Presentation is loading. Please wait.

Presentation is loading. Please wait.

STIR WG / IETF 94 Yokohama, Nov 2015 Jon

Published byArthur Watkins Modified over 6 years ago

Similar presentations

Presentation on theme: "STIR WG / IETF 94 Yokohama, Nov 2015 Jon"— Presentation transcript:

1 STIR WG / IETF 94 Yokohama, Nov 2015 Jon
rfc4474bis-06 STIR WG / IETF 94 Yokohama, Nov 2015 Jon

2 New Questions about Syntax
draft-wendt-verified-token came out Proposes an alternate syntax based on JWT Slightly different scope of protection Also a different assumed credentials model But rough agreement on what should be signed With a new (well, resurrected) requirement: Signature should be transportable outside of SIP RFC4474bis-05 couldn’t do that It is just a raw signature, not an object It is SIP-specific by design

3 A Compromise Position Previously, RFC4474bis built a “fake” string that it signed Concatenated To, From, Date, etc with “|” separator Then hashes, signs, and discards the string Never actually carried over the wire, can always be regenerated Signed bits go into the Identity header of the request Why not use JWT’s JSON header and claims objects instead of the “fake” string? Isn’t really more work from an implementation perspective Signature will then be compatible with JWT What about the header and claims? Optionally carry them in SIP –or don’t Hundreds of octets of redundant information – size matters Anyone could regenerate them from the SIP request itself Still use Identity header to carry the signature But now a usable JWT could be built from it

4 The Bare Minimum Telephone numbers Date Metadata
Both “To” and “From” semantics Though per previous rfc4474bis, “From” TN may derive from PAI Is there a need for a “switch” to signify using PAI? If so, that has been needed for like 15 years – yet it works Date What if networks change the Date? Well… Some form of cut-and-paste protection is required here We will not be able to accommodate all deployments Metadata How to acquire credentials, algorithm selection, etc.

5 The Bare Minimum Header: Claims:
{ "typ":"JWT", "alg":"RS256“, "x5u":" } Claims: { "orig":" ", "term":" ", "iat": " ” } base64 encode, concatenate with a “.”, hash, sign

6 Multiple Identity Signatures
Also a new design requirement Previously, RFC4474bis allowed only signature Though we have talked about verification assertions in the past… Someone along the path resigns the message to say, “I validated it up to this point and if you trust me, trust the message” Now we allow Identity to appear multiple times Ideally, different headers have different semantics Slides on extensibility and “spec” is coming up… Could be the requirements here are more like History-Info Be nice to figure out a way to make that secure Ultimately, we don’t decide how an authorization decision is made

7 Handling Metadata Collapsed Identity-Info into the Identity header
Includes algorithm parameter, locator for credential, and canon New “info” parameter carries the locator This is necessary to support multiple Identity headers Security properties of signing these? Inert, at least: no attack in the impersonation scope Worst case is that the verification fails, attacker gains naught Also, -06 has redone the optional “canon” parameter No longer just has the canonicalized telephone numbers Now, if present, carries the base64 encoded JSON header and claims object Basically, then first 2/3 of a JWT, where Identity carries the last 1/3 With “canon”, the JWT is entirely in the SIP request, just in two chunks

8 Extensibility JWT itself is extensible
Defining new claims follows its baseline procedures So, we could just move beyond the bare minimum But only if “canon” is included, so verifiers can inspect the signed fields Trade-off of message size to extensibility Want more? New optional “spec” parameter of Identity Points to an alternate set of fields to be signed You don’t need “canon” – smaller messages Useful when you’re signing many fields not in the base sig RFC4474bis currently has IANA FCFS for “spec” Though seriously, a specification is required

9 We Have the Technology RFC4474bis-6 looks like this
Still some lingering editorial inconsistencies This would be the time to say if the direction is a problem It is a significant change, though mostly the changes are in section 7 of the document Chris is now a co-author of RFC4474bis Going forward, RFC4474bis will pop the token back out into an independent document It would specify the JWT claims used Okay with the WG to have that separate WG item?

