[AVTCORE] AD review: draft-ietf-avt-srtp-not-mandatory and draft-ietf-avtcore-rtp-security-options

Richard Barnes <rlb@ipv.sx> Sun, 03 November 2013 00:12 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC5F721E8135 for <avt@ietfa.amsl.com>; Sat, 2 Nov 2013 17:12:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.885
X-Spam-Level:
X-Spam-Status: No, score=-2.885 tagged_above=-999 required=5 tests=[AWL=0.091, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u6KLjkmWUHxB for <avt@ietfa.amsl.com>; Sat, 2 Nov 2013 17:12:31 -0700 (PDT)
Received: from mail-oa0-f49.google.com (mail-oa0-f49.google.com [209.85.219.49]) by ietfa.amsl.com (Postfix) with ESMTP id 8EC5D21E8134 for <avt@ietf.org>; Sat, 2 Nov 2013 17:12:28 -0700 (PDT)
Received: by mail-oa0-f49.google.com with SMTP id j10so5878819oah.22 for <avt@ietf.org>; Sat, 02 Nov 2013 17:12:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=E603biVN88DPo95Ajx0dslOJHtzDoxUIoVoNAkB3Q1A=; b=M/1lvvAUnWf3v9pwVDK4wPjv9640WrA3KvgQEhuUkg+9lY6j+AgWLVJb6SZkAcyD2t m+vb1xzzhIyJw40emFzZU7e+Nc4augASww9EASVI6iYnpLoDjAANMR9PUloC8BVGYDOJ 8CPTOOY3c3W/tid3sPE350+7X4k6rG6Dbj7Oa+bYDZe1M+Rl7jKBn62JFjlrBd/8BxTz IXWakcm0lSxWzcSpmFXVj/eqPFcLyjypW21L3J+2VqybNgvYIIype6QqAzBhlEi06AeX +hsEe/weIFoRkG1nWt8MKq17wH95cHyNsxvAUzejrDkYrjajyH5bCbrasqEx8OOCK90/ rYrQ==
X-Gm-Message-State: ALoCoQku10pjdwUvK+SdCINcXccqRrcXcqGqa7ANRg09vgnw726JUuUgrYhp4FBImmrLx7jkswaq
MIME-Version: 1.0
X-Received: by 10.60.59.5 with SMTP id v5mr7927916oeq.30.1383437547970; Sat, 02 Nov 2013 17:12:27 -0700 (PDT)
Received: by 10.60.31.74 with HTTP; Sat, 2 Nov 2013 17:12:27 -0700 (PDT)
Date: Sat, 2 Nov 2013 17:12:27 -0700
Message-ID: <CAL02cgRRvx8puZoDRHv39Am+2oHy44iion_x77WfiqW0hEPgxw@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: avt@ietf.org, draft-ietf-avt-srtp-not-mandatory@tools.ietf.org, draft-ietf-avtcore-rtp-security-options@tools.ietf.org
Content-Type: multipart/alternative; boundary=089e015376b69dbf4a04ea3aa788
Subject: [AVTCORE] AD review: draft-ietf-avt-srtp-not-mandatory and draft-ietf-avtcore-rtp-security-options
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Nov 2013 00:12:37 -0000

On draft-ietf-avt-srtp-not-mandatory:
I have reviewed this draft in preparation for IETF Last Call and IESG
processing.  Clearly, this is not the best moment in history to be making
this sort of argument, given the increased focus on .  However, I think
this document makes the case pretty clearly.  It helps to have
draft-ietf-avtcore-rtp-security-options as a positive statement to go
alongside this document.

On draft-ietf-avtcore-rtp-security-options:
I have reviewed this draft in preparation for IETF Last Call and IESG
processing.  One question to discuss briefly before IETF LC:  My major
concern is that it seems like there's a lot of old stuff in here.  Has the
WG considered explicitly marking each of the mechanisms with some sort of
recommendation level?  I would like to avoid having someone choose SDES in
a case where they could use DTLS-SRTP, for example.

If the authors could follow up on that one point, we should be able to get
these both into LC soon.

Thanks,
--Richard