RE: [Simple] New version of MSRP and MSRP relay

From simple-bounces@ietf.org Sat Jul 02 00:33:21 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DoZgv-0000OZ-L7; Sat, 02 Jul 2005 00:33:21 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DoZgp-0000OP-NF for simple@megatron.ietf.org; Sat, 02 Jul 2005 00:33:19 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA08011 for ; Sat, 2 Jul 2005 00:33:12 -0400 (EDT) Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Doa6u-0004pk-Dm for simple@ietf.org; Sat, 02 Jul 2005 01:00:13 -0400 Received: from sj-core-1.cisco.com (171.71.177.237) by sj-iport-3.cisco.com with ESMTP; 01 Jul 2005 21:33:04 -0700 X-IronPort-AV: i="3.93,252,1115017200"; d="scan'208"; a="285217347:sNHT29028920" Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j624WxvM001632; Fri, 1 Jul 2005 21:32:59 -0700 (PDT) Received: from xfe-rtp-201.amer.cisco.com ([64.102.31.38]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Sat, 2 Jul 2005 00:33:03 -0400 Received: from [192.168.1.100] ([10.86.243.56]) by xfe-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Sat, 2 Jul 2005 00:33:02 -0400 Message-ID: <42C618FD.7010006@cisco.com> Date: Sat, 02 Jul 2005 00:33:01 -0400 From: Jonathan Rosenberg User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Henning Schulzrinne Subject: Re: [Simple] element issue for common policy References: <42BC7CB6.7070503@cs.columbia.edu> In-Reply-To: <42BC7CB6.7070503@cs.columbia.edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 02 Jul 2005 04:33:03.0040 (UTC) FILETIME=[225E8400:01C57EBF] X-Spam-Score: 0.0 (/) X-Scan-Signature: a2c12dacc0736f14d6b540e805505a86 Content-Transfer-Encoding: 7bit Cc: Ted Hardie , simple@ietf.org X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org add mine to the list of apologies for long delays in responses.. more inline. Henning Schulzrinne wrote: > Ted Hardie wrote: > >> I agree that having the clause for applicability within the >> rule is better than the cases GeoPriv was most concerned with (it's >> always processed at the same time, so the evaluation order problem >> isn't salient). It is, though, a negative permission--it's a grant >> to all followed by a revoke to a limited set. One of the issues I >> expressed is that the limited set isn't useful, because of identity >> minting. The other is that the except clause here forces a change to >> the processing model. I'm concerned that changing the processing >> model to (Grant, followed by revoke) will open us to things that will >> have the problems GeoPriv wanted to avoid. > > > I don't quite agree with the statement of the model made above. This is > not "grant, then revoke". Rather, the exception condition restricts the > matching of the rule. Logically speaking, rule processing proceeds in > two phases: > > (1) Determine if the rule matches a request (subscription, location > request, etc.) > > (2) Execute the actions and grant the permissions (it's a bit more > complicated, but irrelevant for this discussion). > > The "all except" part only affects the matching (step 1), not the action > (step 2). > > This is an important difference, as it avoids the privacy unsafety > issues that grant-then-revoke would have. Rules are binary in matching, > i.e., they either match or don't, and thus the consequences you seem to > fear cannot occur, inside or outside of the geopriv context. > > I want to make the difference clear since I was also confused on this > point when this whole discussion started a year or so ago. > > Thus, to make up another example that avoids the identity-minting issue, > "Apply this rule at any location except New York" would be perfectly fine. > > The distinction becomes clearer if you consider hypothetically that we > might allow regular expressions in the matching part. We could have > something like > > [^0-9] > > which can be phrases as "any character except 0-9". Or, if we had a > numeric matching condition, something like "x > 9 || x < 0" could just > as easily be phrased as "any x except between 0 and 9". Clearly, neither > of these examples are "grant/revoke" conditions. Right. Put another way, putting an exception in the matching condition is just another way to define the set of users to whom the additive permissions apply. The only difference is that the set of people to whom they apply is potentially large, but there is no change in the model. Ted previously wrote: > Except clauses that are clearly tied to specific directives are better > than all-out negative permissions, but they can remain problematic > in their interaction with user expectations. If I say "Grant anyone > access to my timezone, except Hisham" and also say "Grant any > wg chair in APPs access to my full location", Hisham will get my > time zone--but this may not be what a user expects, especially > if the user expectation is driven by a sense of "override" and > wrote the "except Hisham" after the first rule was in place. This concern is valid under the assumption that users directly manipulate these rules. I dont think that this is going to be the case. I think that web applications and other things will provide nice UI for these, and present the user with decisions they can understand. An application might ask the user to define the set of watchers that are to be blocked. Separately, the user might provide lists of people to whom various information is to be granted. I think the web application would automatically add the blocked users to the exception list for every rule. This preserves the expected user experience. I've been on the fence on this topic for a long time, but at this point I am pretty solidly in favor of supporting exceptions for users within a domain rule, and exceptions for domains within an any rule. -Jonathan R. -- Jonathan D. Rosenberg, Ph.D. 600 Lanidex Plaza Director, Service Provider VoIP Architecture Parsippany, NJ 07054-2711 Cisco Systems jdrosen@cisco.com FAX: (973) 952-5050 http://www.jdrosen.net PHONE: (973) 952-5000 http://www.cisco.com _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Sun Jul 03 23:25:37 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpHaT-0002Lg-RM; Sun, 03 Jul 2005 23:25:37 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpHaS-0002Lb-2t for simple@megatron.ietf.org; Sun, 03 Jul 2005 23:25:36 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA12563 for ; Sun, 3 Jul 2005 23:25:33 -0400 (EDT) Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpI0w-0007cW-3O for simple@ietf.org; Sun, 03 Jul 2005 23:52:59 -0400 Received: from sj-core-5.cisco.com (171.71.177.238) by sj-iport-5.cisco.com with ESMTP; 03 Jul 2005 20:25:25 -0700 X-IronPort-AV: i="3.93,254,1115017200"; d="scan'208"; a="196187013:sNHT25560084" Received: from sea-alpha-e2k3.sea-alpha.cisco.com (sea-alpha-e2k3.cisco.com [10.93.132.88]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id j643P8Vl008179; Sun, 3 Jul 2005 20:25:24 -0700 (PDT) Received: from [127.0.0.1] ([171.68.225.134]) by sea-alpha-e2k3.sea-alpha.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Sun, 3 Jul 2005 20:29:41 -0700 User-Agent: Microsoft-Entourage/11.1.0.040913 Date: Sun, 03 Jul 2005 19:53:46 -0400 Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension From: Cullen Jennings To: Orit Levin , "simple@ietf.org" Message-ID: In-Reply-To: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit X-OriginalArrivalTime: 04 Jul 2005 03:29:42.0127 (UTC) FILETIME=[9DACB7F0:01C58048] X-Spam-Score: 1.8 (+) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de Content-Transfer-Encoding: 7bit Cc: X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org On 6/30/05 9:23 AM, "Orit Levin" wrote: > We don't have to have both if we agree that we use Digest as the common > denominator for all purposes (including for issuing the token) instead > of Basic. Yes, I understand now - that makes sense. I feel strongly that Digest is better idea than both but don't have as strong as feeling between Basic+TLS and Digest. _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Mon Jul 04 00:59:04 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpJ2u-000808-DW; Mon, 04 Jul 2005 00:59:04 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpJ2s-000803-26 for simple@megatron.ietf.org; Mon, 04 Jul 2005 00:59:02 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA19317 for ; Mon, 4 Jul 2005 00:58:59 -0400 (EDT) Received: from ylpvm12-ext.prodigy.net ([207.115.57.43] helo=ylpvm12.prodigy.net) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpJTM-0005ER-U5 for simple@ietf.org; Mon, 04 Jul 2005 01:26:26 -0400 Received: from pimout5-ext.prodigy.net (pimout5-int.prodigy.net [207.115.4.21]) by ylpvm12.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id j644wvpJ011119 for ; Mon, 4 Jul 2005 00:58:57 -0400 X-ORBL: [70.249.148.178] Received: from [192.168.0.101] (ppp-70-249-148-178.dsl.rcsntx.swbell.net [70.249.148.178]) by pimout5-ext.prodigy.net (8.13.4 outbound domainkey aix/8.13.4) with ESMTP id j644wwFu291518; Mon, 4 Jul 2005 00:58:58 -0400 Message-ID: <42C8C215.7020103@nostrum.com> Date: Sun, 03 Jul 2005 23:59:01 -0500 From: Adam Roach User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Cullen Jennings Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 9182cfff02fae4f1b6e9349e01d62f32 Content-Transfer-Encoding: 7bit Cc: Orit Levin , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Cullen Jennings wrote: >On 6/30/05 9:23 AM, "Orit Levin" wrote: > > > >>We don't have to have both if we agree that we use Digest as the common >>denominator for all purposes (including for issuing the token) instead >>of Basic. >> >> > >Yes, I understand now - that makes sense. I feel strongly that Digest is >better idea than both but don't have as strong as feeling between Basic+TLS >and Digest. > I'm probably rehashing old arguments here, but I do have a reasonably strong feeling about this. If I want to go through my "home" relay for message logging purposes, but first need to go through a firewall-traversal relay at a client's site, I'd prefer to have the ability to do so without giving the client's relay an opportunity to intercept my "home" relay password. /a _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 11:58:22 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DppoU-0003la-T4; Tue, 05 Jul 2005 11:58:22 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DppoT-0003l2-Px for simple@megatron.ietf.org; Tue, 05 Jul 2005 11:58:21 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA14226 for ; Tue, 5 Jul 2005 11:58:17 -0400 (EDT) Received: from mgw-ext04.nokia.com ([131.228.20.96]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpqFD-0003Mo-6s for simple@ietf.org; Tue, 05 Jul 2005 12:26:01 -0400 Received: from esebh107.NOE.Nokia.com (esebh107.ntc.nokia.com [172.21.143.143]) by mgw-ext04.nokia.com (Switch-3.1.7/Switch-3.1.7) with ESMTP id j65FgbNC003794; Tue, 5 Jul 2005 18:46:01 +0300 Received: from esebh001.NOE.Nokia.com ([172.21.138.28]) by esebh107.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 5 Jul 2005 18:50:10 +0300 Received: from [192.168.1.185] ([10.162.252.207]) by esebh001.