txt Rajeev Koodli.
March 20th, 2001 SIP WG meeting 50th IETF SIP WG meeting Overlap signalling handling
Trust Anchor Update Requirements for DNSSEC Russ Mundy for the editors Steve Crocker, Howard Eland, Russ Mundy.
SPEERMINT Architecture - Reinaldo Penno Juniper Networks SPEERMINT, IETF 70 Vancouver, Canada 2 December 2007.
SIPREC Conference Recording (draft-kyzivat-siprec-conference-use-cases-00) IETF 87, November 4, 2013 Authors: Michael Yan, Paul Kyzivat, Simon Romano.
Draft-peterson-modern- problems-04 Jon Peterson MODERN WG IETF 95 (Buenos Aires)
DOTS Requirements Andrew Mortensen November 2015 IETF 94 1.
1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.
draft-rescorla-fallback-01
Jari Arkko Bernard Aboba
Interconnection & migration functions
Softwire Security Update
IEEE MEDIA INDEPENDENT HANDOVER DCN:
draft-ipdvb-sec-01.txt ULE Security Requirements
STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
BPSec: AD Review Comments and Responses
Presentation transcript:

STIR Problem Statement IETF 88 (Vancouver) Tuesday Session Jon Peterson

draft-ietf-stir-problem-statement -00 issued (after -02 of secure-origins-ps) Incorporated comments on previous drafts Milestone for this was September… So really, let’s try to work through whatever else we need today

What’s New in -00? Added a section about PAI Tried to reduce language about certificates and focus on “credentials” Removed references to CNIT Tried to be less judgmental about SBCs Trying to balance in-band and out-of-band

Random Cleanup for -01 Many nits from Phillipe Fouquart (thanks!) – Perhaps some language too US-specific “Certificated” Some fixes from Andrew Allen as well Adding a ref to RFC5039 (sipping-spam) Hadriel wanted some text added about call forwarding scenarios – How to differentiate a cut-and-paste from a legit call forward Should add some language about texting

VIPR and iMessage Been list discussion about these – Existence proofs from the deployment world are helpful to articulate the problem Proposal is to make iMessage one example among several – BB Messenger, Whatsapp, etc VIPR is as much a cautionary tale as an existence proof – Necessary to understand the privacy edges we need to avoid Neither iMessage nor VIPR are STIR solutions – But this ain’t a solution document – They do however have components salient to STIR

Distinctions, distinctions Currently problem-statement has definitions of in-band and out-of-band – Cannibalized from old “roadmap” section However there many hybrid ideas out there – Tunneling in-band information in non-SIP protocols – Doing out-of-band at gateways rather than at/near endpoints A simple proposal: in-band means in SIP – Out-of-band means everything else

More Open Issues Privacy – Preventing attackers from learning what numbers are being called – The VIPR Achilles heel – a risk for out-of-band STIR? How much message overhead are we willing to tolerate? – problem-statement today says “must” stay within UDP bounds Be explicit about whether STIR is interdomain or intradomain (or both)?

draft-ietf-stir-threats -00 issued – Text stripped out of problem statement document Received some review and comment Deliverable for this is November… – (not late yet!) Hopefully we’re close, here

Overview Text broken out from problem-statement into its own draft Defines actors, attacks and scenarios – Roles of endpoints and intermediaries – Attacker can observe and inject traffic – Two basic attacks: Voic hacking Spam (both voice and text) – Several scenarios IP-PSTN, PSTN-PSTN, IP-IP, PSTN-IP, IP-PSTN-IP

Scope of Work Assume robocalling can’t be “prevented” – It can only be detected and policy can block it Anonymity is not an attack – Some networks don’t provide identity – We may lose identity in gateways, etc, as well Connected identity out of scope Assume operators are not attackers – Intermediaries modifications are unbounded, and are not attacks Much depends on verifiers knowing when to expect identity

What’s New Helpful reviews from Brian Rosen, Alex Bobotek, Steve Kent – Reviewers noted the problems drift into solutioneering from time to time Some facts about the problem space suggest solutions For example, we have persistent relationships with voic services, and resulting solution opportunities Updated language on “threats” versus “attacks” Fixed language about choosing numbers for attacks – Are the “valid” or “assignable” or what have you Removed countermeasures descriptions that identified solutions

Now what? No comments on the new version, yet So we’re done, right? A few things we could discuss

Some Open Issues Biggest TBD: Should this draft include threats against the solutions? – Outlines of in-band and out-of-band mechanisms – If so, it will deliver late… Text message spam – Scenario should be IP-PSTN or IP-IP? Text about swatting (suggested by Brian) – Is CPN spoofing germane to swatting?

Dancing around MitM? Question about both threats and problem Threats: – In call paths with intermediaries and gateways (as described below), there may be no way to provide any assurance in the signaling about participants in the media of a call. In those end-to-end IP environments where such an assurance is possible, it is highly desirable. Similar text about support for non-TN identifiers – It’s not a requirement that we do it, but it’s not a requirement that we remove it either