ietf 67 sip meeting
play

IETF 67 SIP meeting draft-ietf-sip-connected-identity-02 Current - PowerPoint PPT Presentation

Nov 19, 2022 •108 likes •194 views

IETF 67 SIP meeting draft-ietf-sip-connected-identity-02 Current status Finished WGLC (based on 01) 02 fixes all issues raised during WGLC, except one The exception concerns rejection of SIP requests by an RFC 4474 Verifier

  1. IETF 67 SIP meeting draft-ietf-sip-connected-identity-02

  2. Current status • Finished WGLC (based on 01) • 02 fixes all issues raised during WGLC, except one • The exception concerns rejection of SIP requests by an RFC 4474 Verifier • Although 02 does deal with this, it is not clear that there is community buy-in for this solution (more a lack of comment rather than violent opposition)

  3. The issue • What to do if mid-dialog request gets rejected by RFC 4474 Verifier? – RFC leaves it to policy whether to reject a request with 428 if Identity not present – RFC mandates rejecting with: • 436 if can’t dereference URL in Identity-Info • 437 if there is a problem with the cert, or • 438 if the signature doesn’t match

  4. Discussion • 428 avoidable if policy not to reject mid-dialog requests. Connected-identity draft can and does mandate this. • 436/437/438 are bigger problems, because RFC 4474 mandates their use. • Repeating a rejected request without Identity is not generally an option, because Authentication Service is typically at proxy, not at UAC. • Rejecting a mid-dialog request just because certificate is not trusted (437) seems harsh

  5. High level options • No update to RFC 4474 – Abandon dialog if get rejection – unsatisfactory? – Just ignore – unsatisfactory if connected-identity is not the sole purpose of the mid-dialog request – Retry with anonymous@anonymous.invalid – may mislead the user • Connected-identity updates RFC 4474 for mid- dialog requests only (as proposed in 02) • New document updates RFC 4474 – For mid-dialog requests only, or – For all requests

  6. Possible updating to RFC 4474 – Changes to Verifier behaviour – options: • MUST NOT issue a 428 response to a mid-dialog request • Make it a matter of policy whether to reject with 437 or accept a request with an untrusted signature • SHOULD NOT reject a mid-dialog request with 437 • Remove Identity and Identity-Info when forwarding request with an untrusted signature

  7. Issues with update to RFC 4474 – Weakens the security properties of RFC 4474 – Removal of Identity and Identity-Info from forwarded request that fails to verify denies a downstream Verifier the opportunity to verify – On the other hand, leaving them there might mislead the UAS into assuming they have been verified – unless we require some positive indication like P-Asserted-Identity to be inserted to indicate that verification has occurred

  8. Proposal – Recommend that policy should be not to send 428 response to a mid-dialog request – Abandon dialog if get back 428/436/437/438 response to a mid-dialog request – Benefits of simplicity and maintaining the full security properties of RFC 4474 – Cons: • Possibly too harsh in case of 437 • Receiver of 428/436/437/438 will not be able to send BYE, so verifier will need to do so

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Source Address Validation Improvements BoF 70 th IETF meeting, Vancouver 70 th IETF meeting,

Source Address Validation Improvements BoF 70 th IETF meeting, Vancouver 70 th IETF meeting,

Source Address Validation Improvements BoF 70 th IETF meeting, Vancouver 70 th IETF meeting, Vancouver December 5, 2007 Todays Agenda Problems to solve, focus for SAVI 10 min Danny McPherson, Christian Vogt IPv4 Source Guard An

335 views • 9 slides
EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as

EMU IETF 74 Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF

940 views • 7 slides
RPL: IPv6 Routing Protocol for Low Power and Lossy Networks (draft-ietf-roll-rpl-04) RPL Design

RPL: IPv6 Routing Protocol for Low Power and Lossy Networks (draft-ietf-roll-rpl-04) RPL Design

RPL: IPv6 Routing Protocol for Low Power and Lossy Networks (draft-ietf-roll-rpl-04) RPL Design Team ROLL WG Meeting 76th IETF Meeting Hiroshima, Japan 11/10/2009 76th IETF Meeting - ROLL WG 1 Outline Basic Approach Mechanism

758 views • 39 slides
The fid attribute draft-ietf-mmusic-fid-00.txt Gonzalo.Camarillo@ericsson.com MMUSIC WG meeting

The fid attribute draft-ietf-mmusic-fid-00.txt Gonzalo.Camarillo@ericsson.com MMUSIC WG meeting