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.6881); Tue, 5 Jul 2005 18:50:11 +0300 Message-ID: <42CAAC30.6080005@nokia.com> Date: Tue, 05 Jul 2005 18:50:08 +0300 From: Aki Niemi User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: ext Orit Levin Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 05 Jul 2005 15:50:11.0571 (UTC) FILETIME=[3A199C30:01C58179] X-Spam-Score: 0.0 (/) X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1 Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , simple@ietf.org X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Inline. ext Orit Levin wrote: > We don't have to have both if we agree that we use Digest as the common > denominator for all purposes (including for issuing the token) instead > of Basic. > > That being said, I agree that for issuing the MSRP forwarding tokens - > Basic syntax is enough. You could invent any other simple way of > exchanging a password forth and a token back - this is not exactly what > authentication is. Sorry, but what? That is exactly what authentication is; I present valid credentials to access a resource that in this case is the MSRP forwarding token. > The draft must clarify WHAT the described Basic format is being used for > (i.e. for issuing the MSRP forwarding token only) instead of saying that > this is THE way for a Relay to authenticate a client. Are you saying that the draft should describe Basic as something else and not authentication? If that is the case, I don't agree with it. > Also the spec must say that in order for a Relay to securely > (confidentially) authenticate a client, additional authentication > mechanisms MAY be defined to be used with MSRP. The spec must specify > NOW how the "issuing a token Basic-based procedure" will coexist with > any other real authentication procedures that (most probably) will ALSO > use the HTTP methods and formats. (It is really about "co-existence" > rather than "negotiation".) You seem to suggest that MSRP needs a challenge-response scheme because there is some other authentication scheme you intend to use with it. You wouldn't be talking about NTLM authentication here now would you? Cheers, Aki _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 13:04:23 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpqqN-0003XG-K1; Tue, 05 Jul 2005 13:04:23 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpqqL-0003VN-FO for simple@megatron.ietf.org; Tue, 05 Jul 2005 13:04:22 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA23996 for ; Tue, 5 Jul 2005 13:04:15 -0400 (EDT) Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DprH4-0000Zq-63 for simple@ietf.org; Tue, 05 Jul 2005 13:32:00 -0400 Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-5.cisco.com with ESMTP; 05 Jul 2005 10:04:06 -0700 X-IronPort-AV: i="3.93,261,1115017200"; d="scan'208"; a="196410793:sNHT26821616" Received: from sea-alpha-e2k3.sea-alpha.cisco.com (sea-alpha-e2k3.cisco.com [10.93.132.88]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j65H41od018296; Tue, 5 Jul 2005 10:04:01 -0700 (PDT) Received: from [10.0.1.3] ([10.21.145.120]) by sea-alpha-e2k3.sea-alpha.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 5 Jul 2005 10:08:26 -0700 User-Agent: Microsoft-Entourage/11.1.0.040913 Date: Tue, 05 Jul 2005 13:04:01 -0400 Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension From: Cullen Jennings To: Adam Roach , Orit Levin , "simple@ietf.org" , Rohan Mahy Message-ID: In-Reply-To: <42C8C215.7020103@nostrum.com> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit X-OriginalArrivalTime: 05 Jul 2005 17:08:26.0271 (UTC) FILETIME=[285BFAF0:01C58184] X-Spam-Score: 0.0 (/) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f Content-Transfer-Encoding: 7bit Cc: X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org On 7/4/05 12:59 AM, "Adam Roach" wrote: > I'm probably rehashing old arguments here, but I do have a reasonably > strong feeling about this. If I want to go through my "home" relay for > message logging purposes, but first need to go through a > firewall-traversal relay at a client's site, I'd prefer to have the > ability to do so without giving the client's relay an opportunity to > intercept my "home" relay password. If we agree that the above use case is a valid use case, then I imagine this discussion is probably over and all will agree we need to move to Digest. Rohan had some sort of argument that amounted to "Don't do this". Can we decide if we think this is a valid use case or not? _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 13:23:49 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dpr5y-00070a-So; Tue, 05 Jul 2005 13:20:30 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dpr5s-0006xe-Te for simple@megatron.ietf.org; Tue, 05 Jul 2005 13:20:26 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA25776 for ; Tue, 5 Jul 2005 13:20:18 -0400 (EDT) Received: from mtagate1.de.ibm.com ([195.212.29.150]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DprPh-0001RR-Sx for simple@ietf.org; Tue, 05 Jul 2005 13:40:55 -0400 Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate1.de.ibm.com (8.12.10/8.12.10) with ESMTP id j65HD0Fu110356 for ; Tue, 5 Jul 2005 17:13:00 GMT Received: from d12av04.megacenter.de.ibm.com (d12av04.megacenter.de.ibm.com [9.149.165.229]) by d12nrmr1607.megacenter.de.ibm.com (8.12.10/NCO/VER6.6) with ESMTP id j65HD0vc152352 for ; Tue, 5 Jul 2005 19:13:00 +0200 Received: from d12av04.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av04.megacenter.de.ibm.com (8.12.11/8.13.3) with ESMTP id j65HD0Dc009740 for ; Tue, 5 Jul 2005 19:13:00 +0200 Received: from d12mc102.megacenter.de.ibm.com (d12mc102.megacenter.de.ibm.com [9.149.167.114]) by d12av04.megacenter.de.ibm.com (8.12.11/8.12.11) with ESMTP id j65HD0a7009732; Tue, 5 Jul 2005 19:13:00 +0200 In-Reply-To: To: Cullen Jennings Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension MIME-Version: 1.0 X-Mailer: Lotus Notes Build V70_04112005NP April 11, 2005 Message-ID: From: Avshalom Houri Date: Tue, 5 Jul 2005 20:12:57 +0300 X-MIMETrack: Serialize by Router on D12MC102/12/M/IBM(V70_M4_01112005 Sidepack 2802|March 1, 2005) at 05/07/2005 20:12:59, Serialize complete at 05/07/2005 20:12:59 X-Spam-Score: 2.3 (++) X-Scan-Signature: 39bd8f8cbb76cae18b7e23f7cf6b2b9f Cc: Rohan Mahy , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1640834447==" Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org --===============1640834447== Content-Type: text/html; charset="US-ASCII"

Cullen Jennings <fluffy@cisco.com> wrote on 05/07/2005 08:04:01 PM: > On 7/4/05 12:59 AM, "Adam Roach" <adam@nostrum.com> wrote: > > > I'm probably rehashing old arguments here, but I do have a reasonably > > strong feeling about this. If I want to go through my "home" relay for > > message logging purposes, but first need to go through a > > firewall-traversal relay at a client's site, I'd prefer to have the > > ability to do so without giving the client's relay an opportunity to > > intercept my "home" relay password. > > If we agree that the above use case is a valid use case, then I imagine this > discussion is probably over and all will agree we need to move to Digest. > Rohan had some sort of argument that amounted to "Don't do this". Can we > decide if we think this is a valid use case or not? > I think that it is a valid use case. The average user will not know that
MSRP is sending the password on the clear over TLS. It will also be very hard
to instruct users to use a gateway in the hotel for example for one protocol and
not for the other. Most users do not even know what protocol their software is
using.

Avshalom
--===============1640834447== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple --===============1640834447==-- From simple-bounces@ietf.org Tue Jul 05 13:37:18 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprME-0001YV-8D; Tue, 05 Jul 2005 13:37:18 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprM9-0001VK-Pr for simple@megatron.ietf.org; Tue, 05 Jul 2005 13:37:16 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA28427 for ; Tue, 5 Jul 2005 13:37:06 -0400 (EDT) Received: from figas.ekabal.com ([204.61.215.10]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dprms-0003Xa-AX for simple@ietf.org; Tue, 05 Jul 2005 14:04:51 -0400 Received: from [131.161.248.83] (open-131-161-248-83.cliq.com [131.161.248.83]) (authenticated) by figas.ekabal.com (8.11.6/8.11.6) with ESMTP id j65Hau127138; Tue, 5 Jul 2005 10:36:56 -0700 In-Reply-To: References: Mime-Version: 1.0 (Apple Message framework v622) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <75346fbbbb1cfa1a82e7f7400a959d47@ekabal.com> Content-Transfer-Encoding: 7bit From: Rohan Mahy Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 10:36:43 -0700 To: Avshalom Houri X-Mailer: Apple Mail (2.622) X-Spam-Score: 0.0 (/) X-Scan-Signature: 4d87d2aa806f79fed918a62e834505ca Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Rohan Mahy , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Avshalom, I don't believe that the average user will go and manually configure some MSRP proxy they've never heard of before. What is the use case? Can anyone provide a *good* reason why you should be using arbitrary random relays and why this is reasonable from a security perspective. I personally hope that anyone enlightened enough to have heard of MSRP will be at least enlightened enough to allow outbound TCP connections from their network. thanks, -rohan On Jul 5, 2005, at 10:12, Avshalom Houri wrote: > Cullen Jennings wrote on 05/07/2005 08:04:01 PM: > > > On 7/4/05 12:59 AM, "Adam Roach" wrote: > > > > > I'm probably rehashing old arguments here, but I do have a > reasonably > > > strong feeling about this. If I want to go through my "home" > relay for > > > message logging purposes, but first need to go through a > > > firewall-traversal relay at a client's site, I'd prefer to have > the > > > ability to do so without giving the client's relay an opportunity > to > > > intercept my "home" relay password. > > > > If we agree that the above use case is a valid use case, then I > imagine this > > discussion is probably over and all will agree we need to move to > Digest. > > Rohan had some sort of argument that amounted to "Don't do this". > Can we > > decide if we think this is a valid use case or not? > > > I think that it is a valid use case. The average user will not know > that > MSRP is sending the password on the clear over TLS. It will also be > very hard > to instruct users to use a gateway in the hotel for example for one > protocol and > not for the other. Most users do not even know what protocol their > software is > using. > > Avshalom _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 13:52:48 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprbE-0003t3-EX; Tue, 05 Jul 2005 13:52:48 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprbB-0003rf-Ar for simple@megatron.ietf.org; Tue, 05 Jul 2005 13:52:45 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA29946 for ; Tue, 5 Jul 2005 13:52:44 -0400 (EDT) Received: from mgw-ext04.nokia.com ([131.228.20.96]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dprzl-00060c-ME for simple@ietf.org; Tue, 05 Jul 2005 14:18:11 -0400 Received: from esebh107.NOE.Nokia.com (esebh107.ntc.nokia.com [172.21.143.143]) by mgw-ext04.nokia.com (Switch-3.1.7/Switch-3.1.7) with ESMTP id j65HjEd8008186; Tue, 5 Jul 2005 20:45:25 +0300 Received: from esebh003.NOE.Nokia.com ([172.21.138.82]) by esebh107.