Re: [AVTCORE] Comments on draft-ietf-avtcore-srtp-aes-gcm-05
Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 14 August 2013 13:42 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5ABD11E8152 for <avt@ietfa.amsl.com>; Wed, 14 Aug 2013 06:42:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.219
X-Spam-Level:
X-Spam-Status: No, score=-104.219 tagged_above=-999 required=5 tests=[AWL=-1.620, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PNYJisShGgeG for <avt@ietfa.amsl.com>; Wed, 14 Aug 2013 06:41:58 -0700 (PDT)
Received: from sesbmg20.ericsson.net (sesbmg20.ericsson.net [193.180.251.56]) by ietfa.amsl.com (Postfix) with ESMTP id 4EC5611E8165 for <avt@ietf.org>; Wed, 14 Aug 2013 06:41:56 -0700 (PDT)
X-AuditID: c1b4fb38-b7fcf8e0000062b8-42-520b89232a2b
Received: from ESESSHC006.ericsson.se (Unknown_Domain [153.88.253.125]) by sesbmg20.ericsson.net (Symantec Mail Security) with SMTP id F6.87.25272.3298B025; Wed, 14 Aug 2013 15:41:55 +0200 (CEST)
Received: from [127.0.0.1] (153.88.183.17) by smtp.internal.ericsson.com (153.88.183.38) with Microsoft SMTP Server id 14.2.328.9; Wed, 14 Aug 2013 15:41:54 +0200
Message-ID: <520B8964.5070108@ericsson.com>
Date: Wed, 14 Aug 2013 15:43:00 +0200
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: "draft-ietf-avtcore-srtp-aes-gcm@tools.ietf.org" <draft-ietf-avtcore-srtp-aes-gcm@tools.ietf.org>
References: <51700CB9.4030601@ericsson.com>
In-Reply-To: <51700CB9.4030601@ericsson.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupjluLIzCtJLcpLzFFi42KZGfG3Vle5kzvI4NhCGYuXPSvZLdYeSXRg 8liy5CeTx5fLn9kCmKK4bFJSczLLUov07RK4Mk5OryyYqlSx9kRZA+N8qS5GTg4JAROJHavm skLYYhIX7q1n62Lk4hASOMoosW3tUhYIZxmjxLdte4EyHBy8AtoSX1pUQBpYBFQlLjz5zgRi swlYSNz80cgGYosKBEu0b/8KZvMKCEqcnPmEBcQWEUiXWHzmO5jNLKAkMXfpa2YQW1jAVWLu oXlgcSGg8SePvWUEsTkFdCS+vd/PBHGcpMS2RcfYIXr1JKZcbWGEsOUlmrfOZobpbWjqYJ3A KDQLyepZSFpmIWlZwMi8ipGjOLU4KTfdyGATIzBMD275bbGD8fJfm0OM0hwsSuK8W/TOBAoJ pCeWpGanphakFsUXleakFh9iZOLglGpgZAmfqspf0cTc13y9XPOE+b752i9/2Enf4+nfH5SU U116+czMgzbLvHQF3H5tUN9xLf5ixUcex98+la1fIutOxr3l2fS86dr2oy/6nqzZZFsjtTsm sIhhcw7PrL5Nws7PRZQyf+kd1eu8GnP6oqOYL3NRojTz2cXWm5mke6VcWsKTuucon6tXYinO SDTUYi4qTgQAw/K6xSECAAA=
Cc: IETF AVTCore WG <avt@ietf.org>
Subject: Re: [AVTCORE] Comments on draft-ietf-avtcore-srtp-aes-gcm-05
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Aug 2013 13:42:04 -0000
Hi,
I have checked the -07 version against these comments and think most are
resolved. I will comment where I believe there are still an issue.
On 2013-04-18 17:09, Magnus Westerlund wrote:
> Authors and WG,
>
> In my review of the draft in preparing the Document Shepherd's writeup I
> found some issues that I believe needs to be fixed.
>
> 1) Section 14.1:
> Security description [RFC 4568] defines SRTP "crypto suites"; a
> crypto suite corresponds to a particular AEAD algorithm in SRTP.
>
> As the registry is located on the SDP page it can be difficult to find
> and it also not named as written I propose to change this to:
>
> Security description [RFC 4568] defines the "SRTP Crypto Suite
> Registrations" registry on the "Session Description Protocol (SDP)
> Security Descriptions" page currently located at
> "http://www.iana.org/assignments/sdp-security-descriptions/sdp-security-descriptions.xml";
> a
> crypto suite corresponds to a particular AEAD algorithm in SRTP.
Section 15.1 now states with:
Session description [RFC4568] defines SRTP "crypto suites". A crypto
suite corresponds to a particular AEAD algorithm in SRTP. In order
to allow SDP to signal the use of the algorithms defined in this
document, IANA will register the following crypto suites into the
subregistry for SRTP crypto suites under Session Description Protocol
(SDP) Parameters:
I think this needs to be slightly corrected in two places:
Security descriptions [RFC4568] defines SRTP "crypto suites". A crypto
^^^^^^^^
suite corresponds to a particular AEAD algorithm in SRTP. In order
to allow SDP to signal the use of the algorithms defined in this
document, IANA will register the following crypto suites into the
subregistry for SRTP crypto suites under "Session Description
^
Protocol (SDP) Security Descriptions" Parameters:
^^^^^^^^^^^^^^^^^^^^^^
This corrects both the common name of the RFC and the correct name of
the page for the sub-registries.
>
>
> 3) Section 14.2:
>
> DTLS-SRTP [RFC5764] defines a DTLS-SRTP "SRTP Protection Profile";
>
> This registry is actually named "DTLS-SRTP Protection Profiles" on
> IANA's page.
Lets wait and see what IANA says about this. There is a discrepancy
between IANA's page and what is written in the RFC.
>
>
> 4) IANA registry:
>
> On the SRTP policy Type/Value list (derived from Table 6.10.1.a of
> [RFC3830]) we request the following addition:
>
> Type | Meaning | Possible values
> ----------------------------------------------------------------
> TBD | AEAD authentication tag length | 8, 12, or 16 (in octets)
>
>
> This registry is called :
>
> MIKEY Security Protocol Parameters at
> http://www.iana.org/assignments/mikey-payloads/mikey-payloads.xml
>
> Can you please confirm that it is this registry you want to add to?
Can you please confirm that this is the right registry and in that case
use the explicit name: "MIKEY Security Protocol Parameters".
>
>
> 5) IANA registry:
>
> 14.4. AEAD registry
>
> We request that IANA make the following additions to the AEAD
> registry:
>
> AEAD_AES_128_CCM_12 = TBD
> AEAD_AES_256_CCM_12 = TBD
>
>
> You are not using the exact correct names for the registry:
> http://www.iana.org/assignments/aead-parameters/aead-parameters.xml
>
> Would suggest that you should write this as:
>
> We request that IANA make the following additions to the IANA
> Authenticated Encryption with Associated Data (AEAD) Parameters page's
> registry for "AEAD Algorithms":
This appears to not been addressed either. I would strongly suggest that
you fix it.
cheers
Magnus Westerlund
----------------------------------------------------------------------
Multimedia Technologies, Ericsson Research EAB/TVM
----------------------------------------------------------------------
Ericsson AB | Phone +46 10 7148287
Färögatan 6 | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------
- [AVTCORE] Comments on draft-ietf-avtcore-srtp-aes… Magnus Westerlund
- Re: [AVTCORE] Comments on draft-ietf-avtcore-srtp… Magnus Westerlund