From daemon@optimus.ietf.org Thu Apr 18 18:45:48 2002 Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24861 for ; Thu, 18 Apr 2002 18:45:48 -0400 (EDT) Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id SAA10042 for sip-security-archive@odin.ietf.org; Thu, 18 Apr 2002 18:45:51 -0400 (EDT) Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id SAA09994; Thu, 18 Apr 2002 18:44:51 -0400 (EDT) Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id SAA09961 for ; Thu, 18 Apr 2002 18:44:46 -0400 (EDT) Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.76.82]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24855 for ; Thu, 18 Apr 2002 18:44:40 -0400 (EDT) Received: from GROSE.qualcomm.com (servo.qualcomm.com [129.46.76.82]) by servo.qualcomm.com (8.12.1/8.12.1/1.0) with ESMTP id g3IMiNQP005343; Thu, 18 Apr 2002 15:44:23 -0700 (PDT) Message-Id: <5.1.0.14.2.20020419084411.02dd4c88@127.0.0.1> X-Sender: ggr2@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 19 Apr 2002 08:44:47 +1000 To: aki.niemi@nokia.com From: Greg Rose Cc: 3GPP_TSG_SA_WG3@list.etsi.fr, sip-security@ietf.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: [Sip-security] Re: Digest AKA in IETF Sender: sip-security-admin@ietf.org Errors-To: sip-security-admin@ietf.org X-Mailman-Version: 1.0 Precedence: bulk List-Id: Security Issues for the SIP protocol X-BeenThere: sip-security@ietf.org [Resend -- I goofed the sip-security address.] At 02:36 PM 4/18/2002 +0300, Aki Niemi wrote: >The draft is in WG Last Call starting from beginning of this week, and >will remain so for two weeks. This is the time to collect comments from >the WG review of the document. Once the WGLC ends, the document will enter >IETF LC for two weeks, now soliciting feedback from the entire IETF >community. After that the draft is ready for the IESG, and to pursuit >Standards Track RFC status. The objective is to do all this by mid May (in >bundle #2). > >Please comment the draft, and also preferably send the comments also on >the SIP WG list at: Hello Aki, I directed this message to sip.security, rather than all of sip... I apologise if this is the wrong thing to do. The draft appears to allow "algorithm=AKAv1-MD5-sess", which would implicitly allow reuse of the (possibly only 32-bit) RES in the context of the password. As we have already discussed on this list, that would be both insecure and contrary to the intent of AKA. Unless there is an explicit reason for inclusion of this option (other than allowing reuse of RES...) I would limit AKA to be used only with MD5 and not MD5-sess. regards, Greg. Greg Rose INTERNET: ggr@qualcomm.com Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199 Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/ Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C _______________________________________________ Sip-security mailing list Sip-security@ietf.org https://www1.ietf.org/mailman/listinfo/sip-security From daemon@ns.ietf.org Fri Apr 19 01:51:58 2002 Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA03028 for ; Fri, 19 Apr 2002 01:51:58 -0400 (EDT) Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id BAA13365 for sip-security-archive@odin.ietf.org; Fri, 19 Apr 2002 01:51:58 -0400 (EDT) Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id BAA13293; Fri, 19 Apr 2002 01:49:37 -0400 (EDT) Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id BAA13256 for ; Fri, 19 Apr 2002 01:49:34 -0400 (EDT) Received: from p2.piuha.net (p2.piuha.net [131.160.192.2]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA02970 for ; Fri, 19 Apr 2002 01:49:33 -0400 (EDT) Received: from piuha.net (p4.piuha.net [131.160.192.4]) by p2.piuha.net (Postfix) with ESMTP id 895206A905; Fri, 19 Apr 2002 08:49:22 +0300 (EEST) Message-ID: <3CBFB009.9060908@piuha.net> Date: Fri, 19 Apr 2002 08:50:01 +0300 From: Jari Arkko Reply-To: jari.arkko@piuha.net Organization: None User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011014 X-Accept-Language: en-us MIME-Version: 1.0 To: Greg Rose , sip-security@ietf.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit Subject: [Sip-security] Re: Digest AKA in IETF Sender: sip-security-admin@ietf.org Errors-To: sip-security-admin@ietf.org X-Mailman-Version: 1.0 Precedence: bulk List-Id: Security Issues for the SIP protocol X-BeenThere: sip-security@ietf.org Content-Transfer-Encoding: 7bit Greg Rose wrote: > The draft appears to allow "algorithm=AKAv1-MD5-sess", which would > implicitly allow reuse of the (possibly only 32-bit) RES in > the context of the password. As we have already discussed on this list, > that would be both > insecure and contrary to the intent of AKA. Unless there is an explicit > reason for inclusion of this option (other than allowing reuse of RES...) I > would limit AKA to be used only with MD5 and not MD5-sess. Yes, and thanks for pointing this out. There is no reason to support MD5-sess and MD5 should be sufficient. Jari _______________________________________________ Sip-security mailing list Sip-security@ietf.org https://www1.ietf.org/mailman/listinfo/sip-security