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 5 Jul 2005 20:50:04 +0300 Received: from [192.168.1.185] ([10.162.252.207]) by esebh003.NOE.Nokia.com with Microsoft SMTPSVC(5.0.2195.6881); Tue, 5 Jul 2005 20:50:05 +0300 Message-ID: <42CAC84B.3040506@nokia.com> Date: Tue, 05 Jul 2005 20:50:03 +0300 From: Aki Niemi User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: ext Cullen Jennings Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication in MSRP relays extension References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 05 Jul 2005 17:50:05.0248 (UTC) FILETIME=[F9DD9C00:01C58189] X-Spam-Score: 0.0 (/) X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1 Content-Transfer-Encoding: 7bit Cc: Rohan Mahy , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Hi, I don't think this is a valid use case. If we are talking about corporate users here (and I assume we are), I have a hard time seeing MSRP logged via anything other than a VPN-tunnel along with other traffic the users generate (such as email). And VPNs seem to pass firewalls quite well already. Cheers, Aki ext Cullen Jennings wrote: > On 7/4/05 12:59 AM, "Adam Roach" wrote: > > >>I'm probably rehashing old arguments here, but I do have a reasonably >>strong feeling about this. If I want to go through my "home" relay for >>message logging purposes, but first need to go through a >>firewall-traversal relay at a client's site, I'd prefer to have the >>ability to do so without giving the client's relay an opportunity to >>intercept my "home" relay password. > > > If we agree that the above use case is a valid use case, then I imagine this > discussion is probably over and all will agree we need to move to Digest. > Rohan had some sort of argument that amounted to "Don't do this". Can we > decide if we think this is a valid use case or not? > > > > > > > _______________________________________________ > Simple mailing list > Simple@ietf.org > https://www1.ietf.org/mailman/listinfo/simple > _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 13:53:03 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprbT-000426-FN; Tue, 05 Jul 2005 13:53:03 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprbR-00040t-1N for simple@megatron.ietf.org; Tue, 05 Jul 2005 13:53:01 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA00164 for ; Tue, 5 Jul 2005 13:52:59 -0400 (EDT) Received: from numenor.qualcomm.com ([129.46.51.58]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dprvf-0005NW-4t for simple@ietf.org; Tue, 05 Jul 2005 14:13:56 -0400 Received: from crowley.qualcomm.com (crowley.qualcomm.com [129.46.61.151]) by numenor.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j65Hjj2m005050 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 5 Jul 2005 10:45:45 -0700 (PDT) Received: from [192.168.1.4] (vpn-10-50-0-32.qualcomm.com [10.50.0.32]) by crowley.qualcomm.com (8.12.10/8.12.5/1.0) with ESMTP id j65HjgRq010288; Tue, 5 Jul 2005 10:45:43 -0700 (PDT) Mime-Version: 1.0 Message-Id: In-Reply-To: <42C618FD.7010006@cisco.com> References: <42BC7CB6.7070503@cs.columbia.edu> <42C618FD.7010006@cisco.com> Date: Tue, 5 Jul 2005 10:45:41 -0700 To: Jonathan Rosenberg , Henning Schulzrinne From: Ted Hardie Subject: Re: [Simple] element issue for common policy Content-Type: text/plain; charset="us-ascii" X-Spam-Score: 0.0 (/) X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2 Cc: simple@ietf.org X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org At 12:33 AM -0400 7/2/05, Jonathan Rosenberg wrote: >> >>which can be phrases as "any character except 0-9". Or, if we had a numeric matching condition, something like "x > 9 || x < 0" could just as easily be phrased as "any x except between 0 and 9". Clearly, neither of these examples are "grant/revoke" conditions. > >Right. Put another way, putting an exception in the matching condition is just another way to define the set of users to whom the additive permissions apply. The only difference is that the set of people to whom they apply is potentially large, but there is no change in the model. >Ted previously wrote: >>Except clauses that are clearly tied to specific directives are better >>than all-out negative permissions, but they can remain problematic >>in their interaction with user expectations. If I say "Grant anyone >>access to my timezone, except Hisham" and also say "Grant any >>wg chair in APPs access to my full location", Hisham will get my >>time zone--but this may not be what a user expects, especially >>if the user expectation is driven by a sense of "override" and >>wrote the "except Hisham" after the first rule was in place. > >This concern is valid under the assumption that users directly manipulate these rules. I dont think that this is going to be the case. I think that web applications and other things will provide nice UI for these, and present the user with decisions they can understand. An application might ask the user to define the set of watchers that are to be blocked. Separately, the user might provide lists of people to whom various information is to be granted. I think the web application would automatically add the blocked users to the exception list for every rule. This preserves the expected user experience. > >I've been on the fence on this topic for a long time, but at this point I am pretty solidly in favor of supporting exceptions for users within a domain rule, and exceptions for domains within an any rule. Okay, I agree that you can model it in a set-based way that avoids many of the problems. I am pretty concerned that this won't actually get coded this way, both because grant/revoke is easier and because non-enumerable sets aren't intuitively easy to map into many environments. But, obviously, I'm in the "rough" on the consensus here. I would ask that we do two things: review the language in the documents to ensure it is clear that the steps are 1) create a set 2) grant permissions to that set, and that grant/revoke will have untoward results; and add language to the document as a hint to developers that UIs make crystal clear how "blocked users" will be handled in the rules engine (i.e. "excepted from every grant"). regards, Ted Hardie _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 14:09:07 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dprr1-0005xw-Q8; Tue, 05 Jul 2005 14:09:07 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dprqx-0005wZ-Rx for simple@megatron.ietf.org; Tue, 05 Jul 2005 14:09:04 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA01685 for ; Tue, 5 Jul 2005 14:09:01 -0400 (EDT) Received: from magus.nostrum.com ([69.5.195.2] helo=nostrum.com ident=root) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpsBw-0007yy-2Z for simple@ietf.org; Tue, 05 Jul 2005 14:30:45 -0400 Received: from [10.10.108.24] ([65.119.52.228]) (authenticated bits=0) by nostrum.com (8.12.11/8.12.11) with ESMTP id j65I1rxk054590 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Tue, 5 Jul 2005 13:01:54 -0500 (CDT) (envelope-from ben@nostrum.com) In-Reply-To: <75346fbbbb1cfa1a82e7f7400a959d47@ekabal.com> References: <75346fbbbb1cfa1a82e7f7400a959d47@ekabal.com> Mime-Version: 1.0 (Apple Message framework v730) Message-Id: From: Ben Campbell Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 13:01:47 -0500 To: Rohan Mahy X-Mailer: Apple Mail (2.730) Received-SPF: pass (nostrum.com: 65.119.52.228 is authenticated by a trusted mechanism) X-Spam-Score: 0.0 (/) X-Scan-Signature: 93e7fb8fef2e780414389440f367c879 Cc: Cullen Jennings , Adam Roach , Orit Levin , Avshalom Houri , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1902785066==" Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org --===============1902785066== Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-104-545387050; protocol="application/pkcs7-signature" --Apple-Mail-104-545387050 Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-Transfer-Encoding: 7bit On Jul 5, 2005, at 12:36 PM, Rohan Mahy wrote: > Avshalom, > > I don't believe that the average user will go and manually > configure some MSRP proxy they've never heard of before. What is > the use case? > > Can anyone provide a *good* reason why you should be using > arbitrary random relays and why this is reasonable from a security > perspective. > > I personally hope that anyone enlightened enough to have heard of > MSRP will be at least enlightened enough to allow outbound TCP > connections from their network. I think the large deployed base of HTTP proxies would tend to prove your hope a false one. It is _very_ common for enterprise networks to only allow HTTP connections via a locally controlled proxy. Why would you expect an enterprise firewall admin to treat MSRP any different that it treats HTTP? Don't get me wrong; I'd love to see mandatory HTTP proxies go away too. But I am not wasting much breath on the effort to make it happen. > > thanks, > -rohan > > > On Jul 5, 2005, at 10:12, Avshalom Houri wrote: > >> Cullen Jennings wrote on 05/07/2005 08:04:01 PM: >> >> > On 7/4/05 12:59 AM, "Adam Roach" wrote: >> > >> > > I'm probably rehashing old arguments here, but I do have a >> reasonably >> > > strong feeling about this. If I want to go through my "home" >> relay for >> > > message logging purposes, but first need to go through a >> > > firewall-traversal relay at a client's site, I'd prefer to >> have the >> > > ability to do so without giving the client's relay an >> opportunity to >> > > intercept my "home" relay password. >> > >> > If we agree that the above use case is a valid use case, then I >> imagine this >> > discussion is probably over and all will agree we need to move >> to Digest. >> > Rohan had some sort of argument that amounted to "Don't do >> this". Can we >> > decide if we think this is a valid use case or not? >> > >> I think that it is a valid use case. The average user will not >> know that >> MSRP is sending the password on the clear over TLS. It will also >> be very hard >> to instruct users to use a gateway in the hotel for example for >> one protocol and >> not for the other. Most users do not even know what protocol their >> software is >> using. >> >> Avshalom >> > > > _______________________________________________ > Simple mailing list > Simple@ietf.org > https://www1.ietf.org/mailman/listinfo/simple > --Apple-Mail-104-545387050 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGRTCCAv4w ggJnoAMCAQICAw3JSzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0EwHhcNMDUwMTExMjEyMzM5WhcNMDYwMTExMjEyMzM5WjBiMR8wHQYDVQQD ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR4wHAYJKoZIhvcNAQkBFg9iZW5Abm9zdHJ1bS5jb20x HzAdBgkqhkiG9w0BCQEWEGJlbkBlc3RhY2Fkby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCYWVM6KNDeP+5DdLWTRbBVLIVb4X4Yj6oYnbcNEPIRBuRGH8emhWbrCEBkDHaMQOEz izK6QEYjpoKcdmHLtKBWTMgzR/4danDoOjOeGfJ4fu9t1eXFsiVEyzf/ofZGhOzVR4q3ZfrotgjK kCTdrHpUBsyYRtRN5ZnBpxnkjVjJ77SAZ+JcSK+bs1dpohnRO6WL5ocfQXyMDzoUbnXDi1sUByd9 rCEa92lYpLKgEyr+7lkL3N56XofDV5Xzz9Y2+4GXKbTOjnN/RyNB3YDiXNB8DRclyiCvJINOFzjk 5R8AaGFs4lLoR3eZoAtidH0gp8DD1a+IEmHegjuRAmnVDqszAgMBAAGjPjA8MCwGA1UdEQQlMCOB D2JlbkBub3N0cnVtLmNvbYEQYmVuQGVzdGFjYWRvLm5ldDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3 DQEBBAUAA4GBACeJLe5lF2j4KsJLID+zX3t1TZvqhHqDrlpOL3ODVxK6ocXQE+bZwJX2bAhPm1Hb K8wMeeUK19VrqDnqoLzowtP+0hOjYV6CWf40OxdnjODcuSAqYsbmBBSkyRr6bQjzmqPCspJ70Dty AQ278NgOdlplxD0UJTfYKb0IPNUtuI3WMIIDPzCCAqigAwIBAgIBDTANBgkqhkiG9w0BAQUFADCB 0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAzMDcxNzAwMDAwMFoX DTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5n IChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENB MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7TrnKmVoeaMB1BHCd3+n/ox7svc31 W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/cVbLrzwLB+fxH5E2JCoTzyvV84J3 PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRAHmQZcmC3+wIDAQABo4GUMIGRMBIG A1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC50aGF3dGUuY29t L1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYDVR0PBAQDAgEGMCkGA1UdEQQiMCCkHjAc MRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODANBgkqhkiG9w0BAQUFAAOBgQBIjNFQg+oLLswN o2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82L8D0HFAgk3A8/a3hYWLD2ToZfoSxmRsAxRoLgnSe JVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fWxghOrvbqNOUQGls1TXfjViF4gtwhGTXeJLHTHUb/ XV9lTzGCAucwggLjAgEBMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0 aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5n IENBAgMNyUswCQYFKw4DAhoFAKCCAVMwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG 9w0BCQUxDxcNMDUwNzA1MTgwMTQ4WjAjBgkqhkiG9w0BCQQxFgQUPHTTM32dmUy+lpUPjNJKXF5o BdYweAYJKwYBBAGCNxAEMWswaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1 bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vp bmcgQ0ECAw3JSzB6BgsqhkiG9w0BCRACCzFroGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRo YXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVl bWFpbCBJc3N1aW5nIENBAgMNyUswDQYJKoZIhvcNAQEBBQAEggEAhWpbVxMVFY5YiQ1KogiCDfv3 OAj7xlWg8jijF5kg+iA15+zlE8eJJWN90LQJcltgnBOMcyHPA4hBNNbo/yGadruhTK55l28vX59P xO2G1kQzBsH0cCZO9wthI+bRMvWWuQ9K158246wEZNW1KI2+Tau5DHCS1DoeNmUCWvN5NJKaiOtU C1cm3JvmqmvLEVJgrXbtmwZYwJDVhRu78ZQvQ7FwYgEozY6A2aoCYif+YU4c2N9tIJ1whhQb9zro cP4rEuDf9tusr7iWYuyy50xGJNuks+NyUkUf/XfgjlbruJQSVwfqOeZVaqTmZMNLPiYcvV+Zndvb o9UeajMFDPe3nAAAAAAAAA== --Apple-Mail-104-545387050-- --===============1902785066== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple --===============1902785066==-- From simple-bounces@ietf.org Tue Jul 05 14:09:37 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprrU-0006IH-VJ; Tue, 05 Jul 2005 14:09:36 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DprrT-0006Hc-D9 for simple@megatron.ietf.org; Tue, 05 Jul 2005 14:09:35 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA02090 for ; Tue, 5 Jul 2005 14:09:31 -0400 (EDT) Received: from magus.nostrum.com ([69.5.195.2] helo=nostrum.com ident=root) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dps7R-0007iN-3C for simple@ietf.org; Tue, 05 Jul 2005 14:26:08 -0400 Received: from [10.10.108.24] ([65.119.52.228]) (authenticated bits=0) by nostrum.com (8.12.11/8.12.11) with ESMTP id j65Hsh8S053982 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Tue, 5 Jul 2005 12:54:44 -0500 (CDT) (envelope-from ben@nostrum.com) In-Reply-To: References: Mime-Version: 1.0 (Apple Message framework v730) Message-Id: <030C9319-BED5-4452-9C6A-959F3C80E9D3@nostrum.com> From: Ben Campbell Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 12:54:37 -0500 To: Cullen Jennings X-Mailer: Apple Mail (2.730) Received-SPF: pass (nostrum.com: 65.119.52.228 is authenticated by a trusted mechanism) X-Spam-Score: 0.0 (/) X-Scan-Signature: 7fa173a723009a6ca8ce575a65a5d813 Cc: Rohan Mahy , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1371242679==" Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org --===============1371242679== Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-103-544956960; protocol="application/pkcs7-signature" --Apple-Mail-103-544956960 Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-Transfer-Encoding: 7bit On Jul 5, 2005, at 12:04 PM, Cullen Jennings wrote: > On 7/4/05 12:59 AM, "Adam Roach" wrote: > > >> I'm probably rehashing old arguments here, but I do have a reasonably >> strong feeling about this. If I want to go through my "home" relay >> for >> message logging purposes, but first need to go through a >> firewall-traversal relay at a client's site, I'd prefer to have the >> ability to do so without giving the client's relay an opportunity to >> intercept my "home" relay password. >> > > If we agree that the above use case is a valid use case, then I > imagine this > discussion is probably over and all will agree we need to move to > Digest. > Rohan had some sort of argument that amounted to "Don't do this". > Can we > decide if we think this is a valid use case or not? > So, I did some more thinking about this over the weekend, and it seems to me that we have already implied this use case by allowing the telescoping of AUTH. (That is, the ability to send AUTH to a second (or third etc) relay via the first.) What other use cases do we have for that mechanism other than the one Adam described? Or more generally, what other use cases do we have for the telescoping mechanism where the first and subsequent relays are all in the same administrative domain, so that revealing your second-relay password to the first relay is a non-issue? So, my concrete proposal is that we either solve the password-reveal issue, or we remove the AUTH telescoping mechanism. > > > > > > _______________________________________________ > Simple mailing list > Simple@ietf.org > https://www1.ietf.org/mailman/listinfo/simple > --Apple-Mail-103-544956960 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGRTCCAv4w ggJnoAMCAQICAw3JSzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0EwHhcNMDUwMTExMjEyMzM5WhcNMDYwMTExMjEyMzM5WjBiMR8wHQYDVQQD ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR4wHAYJKoZIhvcNAQkBFg9iZW5Abm9zdHJ1bS5jb20x HzAdBgkqhkiG9w0BCQEWEGJlbkBlc3RhY2Fkby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCYWVM6KNDeP+5DdLWTRbBVLIVb4X4Yj6oYnbcNEPIRBuRGH8emhWbrCEBkDHaMQOEz izK6QEYjpoKcdmHLtKBWTMgzR/4danDoOjOeGfJ4fu9t1eXFsiVEyzf/ofZGhOzVR4q3ZfrotgjK kCTdrHpUBsyYRtRN5ZnBpxnkjVjJ77SAZ+JcSK+bs1dpohnRO6WL5ocfQXyMDzoUbnXDi1sUByd9 rCEa92lYpLKgEyr+7lkL3N56XofDV5Xzz9Y2+4GXKbTOjnN/RyNB3YDiXNB8DRclyiCvJINOFzjk 5R8AaGFs4lLoR3eZoAtidH0gp8DD1a+IEmHegjuRAmnVDqszAgMBAAGjPjA8MCwGA1UdEQQlMCOB D2JlbkBub3N0cnVtLmNvbYEQYmVuQGVzdGFjYWRvLm5ldDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3 DQEBBAUAA4GBACeJLe5lF2j4KsJLID+zX3t1TZvqhHqDrlpOL3ODVxK6ocXQE+bZwJX2bAhPm1Hb K8wMeeUK19VrqDnqoLzowtP+0hOjYV6CWf40OxdnjODcuSAqYsbmBBSkyRr6bQjzmqPCspJ70Dty AQ278NgOdlplxD0UJTfYKb0IPNUtuI3WMIIDPzCCAqigAwIBAgIBDTANBgkqhkiG9w0BAQUFADCB 0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAzMDcxNzAwMDAwMFoX DTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5n IChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENB MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7TrnKmVoeaMB1BHCd3+n/ox7svc31 W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/cVbLrzwLB+fxH5E2JCoTzyvV84J3 PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRAHmQZcmC3+wIDAQABo4GUMIGRMBIG A1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC50aGF3dGUuY29t L1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYDVR0PBAQDAgEGMCkGA1UdEQQiMCCkHjAc MRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODANBgkqhkiG9w0BAQUFAAOBgQBIjNFQg+oLLswN o2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82L8D0HFAgk3A8/a3hYWLD2ToZfoSxmRsAxRoLgnSe JVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fWxghOrvbqNOUQGls1TXfjViF4gtwhGTXeJLHTHUb/ XV9lTzGCAucwggLjAgEBMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0 aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5n IENBAgMNyUswCQYFKw4DAhoFAKCCAVMwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG 9w0BCQUxDxcNMDUwNzA1MTc1NDM4WjAjBgkqhkiG9w0BCQQxFgQUlnBRbgh5AuZTCXVKbReqbAFN SQEweAYJKwYBBAGCNxAEMWswaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1 bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vp bmcgQ0ECAw3JSzB6BgsqhkiG9w0BCRACCzFroGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRo YXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVl bWFpbCBJc3N1aW5nIENBAgMNyUswDQYJKoZIhvcNAQEBBQAEggEAABsMzmn++etaUm4OCpnRld/h srwpY+nws3JuscB1S4hZDdhUgmbjmjVnMH+wpF2uy+ZIaWEE9KIt6eg2yk9W6FBkq96WcKsul/ts eyttPoUMooCJihr43g2Q6ZyK4Xx5jZ512WEpM0SoLsDyaFkKn4LDwx1Re8e7Q2zWxzvQbp//Z7/J RdZ/DayOYC2EAewgWfVWjTdZtPdQ9TIZ7zD1aWMLiYfkJprCrZXWqIGY34NVXGvMopVhkwT6pjRg x0aBAhePNzaHd0c9Fa+bM8TJipOiAezrXKLMb5eJhvGTspZIPFtUiwYaMaq5XmUMl5OhwEknCFAC OgskY6sNi8dO4QAAAAAAAA== --Apple-Mail-103-544956960-- --===============1371242679== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple --===============1371242679==-- From simple-bounces@ietf.org Tue Jul 05 14:25:48 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dps7A-0008WC-8q; Tue, 05 Jul 2005 14:25:48 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dps75-0008Ti-Pt for simple@megatron.ietf.org; Tue, 05 Jul 2005 14:25:46 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA03650 for ; Tue, 5 Jul 2005 14:25:38 -0400 (EDT) Received: from magus.nostrum.com ([69.5.195.2] helo=nostrum.com ident=root) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpsNF-0000TH-Dr for simple@ietf.org; Tue, 05 Jul 2005 14:42:27 -0400 Received: from [10.10.108.24] ([65.119.52.228]) (authenticated bits=0) by nostrum.com (8.12.11/8.12.11) with ESMTP id j65IBZP2055520 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Tue, 5 Jul 2005 13:11:36 -0500 (CDT) (envelope-from ben@nostrum.com) In-Reply-To: <42CAC84B.3040506@nokia.com> References: <42CAC84B.3040506@nokia.com> Mime-Version: 1.0 (Apple Message framework v730) Message-Id: <246394C9-B9AA-4D34-A6C2-DD44A0808627@nostrum.com> From: Ben Campbell Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication in MSRP relays extension Date: Tue, 5 Jul 2005 13:11:28 -0500 To: Aki Niemi X-Mailer: Apple Mail (2.730) Received-SPF: pass (nostrum.com: 65.119.52.228 is authenticated by a trusted mechanism) X-Spam-Score: 0.0 (/) X-Scan-Signature: 093efd19b5f651b2707595638f6c4003 Cc: ext Cullen Jennings , Rohan Mahy , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============2144998026==" Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org --===============2144998026== Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-105-545968758; protocol="application/pkcs7-signature" --Apple-Mail-105-545968758 Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Content-Transfer-Encoding: 7bit On Jul 5, 2005, at 12:50 PM, Aki Niemi wrote: > Hi, > > I don't think this is a valid use case. If we are talking about > corporate users here (and I assume we are), I have a hard time > seeing MSRP logged via anything other than a VPN-tunnel along with > other traffic the users generate (such as email). And VPNs seem to > pass firewalls quite well already. > I have personally worked at no less than 3 enterprise sites that explicitly denied the use of outbound VPN, because they believed it 1) allowed data to leave the network they could not monitor, and 2) potentially created an uncontrolled path for things to come into the network. One of them even disallowed any analog phone lines in the building because people might connect modems to them, with exactly the same rational. As I have mentioned several times, firewall policy that locks down all communication except via locally-controlled proxies is common. There are lots of so-called security consultants out there claiming it is necessary, and lots of so-called security auditors that will mark you down if you don't do it. > Cheers, > Aki > > ext Cullen Jennings wrote: > >> On 7/4/05 12:59 AM, "Adam Roach" wrote: >> >>> I'm probably rehashing old arguments here, but I do have a >>> reasonably >>> strong feeling about this. If I want to go through my "home" >>> relay for >>> message logging purposes, but first need to go through a >>> firewall-traversal relay at a client's site, I'd prefer to have the >>> ability to do so without giving the client's relay an opportunity to >>> intercept my "home" relay password. >>> >> If we agree that the above use case is a valid use case, then I >> imagine this >> discussion is probably over and all will agree we need to move to >> Digest. >> Rohan had some sort of argument that amounted to "Don't do this". >> Can we >> decide if we think this is a valid use case or not? >> _______________________________________________ >> Simple mailing list >> Simple@ietf.org >> https://www1.ietf.org/mailman/listinfo/simple >> > > _______________________________________________ > Simple mailing list > Simple@ietf.org > https://www1.ietf.org/mailman/listinfo/simple > --Apple-Mail-105-545968758 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGRTCCAv4w ggJnoAMCAQICAw3JSzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0EwHhcNMDUwMTExMjEyMzM5WhcNMDYwMTExMjEyMzM5WjBiMR8wHQYDVQQD ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR4wHAYJKoZIhvcNAQkBFg9iZW5Abm9zdHJ1bS5jb20x HzAdBgkqhkiG9w0BCQEWEGJlbkBlc3RhY2Fkby5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCYWVM6KNDeP+5DdLWTRbBVLIVb4X4Yj6oYnbcNEPIRBuRGH8emhWbrCEBkDHaMQOEz izK6QEYjpoKcdmHLtKBWTMgzR/4danDoOjOeGfJ4fu9t1eXFsiVEyzf/ofZGhOzVR4q3ZfrotgjK kCTdrHpUBsyYRtRN5ZnBpxnkjVjJ77SAZ+JcSK+bs1dpohnRO6WL5ocfQXyMDzoUbnXDi1sUByd9 rCEa92lYpLKgEyr+7lkL3N56XofDV5Xzz9Y2+4GXKbTOjnN/RyNB3YDiXNB8DRclyiCvJINOFzjk 5R8AaGFs4lLoR3eZoAtidH0gp8DD1a+IEmHegjuRAmnVDqszAgMBAAGjPjA8MCwGA1UdEQQlMCOB D2JlbkBub3N0cnVtLmNvbYEQYmVuQGVzdGFjYWRvLm5ldDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3 DQEBBAUAA4GBACeJLe5lF2j4KsJLID+zX3t1TZvqhHqDrlpOL3ODVxK6ocXQE+bZwJX2bAhPm1Hb K8wMeeUK19VrqDnqoLzowtP+0hOjYV6CWf40OxdnjODcuSAqYsbmBBSkyRr6bQjzmqPCspJ70Dty AQ278NgOdlplxD0UJTfYKb0IPNUtuI3WMIIDPzCCAqigAwIBAgIBDTANBgkqhkiG9w0BAQUFADCB 0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAzMDcxNzAwMDAwMFoX DTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5n IChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENB MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7TrnKmVoeaMB1BHCd3+n/ox7svc31 W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/cVbLrzwLB+fxH5E2JCoTzyvV84J3 PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRAHmQZcmC3+wIDAQABo4GUMIGRMBIG A1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC50aGF3dGUuY29t L1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYDVR0PBAQDAgEGMCkGA1UdEQQiMCCkHjAc MRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODANBgkqhkiG9w0BAQUFAAOBgQBIjNFQg+oLLswN o2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82L8D0HFAgk3A8/a3hYWLD2ToZfoSxmRsAxRoLgnSe JVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fWxghOrvbqNOUQGls1TXfjViF4gtwhGTXeJLHTHUb/ XV9lTzGCAucwggLjAgEBMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0 aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5n IENBAgMNyUswCQYFKw4DAhoFAKCCAVMwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG 9w0BCQUxDxcNMDUwNzA1MTgxMTI5WjAjBgkqhkiG9w0BCQQxFgQU5JlKdSunV7eTDd11pDS3oKgj J/UweAYJKwYBBAGCNxAEMWswaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1 bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vp bmcgQ0ECAw3JSzB6BgsqhkiG9w0BCRACCzFroGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRo YXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVl bWFpbCBJc3N1aW5nIENBAgMNyUswDQYJKoZIhvcNAQEBBQAEggEAbqpFuPpgmbHmJaXAoUFzwibd vCOqEOz/H8aNPNhj3nzklGe8KtmoRTgZRq0YSf2JBmz/M4EAdKodjLN0MS5K3XH7+SBQGvW0ognP 8n0QMRqJF9sMDQIlRk0B1KcgLZsnNnz2bewkwmFKGkhIsZ2zGHlf/gQeGaFiXgDaJCnEZT9uMmxs XAigOMTzCILpdV0XVgVYrin1j9ToO0GWV36bdeIFNi5aav5PpX0n2UOhATOSoNt3mWYGu6+PfKV4 WdnKYsG8Lead9GqZDzhzR2Pi+Y4m/9tGINhqs4p4CqSCTkHS3ITvOM2eehgtAzvc3fPhiCbQlZcz PdAV8SB7qS68GwAAAAAAAA== --Apple-Mail-105-545968758-- --===============2144998026== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple --===============2144998026==-- From simple-bounces@ietf.org Tue Jul 05 14:25:54 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dps7G-00007v-Dq; Tue, 05 Jul 2005 14:25:54 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dps7E-00007B-9q for simple@megatron.ietf.org; Tue, 05 Jul 2005 14:25:52 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA03792 for ; Tue, 5 Jul 2005 14:25:50 -0400 (EDT) Received: from figas.ekabal.com ([204.61.215.10]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpsIg-0000JX-Gh for simple@ietf.org; Tue, 05 Jul 2005 14:37:42 -0400 Received: from [131.161.248.83] (open-131-161-248-83.cliq.com [131.161.248.83]) (authenticated) by figas.ekabal.com (8.11.6/8.11.6) with ESMTP id j65I9t127371; Tue, 5 Jul 2005 11:09:55 -0700 In-Reply-To: <030C9319-BED5-4452-9C6A-959F3C80E9D3@nostrum.com> References: <030C9319-BED5-4452-9C6A-959F3C80E9D3@nostrum.com> Mime-Version: 1.0 (Apple Message framework v622) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <0bba5d6bb35fc2c229ff4283958aab4c@ekabal.com> Content-Transfer-Encoding: 7bit From: Rohan Mahy Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 11:09:42 -0700 To: Ben Campbell X-Mailer: Apple Mail (2.622) X-Spam-Score: 0.0 (/) X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Rohan Mahy , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org On Jul 5, 2005, at 10:54, Ben Campbell wrote: > > > On Jul 5, 2005, at 12:04 PM, Cullen Jennings wrote: > >> On 7/4/05 12:59 AM, "Adam Roach" wrote: >> >> >>> I'm probably rehashing old arguments here, but I do have a reasonably >>> strong feeling about this. If I want to go through my "home" relay >>> for >>> message logging purposes, but first need to go through a >>> firewall-traversal relay at a client's site, I'd prefer to have the >>> ability to do so without giving the client's relay an opportunity to >>> intercept my "home" relay password. >>> >> >> If we agree that the above use case is a valid use case, then I >> imagine this >> discussion is probably over and all will agree we need to move to >> Digest. >> Rohan had some sort of argument that amounted to "Don't do this". Can >> we >> decide if we think this is a valid use case or not? >> > > So, I did some more thinking about this over the weekend, and it seems > to me that we have already implied this use case by allowing the > telescoping of AUTH. (That is, the ability to send AUTH to a second > (or third etc) relay via the first.) What other use cases do we have > for that mechanism other than the one Adam described? Or more > generally, what other use cases do we have for the telescoping > mechanism where the first and subsequent relays are all in the same > administrative domain, so that revealing your second-relay password to > the first relay is a non-issue? AUTH telescoping is useful in large enterprises (same administrative domain) where there is an internal relay and an external relay. The external relay farm services the entire company and might do additional logging or alerts on keywords. You only use the external relay when talking with someone outside your administrative domain. This is a fairly typical usage, and it is precisely the example that is given in the draft. thanks, -rohan > So, my concrete proposal is that we either solve the password-reveal > issue, or we remove the AUTH telescoping mechanism. > > >> >> >> >> >> >> _______________________________________________ >> Simple mailing list >> Simple@ietf.org >> https://www1.ietf.org/mailman/listinfo/simple >> > _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 14:58:11 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpscV-0004E6-Jn; Tue, 05 Jul 2005 14:58:11 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpscG-0003mr-RI for simple@megatron.ietf.org; Tue, 05 Jul 2005 14:58:01 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07082 for ; Tue, 5 Jul 2005 14:57:52 -0400 (EDT) Received: from mailrelay.eurospot.com ([62.39.81.196]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dpssc-0002lg-3E for simple@ietf.org; Tue, 05 Jul 2005 15:14:57 -0400 Received: from [192.168.50.28] (unknown [82.109.138.58]) by mailrelay.eurospot.com (Postfix) with ESMTP id 006FE286D0E; Tue, 5 Jul 2005 20:46:51 +0200 (CEST) In-Reply-To: <0bba5d6bb35fc2c229ff4283958aab4c@ekabal.com> References: <030C9319-BED5-4452-9C6A-959F3C80E9D3@nostrum.com> <0bba5d6bb35fc2c229ff4283958aab4c@ekabal.com> Mime-Version: 1.0 (Apple Message framework v622) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Hisham Khartabil Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 20:46:57 +0200 To: Rohan Mahy X-Mailer: Apple Mail (2.622) X-Spam-Score: 0.0 (/) X-Scan-Signature: 5011df3e2a27abcc044eaa15befcaa87 Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Orit Levin , Adam Roach , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org (as a working group chair) Ok, it is clear that people have concerns with Basic as the authentication mechanism for MSRP Relays. It is also clear that the 2 people advocating Basic (Aki and Rohan) have not presented any strong argument against Digest nor have they clearly solved the concerns that people have with Basic. Digest resolves those concerns and there are no technical drawbacks with it. The majority of contributors to this thread either want Digest or do not object to using Digest. That is rough consensus to me. Unless you tell me you will commit suicide if Basic is not used, I am going to instruct the editors to rewrite the relevant sections to remove Basic and re-introduce Digest as the Authentication mechanism. In the mean time, please remember that a WGLC have been issued for MSRP relay draft. Please send your comments in a.s.a.p. Regards, Hisham SIMPLE WG co-chair On Jul 5, 2005, at 8:09 PM, Rohan Mahy wrote: > > On Jul 5, 2005, at 10:54, Ben Campbell wrote: > >> >> >> On Jul 5, 2005, at 12:04 PM, Cullen Jennings wrote: >> >>> On 7/4/05 12:59 AM, "Adam Roach" wrote: >>> >>> >>>> I'm probably rehashing old arguments here, but I do have a >>>> reasonably >>>> strong feeling about this. If I want to go through my "home" relay >>>> for >>>> message logging purposes, but first need to go through a >>>> firewall-traversal relay at a client's site, I'd prefer to have the >>>> ability to do so without giving the client's relay an opportunity to >>>> intercept my "home" relay password. >>>> >>> >>> If we agree that the above use case is a valid use case, then I >>> imagine this >>> discussion is probably over and all will agree we need to move to >>> Digest. >>> Rohan had some sort of argument that amounted to "Don't do this". >>> Can we >>> decide if we think this is a valid use case or not? >>> >> >> So, I did some more thinking about this over the weekend, and it >> seems to me that we have already implied this use case by allowing >> the telescoping of AUTH. (That is, the ability to send AUTH to a >> second (or third etc) relay via the first.) What other use cases do >> we have for that mechanism other than the one Adam described? Or more >> generally, what other use cases do we have for the telescoping >> mechanism where the first and subsequent relays are all in the same >> administrative domain, so that revealing your second-relay password >> to the first relay is a non-issue? > > AUTH telescoping is useful in large enterprises (same administrative > domain) where there is an internal relay and an external relay. The > external relay farm services the entire company and might do > additional logging or alerts on keywords. You only use the external > relay when talking with someone outside your administrative domain. > This is a fairly typical usage, and it is precisely the example that > is given in the draft. > > thanks, > -rohan > > >> So, my concrete proposal is that we either solve the password-reveal >> issue, or we remove the AUTH telescoping mechanism. >> >> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> Simple mailing list >>> Simple@ietf.org >>> https://www1.ietf.org/mailman/listinfo/simple >>> >> > > > _______________________________________________ > Simple mailing list > Simple@ietf.org > https://www1.ietf.org/mailman/listinfo/simple > _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 15:14:34 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpssM-0002q8-LF; Tue, 05 Jul 2005 15:14:34 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dpss6-0002gM-83 for simple@megatron.ietf.org; Tue, 05 Jul 2005 15:14:22 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA09767 for ; Tue, 5 Jul 2005 15:14:13 -0400 (EDT) Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DptBR-0004lP-5u for simple@ietf.org; Tue, 05 Jul 2005 15:34:17 -0400 Received: from sj-core-3.cisco.com (171.68.223.137) by sj-iport-5.cisco.com with ESMTP; 05 Jul 2005 12:06:20 -0700 X-IronPort-AV: i="3.93,261,1115017200"; d="scan'208"; a="196440566:sNHT28148276" Received: from sea-alpha-e2k3.sea-alpha.cisco.com (sea-alpha-e2k3.cisco.com [10.93.132.88]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id j65J6G6p010508; Tue, 5 Jul 2005 12:06:17 -0700 (PDT) Received: from [10.0.1.3] ([10.21.145.120]) by sea-alpha-e2k3.sea-alpha.