2.6.15 Open Security Area Directorate (saag)

NOTE: This charter is a snapshot of the 63rd IETF Meeting in Paris, France. It may now be out-of-date.

Last Modified: 2005-05-19

Chair(s):

Russ Housley <housley@vigilsec.com>
Sam Hartman <hartmans-ietf@mit.edu>

Security Area Director(s):

Russ Housley <housley@vigilsec.com>
Sam Hartman <hartmans-ietf@mit.edu>

Security Area Advisor:

Russ Housley <housley@vigilsec.com>

Mailing Lists:

General Discussion: saag@mit.edu
To Subscribe: saag-request@mit.edu
Archive:

Description of Working Group:


Goals and Milestones:

No Current Internet-Drafts

Request For Comments:

RFCStatusTitle
RFC3365 BCP Encryption and Security Requirements for IETF Standard Protocols

Current Meeting Report

Security Area Advisory Group (SAAG)
IETF 63, Paris, France
Minutes compiled by Sam Hartman and Russ Housley

Jeff Hutzelman, Ken Raeburn, and Nico Williams acted as jabber scribes for the meeting, and their output was very helpful in generating the minutes.


Introduction

Russ Housley presented the agenda:
      WG Reports
      BoF Reports
      Invited Presentations
         - ITU-T Recommendation X.805
         - Unicode Security Considerations
      Open Microphone

Working Group and BoF Reports (saag-2005-08.ppt)

Each working group or BoF that had a meeting at IETF 63 gave a very brief summary of the session. Please see the minutes for each of these sessions. The highlights are not repeated here.

Reports were given by:
Kitten
KRB-WG
LTANS
OpenPGP
ISMS
PKIX
SASL
MSEC
PKI4IPsec
INCH
SACRED
MOBIKE
BTNS
Hash BOF
SecMech BOF
ALIEN BOF
MASS BOF

ITU-T Recommendation X.805 -- Security Architecture (X805.ppt)

Zachary Zeltsan from Bell Labs gave a presentation on ITU-T Recommendation X.805, which defines a security architecture for looking at security issues affecting end-to-end communications over a network. The goal of the presentation was to introduce this document to the IETF community. Refer to the slides for the content of the presentation. After the presentaation, questions were asked:
  • Eric Rescorla raised a concern that some of the security diminsions seem non-orthogonal and confusing in the IP environment.


  • Sam Hartman was concerned that communications security in the X.805 model does not map well onto IETF visions of communications security. Examples of X.805 communications security included VPNs, MPLS and L2TP. IETF would look at communications security as things like TLS, SSH or IPsec. So, there may be terminology mismatches.


  • Denis Pinkas started a discussion of the handling of audit and alarm indications. He was concerned these might not be handled. There was discussion of whether non-repudiation was intended to include these items.


  • Members of the IETF community can obtain the X.805 document free of charge. Each email address is allowed to download three ITU documents each year.


  • X.805 has proved a useful model for thinking about security in the NGN Focus Group. Perhaps it will be useful within the IETF.


  • The presentation was invited for two reasons. First, the ADs believe it helps to understand how other SDOs think about security architecture. Second, if IETF document authors find X.805 a useful tool, they can use it. For example if parts of X.805 provided a valuable framework for analyzing security it could be used in a security considerations section. However there is no plan to mandate the use of X.805; it should not be used in cases where it is not valuable.


Unicode Security Considerations (unicode.pdf)

Michel Suignard from Microsoft gave a presentation on Unicode security considerations. As Unicode is used in security sensitive applications, there are a number of ways where two strings that look similar or identical can actually be different strings. Examples include domain names and other iidentifiers. The presentation discussed many of the causes of these problems and gave numerous examples of potentially confusing character combinations. The presentation also discussed the Unicode Consortium's current best practices in avoiding these problems. The presentation was followed by questions:
  • Paul Hoffman pointed out that in addition to the Unicode security issues people need to be aware of encoding. The most obvious case of this is the URL parsing attacks where Unicode escapes could be used to get around prohibited characters. Paul specifically mentioned cases where identifiers and text in environment might use different encodings. Paul warned that functions trying to enforce Unicode limitations might need to consider as many as seven common encodings.


  • Another concern is scripts written to assume that their input is just octets. With US ASCII there is only one way to represent characters. However if some parts of a system interpret characters as Unicode and some as ASCII, then problems may result. Network management scripts may be a particular concern.


  • The issue of backward compatibility was discussed. The IETF is in an unfortunate position because in order to correct errors in normalization the Unicode consortium made non-backward-compatible changes. These changes require us to decide what to do about the stringprep specification. Currently, stringprep is still using an old version of Unicode. Michel points out that this is not an acceptable long-term solution because characters have been added that parts of the world will want to use.


  • Nico Williams pointed out that there are other levels at which this problem exists. For example, misspellings can be instances of the same problem. Also, the ways in which we can fix this problem are limited. For instance, we cannot add prohibited characters to stringprep tables.


  • There was a discussion of the common solutions proposed to address this problem. Solutions include awareness of language and awareness of characters that do not normally go together. None of these solutions is perfect.


Open Microphone

Stephen Farrell made a very brief announcement regarding the EU Security Research Programme. (See pasr.ppt)

The SIPPING WG Chairs asked for security review of some documents. (See review.pdf)

Slides

Agenda
X.805 Security Architecture for Systems Providing End-to-End Communications
Unicode Security Considerations (TR#36)
EU Security Research Programme
A request from the SIPPING chairs