10 Next Steps We need another spin
Aligning with separate JWT draft Fixing a few lingering inconsistencies But there is some urgency here to get this done We’re really messing with syntax, not semantics Not so long ago, we were going to LC 4474bis We need to get back to that

11 The Job of non-SIP Transports
What are the actual use cases? Joke: UUI for Q.931 and SS7 XMPP? RTCWeb? Do those things actually need it? More? What are the requirements of those environments? What encodings can they actually carry? URL-safe useful? Human readable important? How important is human readability for SIP? Do we assume these protocols will carry their own copies of the telephone numbers? Effectively their own To/From headers? Profile work will be required for non-SIP uses, explaining JWT use

12 Not So SIP specific Design goal: survive gateway regeneration
SIP -> XMPP -> SIP calls should still be verifiable Hadriel wanted to do this, back when Removed the “method” from the signature There are some vulnerabilities, but few in STIR’s scope Still leaving in media key protection, when media keys are present Defined an optional “mky” claim for it This seems likely as useful for XMPP/Jingle as for SIP End to end SRTP via a gateway? Maybe not crazy Potentially solves a number of future use cases

Download ppt "STIR WG / IETF 94 Yokohama, Nov 2015 Jon"

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.

Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.

Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.
Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.

Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.
1 SIP WG meeting 73rd IETF - Minneapolis, MN, USA November, 2008 Return Routability Check draft-kuthan-sip-derive-00 Jiri

1 SIP WG meeting 73rd IETF - Minneapolis, MN, USA November, 2008 Return Routability Check draft-kuthan-sip-derive-00 Jiri
Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.

Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.
WG RAQMON Internet-Drafts RMON MIB WG Meeting Washington, Nov. 11, 2004.

WG RAQMON Internet-Drafts RMON MIB WG Meeting Washington, Nov. 11, 2004.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.

Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.

STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.
Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon.

Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon.
05.08.2005IETF63 - enum WG1 ENUM validation architecture & friends Alex Mayrhofer enum.at / 3.4.e164.arpa Bernie Höneisen SWITCH.

IETF63 - enum WG1 ENUM validation architecture & friends Alex Mayrhofer enum.at / 3.4.e164.arpa Bernie Höneisen SWITCH.
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.

Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.
Rfc4474bis-01 IETF 90 (Toronto) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed,

Rfc4474bis-01 IETF 90 (Toronto) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed,
1 IETF 88 (Vancouver) November 6, 2013 Cullen Jennings V3.

1 IETF 88 (Vancouver) November 6, 2013 Cullen Jennings V3.
STIR In-Band Signature Transport draft-kaplan-stir-ikes-out-00 Hadriel Kaplan.

STIR In-Band Signature Transport draft-kaplan-stir-ikes-out-00 Hadriel Kaplan.
SIP Extensions for Network-Asserted Caller Identity and Privacy within Trusted Networks Flemming Andreasen W. Marshall, K. K. Ramakrishnan,

SIP Extensions for Network-Asserted Caller Identity and Privacy within Trusted Networks Flemming Andreasen W. Marshall, K. K. Ramakrishnan,
Rfc4474bis-03 IETF 92 (Texas) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed, signer/verifier.

Rfc4474bis-03 IETF 92 (Texas) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed, signer/verifier.
Slide title In CAPITALS 50 pt Slide subtitle 32 pt RTSP draft-ietf-mmusic-rfc2396bis-10 Magnus Westerlund Co-auhtors: Henning Schulzrinne, Rob Lanphier,

Slide title In CAPITALS 50 pt Slide subtitle 32 pt RTSP draft-ietf-mmusic-rfc2396bis-10 Magnus Westerlund Co-auhtors: Henning Schulzrinne, Rob Lanphier,
NEMO Basic Support update IETF 61. Status IANA assignments done Very close to AUTH48 call Some issues raised recently We need to figure out if we want.

NEMO Basic Support update IETF 61. Status IANA assignments done Very close to AUTH48 call Some issues raised recently We need to figure out if we want.
Caller Preferences Jonathan Rosenberg dynamicsoft.

Caller Preferences Jonathan Rosenberg dynamicsoft.

Similar presentations

Ads by Google