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 5 Jul 2005 12:10:37 -0700 User-Agent: Microsoft-Entourage/11.1.0.040913 Date: Tue, 05 Jul 2005 15:06:12 -0400 From: Cullen Jennings To: Rohan Mahy , Orit Levin , Adam Roach , Avshalom Houri , Aki Niemi Message-ID: In-Reply-To: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit X-OriginalArrivalTime: 05 Jul 2005 19:10:37.0318 (UTC) FILETIME=[3A00FA60:01C58195] X-Spam-Score: 0.0 (/) X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8 Content-Transfer-Encoding: 7bit Cc: "simple@ietf.org" Subject: [Simple] Digest Was: rodent stuck in tarpit X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Way back at the being of this thread, Rohan put out some questions about how to do Digest. I think it would be good to get talking about those as well as proposed text that need to change to move to digest. If anyone wants to help with text, as always, appreciated and the XML is at http://scm.sipfoundry.org/rep/ietf-drafts/simple/draft-ietf-simple-msrp-rela ys.xml Rohan's questions/proposal follows - can folks comment on how resolve open items.... On 6/20/05 6:44 PM, "Rohan Mahy" wrote: > When I originally tried to map the draft onto Digest, I was planning to > do something like this: > > - realm is a string provided by the server. it SHOULD be the host name > of the relay. > - the domains parameter is ignored > - note that the nonce algorithm based on ETags doesn't work > - do not support auth-int, but always include the qop parameter with > auth > - the digest-uri parameter is the right-most URI in the To-Path header > - the alg parameter is ??? > - the cnonce and the nonce-count MUST be sent > - the Method from A2 is always AUTH > - there is never a body for AUTH so A2 is just AUTH: plus the > Request-URI > - I have no idea what to do about MD5 vs. MD5-sess. > - I have no idea whether the nextnonce parameter is useful here. > - I don't think the response authentication parameter is useful at all. > However, the security considerations needs to describe what would or > would not be protected here. Remember that we have no integrity over > the Use-Path header from client to outermost relay even if we use this, > unless we redefine the A2 to include the value of the Use-Path header > instead of the entity-body. On 7/5/05 2:46 PM, "Hisham Khartabil" wrote: > (as a working group chair) > > Ok, it is clear that people have concerns with Basic as the > authentication mechanism for MSRP Relays. It is also clear that the 2 > people advocating Basic (Aki and Rohan) have not presented any strong > argument against Digest nor have they clearly solved the concerns that > people have with Basic. Digest resolves those concerns and there are no > technical drawbacks with it. > > The majority of contributors to this thread either want Digest or do > not object to using Digest. That is rough consensus to me. > > Unless you tell me you will commit suicide if Basic is not used, I am > going to instruct the editors to rewrite the relevant sections to > remove Basic and re-introduce Digest as the Authentication mechanism. > > In the mean time, please remember that a WGLC have been issued for MSRP > relay draft. Please send your comments in a.s.a.p. > > Regards, > Hisham > SIMPLE WG co-chair _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 15:47:59 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DptOg-0001SF-Ue; Tue, 05 Jul 2005 15:47:58 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DptOb-0001Qq-Nr for simple@megatron.ietf.org; Tue, 05 Jul 2005 15:47:55 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA14515 for ; Tue, 5 Jul 2005 15:47:49 -0400 (EDT) Received: from magus.nostrum.com ([69.5.195.2] helo=nostrum.com ident=root) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DptbS-0002Fd-Dw for simple@ietf.org; Tue, 05 Jul 2005 16:01:11 -0400 Received: from [127.0.0.1] (adam@magus.nostrum.com [10.10.10.2]) (authenticated bits=0) by nostrum.com (8.12.11/8.12.11) with ESMTP id j65JWGgJ061800 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 5 Jul 2005 14:32:17 -0500 (CDT) (envelope-from adam@nostrum.com) Message-ID: <42CAE02F.5080906@nostrum.com> Date: Tue, 05 Jul 2005 14:31:59 -0500 From: Adam Roach User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Cullen Jennings References: In-Reply-To: X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Received-SPF: pass (nostrum.com: 10.10.10.2 is authenticated by a trusted mechanism) X-Spam-Score: 0.0 (/) X-Scan-Signature: 37af5f8fbf6f013c5b771388e24b09e7 Content-Transfer-Encoding: 7bit Cc: Rohan Mahy , Orit Levin , Avshalom Houri , Aki Niemi , "simple@ietf.org" Subject: [Simple] Re: Digest Was: rodent stuck in tarpit X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Cullen Jennings wrote: > >Rohan's questions/proposal follows - can folks comment on how resolve open >items.... > >On 6/20/05 6:44 PM, "Rohan Mahy" wrote: > > >>When I originally tried to map the draft onto Digest, I was planning to >>do something like this: >> >>- realm is a string provided by the server. it SHOULD be the host name >>of the relay. >> >> Host name or domain name -- I think this would be up to the whoever deploys it. If they want a single password across all their MSRP relays, they share a common realm. I'm not sure the document needs to say too much about this. >>- the domains parameter is ignored >> >> Maybe I'm becoming senile, but I can't recall what this might be talking about, and RFC 2617 doesn't give me any clues. >>- note that the nonce algorithm based on ETags doesn't work >> >> So authentication will likely need to be stateful. >>- do not support auth-int, but always include the qop parameter with >>auth >> >> Sounds reasonable. We can always add an S/MIME mechanism if we need integrity protection. >>- the digest-uri parameter is the right-most URI in the To-Path header >> >> Yes. >>- the alg parameter is ??? >> >> MD5, probably (modulo any discussions we have on MD5-sess handling). I think we want to be able to re-use as much code as possible from any SIP digest implementations people have in their clients. >>- the cnonce and the nonce-count MUST be sent >> >> Sounds good. >>- the Method from A2 is always AUTH >> >> I agree, in a round-about sort of way. It should always match the method, and we're doing authentication in AUTH requests. >>- there is never a body for AUTH so A2 is just AUTH: plus the >>Request-URI >> >> Yep >>- I have no idea what to do about MD5 vs. MD5-sess. >> >> The handling of session mode in RFC 2617 is extremely ambiguous. I have poked and prodded the HTTP community and key players within it to try to get some clarification, and the net result seems to be that no one really cares because no one really implements it. (For the morbidly curious, you can read my summary of the problem at http://lists.w3.org/Archives/Public/ietf-http-wg/2004OctDec/0039.html). Until this issue is clarified, I don't think specifying MD5-sess is viable, since it is fundamentally unimplementable. >>- I have no idea whether the nextnonce parameter is useful here. >> >> I believe it is. The server can send nextnonces in the response to AUTH request which the client can then use when they refresh their AUTH binding -- this reduces all non-initial AUTH requests to one round trip instead of two. >>- I don't think the response authentication parameter is useful at all. >> >> Agreed. >>However, the security considerations needs to describe what would or >>would not be protected here. >> I don't think we're looking for an integrity protection mechanism here; I think we're looking for an authentication mechanism. It's fine with me if the security section basically says, "the use of digest authentication in MSRP provides no integrity protection, and is to be used as an authentication mechanism only." /a _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 17:01:41 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpuY1-0000x3-3G; Tue, 05 Jul 2005 17:01:41 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpuXu-0000uF-Na for simple@megatron.ietf.org; Tue, 05 Jul 2005 17:01:36 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA27269 for ; Tue, 5 Jul 2005 17:01:26 -0400 (EDT) Received: from oak.neustar.com ([209.173.53.70]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dpukg-0005bJ-4g for simple@ietf.org; Tue, 05 Jul 2005 17:14:46 -0400 Received: from stntsmtp1.cis.neustar.com (smartexch.neustar.com [10.31.13.79]) by oak.neustar.com (8.12.8/8.11.0) with ESMTP id j65KkhHP031770; Tue, 5 Jul 2005 20:46:43 GMT Received: from stntexch03.cis.neustar.com ([10.31.13.45]) by stntsmtp1.cis.neustar.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 5 Jul 2005 16:46:43 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: [Simple] element issue for common policy Date: Tue, 5 Jul 2005 16:46:42 -0400 Message-ID: <24EAE5D4448B9D4592C6D234CBEBD59701502F97@stntexch03.cis.neustar.com> Thread-Topic: [Simple] element issue for common policy Thread-Index: AcV+v1K5I2K0mrgRQbGDsOsehWSn2QC4SKpg From: "Peterson, Jon" To: "Jonathan Rosenberg" , "Henning Schulzrinne" X-OriginalArrivalTime: 05 Jul 2005 20:46:43.0364 (UTC) FILETIME=[A6D5C640:01C581A2] X-Spam-Score: 0.0 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a Content-Transfer-Encoding: quoted-printable Cc: Ted Hardie , simple@ietf.org X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org > Right. Put another way, putting an exception in the matching condition = > is just another way to define the set of users to whom the additive=20 > permissions apply. The only difference is that the set of people to = whom=20 > they apply is potentially large, but there is no change in the model. There is one substantive change to the model, I think. Previously in the = GEOPRIV work, we had the following design goal: if an external ruleset = (one included in the PIDF-LO object by reference) could not be accessed, = then the worst thing that could happen is the policies would be more = restrictive than they need to be. If a local ruleset has a rule that says everyone can have access to = element Y except Alice, and an external ruleset that says everyone can = have access to element Y except Carol... then it would seem that if the = external ruleset cannot be acquired by the policy implementer, this = results is a less restrictive policy. For the record, and as I said at the last SIMPLE meeting, I agree with = Ted that the efficacy of negative permissions in this sort of system is = very limited, and that policies along these lines are not likely to = yield useful protections for a presentity. Jon Peterson NeuStar, Inc. _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 20:56:40 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpyDQ-00011b-9r; Tue, 05 Jul 2005 20:56:40 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpyDM-0000xl-BU for simple@megatron.ietf.org; Tue, 05 Jul 2005 20:56:38 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA28766 for ; Tue, 5 Jul 2005 20:56:33 -0400 (EDT) Received: from brinza.cc.columbia.edu ([128.59.29.8] ident=cu41754) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpyOZ-00039D-Mx for simple@ietf.org; Tue, 05 Jul 2005 21:08:12 -0400 Received: from [192.168.0.31] (pool-141-153-198-113.mad.east.verizon.net [141.153.198.113]) (user=hgs10 mech=PLAIN bits=0) by brinza.cc.columbia.edu (8.13.0/8.13.0) with ESMTP id j660eGuR026901 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 5 Jul 2005 20:40:16 -0400 (EDT) Message-ID: <42CB2871.1060000@cs.columbia.edu> Date: Tue, 05 Jul 2005 20:40:17 -0400 From: Henning Schulzrinne Organization: Columbia University User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Peterson, Jon" Subject: Re: [Simple] element issue for common policy References: <24EAE5D4448B9D4592C6D234CBEBD59701502F97@stntexch03.cis.neustar.com> In-Reply-To: <24EAE5D4448B9D4592C6D234CBEBD59701502F97@stntexch03.cis.neustar.