Session PEERing for Multimedia INTerconnect (SPEERMINT) Security Threats and Suggested Countermeasures
RFC 6404

Revision differences

Document history

Date Rev. By Action
2015-10-14
09 (System) Notify list changed from speermint-chairs@ietf.org, draft-ietf-speermint-voipthreats@ietf.org to (None)
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Sean Turner
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Robert Sparks
2012-08-22
09 (System) post-migration administrative database adjustment to the No Objection position for Tim Polk
2011-11-07
09 Amy Vezza State changed to RFC Published from RFC Ed Queue.
2011-11-04
09 (System) RFC published
2011-09-13
09 Amy Vezza State changed to RFC Ed Queue from Approved-announcement sent.
2011-09-12
09 (System) IANA Action state changed to No IC from In Progress
2011-09-12
09 (System) IANA Action state changed to In Progress
2011-09-12
09 Amy Vezza IESG state changed to Approved-announcement sent
2011-09-12
09 Amy Vezza IESG has approved the document
2011-09-12
09 Amy Vezza Closed "Approve" ballot
2011-09-12
09 Amy Vezza Approval announcement text regenerated
2011-08-19
09 Robert Sparks [Ballot Position Update] Position for Robert Sparks has been changed to No Objection from Discuss
2011-08-16
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2011-08-16
09 (System) New version available: draft-ietf-speermint-voipthreats-09.txt
2011-06-08
09 Peter Saint-Andre [Ballot Position Update] Position for Peter Saint-Andre has been changed to No Objection from Discuss
2011-04-12
09 Gonzalo Camarillo State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation::AD Followup.
2011-03-30
09 Peter Saint-Andre
[Ballot discuss]
[I'm taking over this DISCUSS from Alexey Melnikov]

4.2.  DNSSEC

  DNSSEC has not seen wide deployment on the Internet (due to various ...
2011-03-28
09 Sean Turner [Ballot Position Update] Position for Sean Turner has been changed to No Objection from Discuss
2011-03-28
09 Tim Polk
[Ballot comment]
Thanks for the new scoping text in the Abstract (regarding an attack on one SSP from another, compromised, SSP). 

I would suggest adding ...
2011-03-28
09 Tim Polk [Ballot Position Update] Position for Tim Polk has been changed to No Objection from Discuss
2011-03-28
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2011-03-28
08 (System) New version available: draft-ietf-speermint-voipthreats-08.txt
2011-03-27
09 Alexey Melnikov [Ballot Position Update] Position for Alexey Melnikov has been changed to No Objection from Discuss
2011-03-27
09 Peter Saint-Andre
[Ballot comment]
Overall this document appears to provide a helpful summary of the relevant security issues.

Are the suggested countermeasures meant to be exhaustive? (Even ...
2011-03-27
09 Peter Saint-Andre
[Ballot discuss]
[I'm taking over this DISCUSS from Alexey Melnikov]

4.2.  DNSSEC

  DNSSEC has not seen wide deployment on the Internet (due to various ...
2011-03-27
09 Peter Saint-Andre [Ballot Position Update] Position for Peter Saint-Andre has been changed to Discuss from No Objection
2011-03-03
09 Cindy Morgan Removed from agenda for telechat
2011-03-03
09 Cindy Morgan State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation.
2011-03-03
09 Sean Turner
[Ballot discuss]
This is updated (removed #3)

#1) I support Tim's discusses.  One the 1st one I assume an SSP can be an attacker based ...
2011-03-03
09 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded
2011-03-03
09 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded
2011-03-03
09 Sean Turner
[Ballot discuss]
#1) I support Tim's discusses.  One the 1st one I assume an SSP can be an attacker based on the call-pattern attacks.

#2) ...
2011-03-03
09 Sean Turner [Ballot Position Update] New position, Discuss, has been recorded
2011-03-02
09 Tim Polk
[Ballot comment]
SQL injection is mentioned first in section 4. Suggest adding a quick description in section 2 somewhere.