50th IETF MMUSIC WG meeting The fid attribute draft-ietf-mmusic-fid-00.txt Gonzalo.Camarillo@ericsson.com MMUSIC WG meeting Gonzalo.Camarillo@ericsson.com March 22th, 2001 50th IETF Outline Brief introduction to media flows Examples

339 views • 8 slides
IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195

IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195

IETF Status at IETF 85 Russ Housley IETF Chair 1 IETF 85 Participants l 1098 people l 195 newcomers l IETF 82 was 948 people l 55 countries l IETF 82 was 48 countries IETF 82 was held in US JP CN FR UK Taipei, Taiwan DE

327 views • 8 slides
Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1

Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1

Welcome to the IETF! Would you like instructions? Mike StJohns IETF 97 Seoul, South Korea 1 IETF Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any

637 views • 29 slides
Welcome to the IETF! You are standing at the end of the road before a small brick building

Welcome to the IETF! You are standing at the end of the road before a small brick building

Welcome to the IETF! You are standing at the end of the road before a small brick building Mike StJohns IETF 99 Prague, CZ IETF Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF

582 views • 29 slides
Non-Congestion Robustness (NCR) for TCP draft-ietf-tcpm-draft-ietf-tcpm-tcp-dcr-03.txt IETF 62 -

Non-Congestion Robustness (NCR) for TCP draft-ietf-tcpm-draft-ietf-tcpm-tcp-dcr-03.txt IETF 62 -

Non-Congestion Robustness (NCR) for TCP draft-ietf-tcpm-draft-ietf-tcpm-tcp-dcr-03.txt IETF 62 - March 2005 Sumitha Bhandarkar, A. L. Narasimha Reddy, Mark Allman, Ethan Blanton "Hit our satellite with feeling, Give the people what they

363 views • 8 slides
BFD IETF 68 David Ward Note Well Any submission to the IETF intended by the Contributor

BFD IETF 68 David Ward Note Well Any submission to the IETF intended by the Contributor

BFD IETF 68 David Ward Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an

399 views • 22 slides
Guidelines and Registration Procedures for New URI Schemes draft-ietf-appsawg-uri-scheme-reg-01

Guidelines and Registration Procedures for New URI Schemes draft-ietf-appsawg-uri-scheme-reg-01

Guidelines and Registration Procedures for New URI Schemes draft-ietf-appsawg-uri-scheme-reg-01 Dave Thaler dthaler@microsoft.com appsawg - IETF 90 1 Status Two revisions since last IETF meeting 8 open tickets 3 of them were

314 views • 7 slides
IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-106, Singapore

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-106, Singapore

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-106, Singapore November 2019 Making the Internet work better IETF Administration LLC Who serves on the Board? Peter Maja Jason Sean Alissa Van Roste Livingood,

391 views • 10 slides
IP Telephony (iptel) IETF 56 Note Well All statements related to the activities of the IETF

IP Telephony (iptel) IETF 56 Note Well All statements related to the activities of the IETF

IP Telephony (iptel) IETF 56 Note Well All statements related to the activities of the IETF and addressed to the IETF are subject to all provisions of Section 10 of RFC 2026, which grants to the IETF and its participants certain licenses

198 views • 9 slides
SMTP adaptation with OPES draft-ietf-opes-smtp-00.txt OPES WG meeting on 64 th IETF in Vancouver,

SMTP adaptation with OPES draft-ietf-opes-smtp-00.txt OPES WG meeting on 64 th IETF in Vancouver,

SMTP adaptation with OPES draft-ietf-opes-smtp-00.txt OPES WG meeting on 64 th IETF in Vancouver, BC, Canada Martin Stecher (martin.stecher@webwasher.com) Clemens Perz (cperz@allaboutit.lu) Presented by Paul Knight (paul.knight@nortel.com)

496 views • 22 slides
WIDEX Working Group IETF 64 Note Well Any submission to the IETF intended by the Contributor

WIDEX Working Group IETF 64 Note Well Any submission to the IETF intended by the Contributor

WIDEX Working Group IETF 64 Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an

450 views • 8 slides
Long-Term IETF Support May 2016 How Is the IETF Currently Funded? IE IETF Funding Sources

Long-Term IETF Support May 2016 How Is the IETF Currently Funded? IE IETF Funding Sources

Jari Arkko Sean Turner Greg Kapfer ISOC Board Chair, IETF ISOC CFO Treasurer Expert, Ericsson Long-Term IETF Support May 2016 How Is the IETF Currently Funded? IE IETF Funding Sources 2008-2016 ( 2016 (US$ 000s S$ 000s) $7, $7,000 000