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-No-Spam-Score: Local X-Scanned-By: MIMEDefang 2.48 on 128.59.29.8 X-Spam-Score: 0.2 (/) X-Scan-Signature: 8b30eb7682a596edff707698f4a80f7d Content-Transfer-Encoding: 7bit Cc: Ted Hardie , simple@ietf.org X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org > There is one substantive change to the model, I think. Previously in > the GEOPRIV work, we had the following design goal: if an external > ruleset (one included in the PIDF-LO object by reference) could not > be accessed, then the worst thing that could happen is the policies > would be more restrictive than they need to be. > > If a local ruleset has a rule that says everyone can have access to > element Y except Alice, and an external ruleset that says everyone > can have access to element Y except Carol... then it would seem that > if the external ruleset cannot be acquired by the policy implementer, > this results is a less restrictive policy. I'm not sure this is true, but maybe we're talking about two different cases. Let's take your example: (R1) Anybody except Alice can access Y (R2) Anybody except Carol can access Y For now, assume that R1 and R2 are accessible. By the standard rules, permissions are *additive*, thus, by R1, Carol can access Y. (Carol matches R1 and accumulates all the permissions that R1 grants.) Similarly, Alice can also access by virtue by R2. Thus, the matching constraints don't restrict any access. This is not a new problem, even without these matching constraints. [If you grant Bob very narrow right but Bob is also part of a domain match with "better" access, Bob will get the domain rights.] If (R1) is inaccessible, things work as expected: Carol can no longer see Y, even though she could before. Thus, the matching constraints don't impair the additivity and privacy safety, but they do mean that exceptions have to be in every domain-based rule to be meaningful, i.e., (R1') Anybody except Alice,Carol can access Y Henning _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 21:12:45 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpySz-0004s0-2Z; Tue, 05 Jul 2005 21:12:45 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpySK-0004Ku-Od for simple@megatron.ietf.org; Tue, 05 Jul 2005 21:12:09 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA00010 for ; Tue, 5 Jul 2005 21:12:00 -0400 (EDT) Received: from figas.ekabal.com ([204.61.215.10]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dpyo8-0005IW-1h for simple@ietf.org; Tue, 05 Jul 2005 21:34:36 -0400 Received: from [131.161.248.83] (open-131-161-248-83.cliq.com [131.161.248.83]) (authenticated) by figas.ekabal.com (8.11.6/8.11.6) with ESMTP id j6615W129199; Tue, 5 Jul 2005 18:05:32 -0700 In-Reply-To: References: <75346fbbbb1cfa1a82e7f7400a959d47@ekabal.com> Mime-Version: 1.0 (Apple Message framework v622) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <07917b8077cf7036f58bb14b74f1c777@ekabal.com> Content-Transfer-Encoding: 7bit From: Rohan Mahy Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 18:05:18 -0700 To: Ben Campbell X-Mailer: Apple Mail (2.622) X-Spam-Score: 0.0 (/) X-Scan-Signature: 8de5f93cb2b4e3bee75302e9eacc33db Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Rohan Mahy , Orit Levin , Avshalom Houri , "simple@ietf.org" , Adam Roach X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org On Jul 5, 2005, at 11:01, Ben Campbell wrote: > > On Jul 5, 2005, at 12:36 PM, Rohan Mahy wrote: > >> Avshalom, >> >> I don't believe that the average user will go and manually configure >> some MSRP proxy they've never heard of before. What is the use case? >> >> Can anyone provide a *good* reason why you should be using arbitrary >> random relays and why this is reasonable from a security perspective. >> >> I personally hope that anyone enlightened enough to have heard of >> MSRP will be at least enlightened enough to allow outbound TCP >> connections from their network. > > I think the large deployed base of HTTP proxies would tend to prove > your hope a false one. It is _very_ common for enterprise networks to > only allow HTTP connections via a locally controlled proxy. Why would > you expect an enterprise firewall admin to treat MSRP any different > that it treats HTTP? > > Don't get me wrong; I'd love to see mandatory HTTP proxies go away > too. But I am not wasting much breath on the effort to make it happen. If you are "inside" an enterprise network then typically you have credentials to its enterprise resources and would only use the enterprise MSRP relays. I have never used a hotspot or hotel internet access provider that required me to use their HTTP proxy or did not allow me to make outbound TCP connections. For the previous 7 years I travelled extensively and was able to connect using SSH port forwarding in a number of situations where my colleagues could not get their VPN software to work. Outbound TCP works on public networks. If you managed to get onto a private network you would need credentials to use their relay anyway. Why use another relay in addition? thanks, -rohan >> >> thanks, >> -rohan >> >> >> On Jul 5, 2005, at 10:12, Avshalom Houri wrote: >> >>> Cullen Jennings wrote on 05/07/2005 08:04:01 PM: >>> >>> > On 7/4/05 12:59 AM, "Adam Roach" wrote: >>> > >>> > > I'm probably rehashing old arguments here, but I do have a >>> reasonably >>> > > strong feeling about this. If I want to go through my "home" >>> relay for >>> > > message logging purposes, but first need to go through a >>> > > firewall-traversal relay at a client's site, I'd prefer to have >>> the >>> > > ability to do so without giving the client's relay an >>> opportunity to >>> > > intercept my "home" relay password. >>> > >>> > If we agree that the above use case is a valid use case, then I >>> imagine this >>> > discussion is probably over and all will agree we need to move to >>> Digest. >>> > Rohan had some sort of argument that amounted to "Don't do this". >>> Can we >>> > decide if we think this is a valid use case or not? >>> > >>> I think that it is a valid use case. The average user will not know >>> that >>> MSRP is sending the password on the clear over TLS. It will also be >>> very hard >>> to instruct users to use a gateway in the hotel for example for one >>> protocol and >>> not for the other. Most users do not even know what protocol their >>> software is >>> using. >>> >>> Avshalom >>> >> >> >> _______________________________________________ >> Simple mailing list >> Simple@ietf.org >> https://www1.ietf.org/mailman/listinfo/simple >> > _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 21:12:51 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpyT5-0004zZ-5A; Tue, 05 Jul 2005 21:12:51 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpyT1-0004xK-Uw for simple@megatron.ietf.org; Tue, 05 Jul 2005 21:12:49 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA00581 for ; Tue, 5 Jul 2005 21:12:44 -0400 (EDT) Received: from rtp-iport-2.cisco.com ([64.102.122.149]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpygH-0004in-Ex for simple@ietf.org; Tue, 05 Jul 2005 21:26:29 -0400 Received: from rtp-core-1.cisco.com (64.102.124.12) by rtp-iport-2.cisco.com with ESMTP; 05 Jul 2005 20:58:33 -0400 X-IronPort-AV: i="3.93,263,1115006400"; d="scan'208"; a="61123098:sNHT1605610786" Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j660wVbd021479; Tue, 5 Jul 2005 20:58:32 -0400 (EDT) Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 5 Jul 2005 20:58:31 -0400 Received: from [192.168.1.102] ([10.86.240.200]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 5 Jul 2005 20:58:31 -0400 Message-ID: <42CB2CB6.3060404@cisco.com> Date: Tue, 05 Jul 2005 20:58:30 -0400 From: Jonathan Rosenberg User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.8) Gecko/20050511 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Henning Schulzrinne Subject: Re: [Simple] element issue for common policy References: <24EAE5D4448B9D4592C6D234CBEBD59701502F97@stntexch03.cis.neustar.com> <42CB2871.1060000@cs.columbia.edu> In-Reply-To: <42CB2871.1060000@cs.columbia.edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 06 Jul 2005 00:58:31.0440 (UTC) FILETIME=[D3F33900:01C581C5] X-Spam-Score: 0.0 (/) X-Scan-Signature: 02ec665d00de228c50c93ed6b5e4fc1a Content-Transfer-Encoding: 7bit Cc: Ted Hardie , simple@ietf.org, "Peterson, Jon" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org inline. Henning Schulzrinne wrote: > >> There is one substantive change to the model, I think. Previously in >> the GEOPRIV work, we had the following design goal: if an external >> ruleset (one included in the PIDF-LO object by reference) could not >> be accessed, then the worst thing that could happen is the policies >> would be more restrictive than they need to be. >> >> If a local ruleset has a rule that says everyone can have access to >> element Y except Alice, and an external ruleset that says everyone >> can have access to element Y except Carol... then it would seem that >> if the external ruleset cannot be acquired by the policy implementer, >> this results is a less restrictive policy. > > > I'm not sure this is true, but maybe we're talking about two different > cases. Let's take your example: > > (R1) Anybody except Alice can access Y > (R2) Anybody except Carol can access Y > > For now, assume that R1 and R2 are accessible. > > By the standard rules, permissions are *additive*, thus, by R1, Carol > can access Y. (Carol matches R1 and accumulates all the permissions that > R1 grants.) Similarly, Alice can also access by virtue by R2. Thus, the > matching constraints don't restrict any access. This is not a new > problem, even without these matching constraints. [If you grant Bob very > narrow right but Bob is also part of a domain match with "better" > access, Bob will get the domain rights.] I agree with Henning here. The problem is exactly the issue that Ted is concerned about; that folks will assume that if they have a rule that says "give Y to everyone except Alice", that this revocation of permissions from Alice occurs after the grants have all been accumulated. That experience can still be simulated with privacy safety if a web application keeps track of set of blocked users and adds them as an exception to each rule. As such, you wouldn't end up with rules like R1 and R2 above, you'd probably have: R1: grant Y to everyone except Alice and Carol R2: grant Z to everyone except Alice and Carol and this continues to have the desired property - if R1 cannot be fetched, less information is given out, not more. -Jonathan R. -- Jonathan D. Rosenberg, Ph.D. 600 Lanidex Plaza Director, Service Provider VoIP Architecture Parsippany, NJ 07054-2711 Cisco Systems jdrosen@cisco.com FAX: (973) 952-5050 http://www.jdrosen.net PHONE: (973) 952-5000 http://www.cisco.com _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Tue Jul 05 21:45:00 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DpyyB-0005HZ-U7; Tue, 05 Jul 2005 21:44:59 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dpyy8-0005Cw-Cc