Section 4.5 only talks about IPsec ...
2011-03-02
09 Tim Polk
[Ballot discuss]
This document does not seem to consider an attack on one SSP from another, compromised, SSP.  Is this attack explicitly out of scope ...
2011-03-02
09 Tim Polk [Ballot Position Update] New position, Discuss, has been recorded
2011-03-02
09 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded
2011-03-02
09 Alexey Melnikov
[Ballot comment]
2.3.1.  Threats to SF Confidentiality

  o  Password cracking - the challenge-response authentication
      mechanism of SIP can be attacked with ...
2011-03-02
09 Alexey Melnikov
[Ballot discuss]
(I am likely to clear this DISCUSS after some discussion with the editors)

4.2.  DNSSEC

  DNSSEC has not seen wide deployment on ...
2011-03-02
09 Alexey Melnikov [Ballot Position Update] New position, Discuss, has been recorded
2011-03-02
09 Stewart Bryant [Ballot Position Update] New position, No Objection, has been recorded
2011-03-02
09 Dan Romascanu [Ballot Position Update] New position, No Objection, has been recorded
2011-03-01
09 Peter Saint-Andre
[Ballot comment]
Overall this document appears to provide a helpful summary of the relevant security issues.

Are the suggested countermeasures meant to be exhaustive? (Even ...
2011-03-01
09 Peter Saint-Andre [Ballot Position Update] New position, No Objection, has been recorded
2011-03-01
09 Robert Sparks [Ballot comment]
Nits:

In section 2.3.2.3, alternation should be alteration
In section 4.1 I suggest substituting "document" for "literatures"
2011-03-01
09 Robert Sparks
[Ballot discuss]
1) The descriptions of several of the threats are incomplete, and as a result
significantly misleading. Rather than try to expand the description ...
2011-03-01
09 Robert Sparks [Ballot Position Update] New position, Discuss, has been recorded
2011-02-22
09 Gonzalo Camarillo [Ballot Position Update] New position, Yes, has been recorded for Gonzalo Camarillo
2011-02-22
09 Gonzalo Camarillo Ballot has been issued
2011-02-22
09 Gonzalo Camarillo Created "Approve" ballot
2011-02-22
09 Gonzalo Camarillo State changed to IESG Evaluation from Waiting for AD Go-Ahead.
2011-02-22
09 Gonzalo Camarillo Placed on agenda for telechat - 2011-03-03
2011-02-22
09 Gonzalo Camarillo Area acronym has been changed to rai from gen
2011-02-17
09 (System) State changed to Waiting for AD Go-Ahead from In Last Call.
2011-02-16
09 Samuel Weiler Request for Last Call review by SECDIR is assigned to Lt. Mundy
2011-02-16
09 Samuel Weiler Request for Last Call review by SECDIR is assigned to Lt. Mundy
2011-02-08
09 Amanda Baber We understand that this document does not require IANA actions.
2011-02-03
09 Amy Vezza Last call sent
2011-02-03
09 Amy Vezza
State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org> ...
2011-02-03
09 Gonzalo Camarillo Last Call was requested
2011-02-03
09 Gonzalo Camarillo State changed to Last Call Requested from AD Evaluation::AD Followup.
2011-02-03
09 Gonzalo Camarillo Last Call text changed
2011-02-03
09 (System) Ballot writeup text was added
2011-02-03
09 (System) Last call text was added
2011-02-03
09 (System) Ballot approval text was added
2011-01-25
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2011-01-25
07 (System) New version available: draft-ietf-speermint-voipthreats-07.txt
2011-01-20
09 Gonzalo Camarillo State changed to AD Evaluation::Revised ID Needed from AD Evaluation::AD Followup.
2010-11-07
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-11-07
06 (System) New version available: draft-ietf-speermint-voipthreats-06.txt
2010-09-29
09 Gonzalo Camarillo State changed to AD Evaluation::Revised ID Needed from Publication Requested by Gonzalo Camarillo
2010-09-27
09 Amy Vezza
Document Shepherd Write-Up:
1A. Who is the Document Shepherd for this document?
--Jason Livingood

1B. Has the Document Shepherd personally reviewed this version of the ...
2010-09-27
09 Amy Vezza Draft added in state Publication Requested by Amy Vezza
2010-09-27
09 Amy Vezza [Note]: 'Jason Livingood (Jason_Livingood@cable.comcast.com) is the document shepherd.' added by Amy Vezza
2010-09-23
05 (System) New version available: draft-ietf-speermint-voipthreats-05.txt
2010-09-01
04 (System) New version available: draft-ietf-speermint-voipthreats-04.txt
2010-07-12
03 (System) New version available: draft-ietf-speermint-voipthreats-03.txt
2010-03-08
02 (System) New version available: draft-ietf-speermint-voipthreats-02.txt
2010-01-14
09 (System) Document has expired
2009-07-13
01 (System) New version available: draft-ietf-speermint-voipthreats-01.txt
2008-11-17
00 (System) New version available: draft-ietf-speermint-voipthreats-00.txt