135 views • 11 slides
IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-105, Montreal July

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-105, Montreal July

IETF LLC Report Presented By: Jason Livingood Chair, IETF LLC Board IETF-105, Montreal July 2019 Making the Internet work better IETF Administration LLC Who serves on the Board? Peter Maja Jason Sean Alissa Van Roste Livingood,

256 views • 13 slides
ECON 626: Applied Microeconomics Lecture 9: Multiple Test Corrections Professors: Pamela Jakiela

ECON 626: Applied Microeconomics Lecture 9: Multiple Test Corrections Professors: Pamela Jakiela

ECON 626: Applied Microeconomics Lecture 9: Multiple Test Corrections Professors: Pamela Jakiela and Owen Ozier Multiple Hypothesis Testing: The Problem Consider testing 100 true null hypotheses how many will rejected? UMD Economics 626:

772 views • 51 slides
Sampling Methods Oliver Schulte - CMPT 419/726 Bishop PRML Ch. 11 Sampling Rejection Sampling

Sampling Methods Oliver Schulte - CMPT 419/726 Bishop PRML Ch. 11 Sampling Rejection Sampling

Sampling Rejection Sampling Importance Sampling Markov Chain Monte Carlo Sampling Methods Oliver Schulte - CMPT 419/726 Bishop PRML Ch. 11 Sampling Rejection Sampling Importance Sampling Markov Chain Monte Carlo Recall Inference For

573 views • 41 slides
Advanced Algorithms (X) Shanghai Jiao Tong University Chihao Zhang May 11, 2020 Estimate

Advanced Algorithms (X) Shanghai Jiao Tong University Chihao Zhang May 11, 2020 Estimate

Advanced Algorithms (X) Shanghai Jiao Tong University Chihao Zhang May 11, 2020 Estimate Estimate One can design a Monte-Carlo algorithm to estimate the value of Estimate One can design a Monte-Carlo algorithm to estimate the value

1.44k views • 71 slides
Lecture 5: Sampling (Monte Carlo Methods) Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel

Lecture 5: Sampling (Monte Carlo Methods) Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel

CS598JHM: Advanced NLP (Spring 2013) http://courses.engr.illinois.edu/cs598jhm/ Lecture 5: Sampling (Monte Carlo Methods) Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Office hours: by appointment The goal of Monte Carlo

413 views • 17 slides
What we told CVPR 18 ACs Slides edited by: DAF, from slides by DAF, Ivan, Deva, Aude Outline

What we told CVPR 18 ACs Slides edited by: DAF, from slides by DAF, Ivan, Deva, Aude Outline

SSID: UofT Username: acmeeting2018 password: cvpr2018 What we told CVPR 18 ACs Slides edited by: DAF, from slides by DAF, Ivan, Deva, Aude Outline Quick reflections on our state What we told ACs minus a bunch of

383 views • 21 slides
Distributed Algorithms for MCMC Sampling Yitong Yin Nanjing University Shonan Meeting No. 162:

Distributed Algorithms for MCMC Sampling Yitong Yin Nanjing University Shonan Meeting No. 162:

Distributed Algorithms for MCMC Sampling Yitong Yin Nanjing University Shonan Meeting No. 162: Distributed Graph Algorithms Outline Distributed Sampling Problem Gibbs Distribution (distribution defined by local constraints)

499 views • 37 slides
Intr oduc tion to E c onome tr ic s Chapte r 4 E ze quie l Ur ie l Jim ne z Unive r

Intr oduc tion to E c onome tr ic s Chapte r 4 E ze quie l Ur ie l Jim ne z Unive r

Intr oduc tion to E c onome tr ic s Chapte r 4 E ze quie l Ur ie l Jim ne z Unive r sity of Vale nc ia Vale nc ia, Se pte mbe r 2013 4 Hypothe sis te sting in the multiple r e gr e ssion mode l 4.1 Hypothe sis te sting: an ove r

535 views • 32 slides
Random Sampling from a Search Engines Index Ziv Bar-Yossef Maxim Gurevich Department of

Random Sampling from a Search Engines Index Ziv Bar-Yossef Maxim Gurevich Department of

Random Sampling from a Search Engines Index Ziv Bar-Yossef Maxim Gurevich Department of Electrical Engineering Technion 1 Search Engine Samplers Search Engine Web Public Public D Index Interface Interface Top k results Queries

433 views • 26 slides

More recommend