for simple@megatron.ietf.org; Tue, 05 Jul 2005 21:44:57 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA03905 for ; Tue, 5 Jul 2005 21:44:51 -0400 (EDT) Received: from figas.ekabal.com ([204.61.215.10]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DpzHc-0002mN-PN for simple@ietf.org; Tue, 05 Jul 2005 22:05:05 -0400 Received: from [131.161.248.83] (open-131-161-248-83.cliq.com [131.161.248.83]) (authenticated) by figas.ekabal.com (8.11.6/8.11.6) with ESMTP id j661a4129298; Tue, 5 Jul 2005 18:36:04 -0700 In-Reply-To: References: <030C9319-BED5-4452-9C6A-959F3C80E9D3@nostrum.com> <0bba5d6bb35fc2c229ff4283958aab4c@ekabal.com> Mime-Version: 1.0 (Apple Message framework v622) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Rohan Mahy Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension Date: Tue, 5 Jul 2005 18:35:48 -0700 To: Hisham Khartabil X-Mailer: Apple Mail (2.622) X-Spam-Score: 0.0 (/) X-Scan-Signature: b2809b6f39decc6de467dcf252f42af1 Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Orit Levin , Adam Roach , "simple@ietf.org" , Rohan Mahy X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org On Jul 5, 2005, at 11:46, Hisham Khartabil wrote: > (as a working group chair) > > Ok, it is clear that people have concerns with Basic as the > authentication mechanism for MSRP Relays. It is also clear that the 2 > people advocating Basic (Aki and Rohan) have not presented any strong > argument against Digest nor have they clearly solved the concerns that > people have with Basic. Digest resolves those concerns and there are > no technical drawbacks with it. > The majority of contributors to this thread either want Digest or do > not object to using Digest. That is rough consensus to me. 1) Done is a feature and perfect is the often the enemy of the good. The draft is done now if Basic is acceptable. "Not done" is a technical drawback. I raised several open issues with how you would map Digest to MSRP which are not resolved. More issues will crop up if we actually write text. 2) This disagreement appears to be between a very small number of people. The main desire for wanting Digest appears to be a use case (multiple relays per side in different administrative domains) that still does not have a well justified motivation. This doesn't seem like much of a consensus to me. > Unless you tell me you will commit suicide if Basic is not used, I am > going to instruct the editors to rewrite the relevant sections to > remove Basic and re-introduce Digest as the Authentication mechanism. I'm not planning to commit suicide, but my IETF work is currently happening at the expense of paid consulting work. Since I don't have credible text on the semantics and syntax of all the Digest parameters, nor a reasonable section for the Security Considerations section, its likely that I would just pass the baton to another editor. The reason that I did not "simply" finish the Digest specification earlier in the life of the draft was because as I dug deeper into it it seemed like a poorer and poorer fit. thanks, -rohan > In the mean time, please remember that a WGLC have been issued for > MSRP relay draft. Please send your comments in a.s.a.p. > > Regards, > Hisham > SIMPLE WG co-chair > > On Jul 5, 2005, at 8:09 PM, Rohan Mahy wrote: > >> >> On Jul 5, 2005, at 10:54, Ben Campbell wrote: >> >>> >>> >>> On Jul 5, 2005, at 12:04 PM, Cullen Jennings wrote: >>> >>>> On 7/4/05 12:59 AM, "Adam Roach" wrote: >>>> >>>> >>>>> I'm probably rehashing old arguments here, but I do have a >>>>> reasonably >>>>> strong feeling about this. If I want to go through my "home" relay >>>>> for >>>>> message logging purposes, but first need to go through a >>>>> firewall-traversal relay at a client's site, I'd prefer to have the >>>>> ability to do so without giving the client's relay an opportunity >>>>> to >>>>> intercept my "home" relay password. >>>>> >>>> >>>> If we agree that the above use case is a valid use case, then I >>>> imagine this >>>> discussion is probably over and all will agree we need to move to >>>> Digest. >>>> Rohan had some sort of argument that amounted to "Don't do this". >>>> Can we >>>> decide if we think this is a valid use case or not? >>>> >>> >>> So, I did some more thinking about this over the weekend, and it >>> seems to me that we have already implied this use case by allowing >>> the telescoping of AUTH. (That is, the ability to send AUTH to a >>> second (or third etc) relay via the first.) What other use cases do >>> we have for that mechanism other than the one Adam described? Or >>> more generally, what other use cases do we have for the telescoping >>> mechanism where the first and subsequent relays are all in the same >>> administrative domain, so that revealing your second-relay password >>> to the first relay is a non-issue? >> >> AUTH telescoping is useful in large enterprises (same administrative >> domain) where there is an internal relay and an external relay. The >> external relay farm services the entire company and might do >> additional logging or alerts on keywords. You only use the external >> relay when talking with someone outside your administrative domain. >> This is a fairly typical usage, and it is precisely the example that >> is given in the draft. >> >> thanks, >> -rohan >> >> >>> So, my concrete proposal is that we either solve the password-reveal >>> issue, or we remove the AUTH telescoping mechanism. >>> >>> >>>> >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> Simple mailing list >>>> Simple@ietf.org >>>> https://www1.ietf.org/mailman/listinfo/simple >>>> >>> >> >> >> _______________________________________________ >> Simple mailing list >> Simple@ietf.org >> https://www1.ietf.org/mailman/listinfo/simple >> _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Wed Jul 06 00:21:50 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dq1Py-00033Y-0H; Wed, 06 Jul 2005 00:21:50 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dq1Pv-0002zu-TU for simple@megatron.ietf.org; Wed, 06 Jul 2005 00:21:48 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA21743 for ; Wed, 6 Jul 2005 00:21:45 -0400 (EDT) Received: from ylpvm12-ext.prodigy.net ([207.115.57.43] helo=ylpvm12.prodigy.net) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dq1qq-0006f6-LV for simple@ietf.org; Wed, 06 Jul 2005 00:49:36 -0400 Received: from pimout5-ext.prodigy.net (pimout5-int.prodigy.net [207.115.4.21]) by ylpvm12.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id j664LfpJ018665 for ; Wed, 6 Jul 2005 00:21:41 -0400 X-ORBL: [70.249.148.178] Received: from [192.168.0.101] (ppp-70-249-148-178.dsl.rcsntx.swbell.net [70.249.148.178]) by pimout5-ext.prodigy.net (8.13.4 outbound domainkey aix/8.13.4) with ESMTP id j664LV0u229924; Wed, 6 Jul 2005 00:21:40 -0400 Message-ID: <42CB5C5B.9060307@nostrum.com> Date: Tue, 05 Jul 2005 23:21:47 -0500 From: Adam Roach User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Rohan Mahy Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension References: <75346fbbbb1cfa1a82e7f7400a959d47@ekabal.com> <07917b8077cf7036f58bb14b74f1c777@ekabal.com> In-Reply-To: <07917b8077cf7036f58bb14b74f1c777@ekabal.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Orit Levin , Avshalom Houri , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: simple-bounces@ietf.org Errors-To: simple-bounces@ietf.org Rohan Mahy wrote: > For the previous 7 years I travelled extensively and was able to > connect using SSH port forwarding in a number of situations where my > colleagues could not get their VPN software to work. I'm not sure it's realistic to expect all MSRP users to be as sophisticated as you at circumventing administrative policies. In any case, if that kind of circumvention were the means by which we expected firewall traversal to be performed, we would be specifying the use of port 80 for MSRP. > Outbound TCP works on public networks. If you managed to get onto a > private network you would need credentials to use their relay anyway. > Why use another relay in addition? Imagine my employer is a public company, and they have a policy of logging all messages sent to and from my company-owned machine as a part of Sarbanes-Oxley record keeping. Alternately, imagine I'm a securities broker, and my company is required to log messages I send as a part of SEC regulations. These are realistic use cases that would administratively force me to send my messages through my company's relay. Further imagine that, in the course of business, I travel to customers' sites from time to time. Imagine those customers allow access only through designated proxies specific to the protocols they allow to pass. Perhaps they allow instant message sessions, but -- as a matter of administrative policy -- log all such inbound and outbound messages, and consequently require the use of their MSRP relay. I'm not going to argue that this is a reasonable thing for them to be doing; however, I can cite two different customers that our company currently has that have network configurations that are substantially similar to that description (modulo the use of proprietary IM protocols). I have spent time on their networks, and been forced to operate through their IM relays to perform instant messaging sessions. It is unrealistic to expect that they will change their administrative policy once MSRP is deployed, even if you and I think it's a stupid policy. In fact, I fully expect them to deploy MSRP relays that continue to allow them to log instant messages as they currently are doing. So you can say the use cases arise out of stupid regulations and stupid administrative policies -- and I can't disagree with you. However, I don't think it's realistic to assert that use cases involving relays in different administrative domains actually won't arise. /a _______________________________________________ Simple mailing list Simple@ietf.org https://www1.ietf.org/mailman/listinfo/simple From simple-bounces@ietf.org Wed Jul 06 00:42:57 2005 Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dq1kP-0001FI-1a; Wed, 06 Jul 2005 00:42:57 -0400 Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dq1kI-0001Dq-4R for simple@megatron.ietf.org; Wed, 06 Jul 2005 00:42:54 -0400 Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA23873 for ; Wed, 6 Jul 2005 00:42:47 -0400 (EDT) Received: from ylpvm12-ext.prodigy.net ([207.115.57.43] helo=ylpvm12.prodigy.net) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1Dq2BC-0000k7-1F for simple@ietf.org; Wed, 06 Jul 2005 01:10:39 -0400 Received: from ylpvm01.prodigy.net (ylpvm01-int.prodigy.net [207.115.5.207]) by ylpvm12.prodigy.net (8.12.10 outbound/8.12.10) with ESMTP id j664gjpL017099 for ; Wed, 6 Jul 2005 00:42:45 -0400 Received: from [192.168.0.101] (ppp-70-249-148-178.dsl.rcsntx.swbell.net [70.249.148.178]) by ylpvm01.prodigy.net (8.13.4 dk-milter linux/8.13.4) with ESMTP id j664gjoB025293; Wed, 6 Jul 2005 00:42:45 -0400 Message-ID: <42CB6157.1010809@nostrum.com> Date: Tue, 05 Jul 2005 23:43:03 -0500 From: Adam Roach User-Agent: Mozilla Thunderbird 0.6 (Windows/20040502) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Rohan Mahy Subject: Re: [Simple] OPEN ISSUE: Basic vs. Digest authentication inMSRPrelays extension References: <030C9319-BED5-4452-9C6A-959F3C80E9D3@nostrum.com> <0bba5d6bb35fc2c229ff4283958aab4c@ekabal.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 Content-Transfer-Encoding: 7bit Cc: Cullen Jennings , Orit Levin , "simple@ietf.org" X-BeenThere: simple@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SIP for Instant Messaging and Presence Leveraging Extensions List-Unsubscribe: ,