Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon.

Published byLetitia Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon."— Presentation transcript:

1 Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon

2 draft-ietf-stir-certificates-00 Now a WG item! Provides a certificate-based STIR credential system Defines attributes for telephones numbers and number ranges Defines ways of acquiring the certs – Largely follows the RFC4474 Identity-Info paradigm Sketches techniques for real-time cert validation

3 Enrollment Document assumes a threefold method – Direct assignment From numbering authorities, regulators, etc. – Delegation from above From other number holders – Proof of possession Last time we talk about this here, we had “no opposition” to going forward with that Cullen will talk more about this next… Do we need a credential strength, LoA?

4 In-band STIR Logical Architecture Inter- Mediary Inter- Mediary PBX Endpoint PBX Endpoint User Endpoint User Endpoint User Endpoint User Endpoint User Endpoint Logical Authority Logical Authority Unsigned Requests Inter- Mediary Inter- Mediary PBX Endpoint PBX Endpoint User Endpoint User Endpoint User Endpoint User Endpoint Credential Provisioning Credential Validation Signed Requests

5 How do verifiers find credentials? Can we uniquely identify the needed credential based on TN alone? – Depends on how many authorities there are – If a user, enterprise and carrier all have certs that cover a particular number, due to delegation Or proof-of-possession – Some kind of hint needed to disambiguate Identity-Info URI can contain this – For out-of-band, this is tough, we’ll talk about that next Remember the CIDER “public key index value”

6 And then, credential caching Deferred to this document from RFC4474bis Should Identity-Info contain a credential hash – Let verifiers know that they already hold the credential As multiple credentials might sign for the same number – So verifiers can’t just tell from the From canonicalization Some other form of UID for the credential also possible – Potentially complex interaction with caching Verifiers can’t assume the credential is still valid, so a lookup of some kind is still necessary But is there some value as an optimization?

7 Acquisition Protocols Different methods of acquiring certs – Push (e.g., credential arrives with a SIP request) MIME multipart body – Pull (e.g., verifier acquires credential on receipt of request) Either dereferencing Identity-Info URI DNS: or creating a fetch based on the originating number – For certs, current recommendation is to use EST (RFC7030) – Prefetch (verifier gets top 500 keys) with pull SIP SUBSCRIBE/NOTIFY mentioned in the text – Others? Probably – no need to choose one (but MTI?) DANE? If you there’s a DNS tree…

8 Open Issue: Handling Ranges But some entities will have authority over multiple numbers – Administrative domains could control millions of numbers In non-continuous ranges – Includes service providers, enterprises, resellers, etc. Ideally, a service provider should not have to have one credential per number – The draft contains syntax for number ranges – But past a certain point, certs get too big Do we want to have by-reference approach? – Cert contains URL, URL contains the list Reduces cert size – Or, cert contains a URL of a service where you can ask about a particular number

9 Expiry, Revocation and Rollover All credentials will have a lifetime – Ordinary rollover Sometimes keys will be compromised before their expiry – But telephone numbers change owners, get ported, transfer normally Some sort of real-time checking required – DNS gets this for free (presuming no caching) – For certs, pull method could encompass this check As could the prefetch – OCSP checks, but adds some overhead More investigation to be done here Related to by-reference number ranges? – URLs for that give fresh responses – same problem?

10 Open Issue: Public or Confidential Credentials? How much information are we willing to make public? – Should credentials advertise a subject (e.g., “AT&T”) Okay when a call is received to know the originating carrier? – Receiving user vs. receiving carrier may be different More seriously, can an attacker mine a public database to reveal who owns all numbers? – Will we introduce VIPR-like privacy leaks? Can we restrict access to the credentials? – Identity-Info, say, could carry short lived, unguessable URLs – How important is endpoint verification? Does trust become transitive if endpoints rely on intermediary verifiers?

11 Open Issue: Partial Delegation Authority over numbers conflates many powers – Power to claim identity for VoIP vs. SMS, power to port the number, etc. Should it be possible to delegate authority for specific services rather than the whole number? – e.g., my SMS provider can sign my texts (MESSAGE), but my voice provider signs my INVITEs Yes, example is kind of contrived Can I give my SMS provider a text-specific cert that would not enable to them to sign voice calls? Too complex? Do we need this?

12 Open Issue: Private Key Provisioning How do signers acquire and manage private keys for delegated certs? – Self-generated and provisioned at the authority? – Generated by the authority and downloaded to devices? Intermediaries and enterprises – Provision keys for number blocks, sign on behalf of calls/texts passing by – May possess many keys What’s the right tool to accomplish this?

13 END

Download ppt "Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon."

Similar presentations

Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.

Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn

Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
STIR Credentials IETF 88 (Vancouver) Wednesday Session Jon & Hadriel.

STIR Credentials IETF 88 (Vancouver) Wednesday Session Jon & Hadriel.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Namespaces in SPKI Carl M. Ellison Intel Architecture Labs

Namespaces in SPKI Carl M. Ellison Intel Architecture Labs
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Homework #8 Solutions Brian A. LaMacchia Portions © 2002-2006, Brian A. LaMacchia. This material is provided without.

Homework #8 Solutions Brian A. LaMacchia Portions © , Brian A. LaMacchia. This material is provided without.
SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.

SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.
Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.

Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.

Similar presentations

Ads by Google