Re: [AVTCORE] AD Evaluation of draft-ietf-avtcore-multiplex-guidelines-08 - substantive comments part
Bo Burman <bo.burman@ericsson.com> Fri, 12 July 2019 13:14 UTC
Return-Path: <bo.burman@ericsson.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B28DA1200C5 for <avt@ietfa.amsl.com>; Fri, 12 Jul 2019 06:14:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STyAmEx5DuuF for <avt@ietfa.amsl.com>; Fri, 12 Jul 2019 06:14:47 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50079.outbound.protection.outlook.com [40.107.5.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E726D120026 for <avt@ietf.org>; Fri, 12 Jul 2019 06:14:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cq5QicGYhk5m5o+89qzqZGzNdtYw5aHKV+tOZSiKGqPEVNZrpQgfbV1Pu64hxFFuT8OPAIL/97CgMRZ5PbO/AaWG4xHi1cuaVYJVcwU98cWexfjWQofCQYkDXGQhdG9D2dAoratfygW9sUDKJ6fU8ww0Eq4mOL0gaOjCO/cSVm3x2GTa6GFgLQqWZclCdj6Kc3iLj+RfnHHHRXfuITCwgFdHfhgVHzZn9VvBbX1SRYWUNZR87qcnghrxQcmj2vcI68/igX3stMfap/pkdmqFRC2sHhQulz4ihYXWW+k9EugHXz6yrd6o7uSrLnMG39c/k4qvX02HEbtQSZ+oig5WQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I4CnraJnVfpW631RDGq4Rzr5wiP1kDICzhM8n+RD+K0=; b=mau71ue4c439rj4fs50oI0q6FRhP9U+++E9RkqIe4TsrK6CfKIyuAMlJCdDmGRRgK0amE/GvzZDGAexx+yebAaSui+t4ekN/9hOniMEJDLL3qe4m9Wc5uGWfdGZ0T1gCRDduQVMQlHTBcc0o5CCShaydOObRUtnh2MGEFn6PpbiUwcr7YBiB+7VOqx37GYlBGZRVndbhBNopkrHtgxWosxmqNzWRVZU4pSH17Wl0O0XH99e4ISwuT+/eiLBmsiM9nt+gnQGIMoNOx1Aj+gYJYD1zMvGmodnGFiB+5pFIr2OncHi2uPbFSw0I7F1zZNNgkMBOOyUpYqN5RN1LdYM9Sw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=ericsson.com;dmarc=pass action=none header.from=ericsson.com;dkim=pass header.d=ericsson.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I4CnraJnVfpW631RDGq4Rzr5wiP1kDICzhM8n+RD+K0=; b=kxBw1ttiFn++bDJrv77RM8n2IdRTvLrYGY+LmlrIhfj8D+BcQZT67RWx1g4u6e+th4JIcKKOvKxmNggZZTtAeJ6g/TAhz42PC2KMVOP3pea9IXnUqdlxTWNCZ4Wt6WO+eUOPW7L2q0xPD9CvgaFIsNZNnDkqWGv3UrLlciWYFRw=
Received: from HE1PR07MB3259.eurprd07.prod.outlook.com (10.170.246.26) by HE1PR07MB4252.eurprd07.prod.outlook.com (20.176.166.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.7; Fri, 12 Jul 2019 13:14:41 +0000
Received: from HE1PR07MB3259.eurprd07.prod.outlook.com ([fe80::3df2:a30c:72de:e6af]) by HE1PR07MB3259.eurprd07.prod.outlook.com ([fe80::3df2:a30c:72de:e6af%4]) with mapi id 15.20.2094.007; Fri, 12 Jul 2019 13:14:41 +0000
From: Bo Burman <bo.burman@ericsson.com>
To: "avt@ietf.org" <avt@ietf.org>, Barry Leiba <barryleiba@computer.org>
Thread-Topic: AD Evaluation of draft-ietf-avtcore-multiplex-guidelines-08 - substantive comments part
Thread-Index: AdU4nkBGUDd4AJ/6QAWLxzqfWKtoWg==
Date: Fri, 12 Jul 2019 13:14:41 +0000
Message-ID: <HE1PR07MB3259C6623CB542A50361AC9A8DF20@HE1PR07MB3259.eurprd07.prod.outlook.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=bo.burman@ericsson.com;
x-originating-ip: [192.176.1.84]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: aa0a16be-b99e-4405-d034-08d706cae674
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(49563074)(7193020); SRVR:HE1PR07MB4252;
x-ms-traffictypediagnostic: HE1PR07MB4252:
x-microsoft-antispam-prvs: <HE1PR07MB42529C690944BFE85098AEA28DF20@HE1PR07MB4252.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00963989E5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(39860400002)(136003)(346002)(376002)(189003)(199004)(13464003)(52536014)(53546011)(6506007)(66616009)(66476007)(7696005)(86362001)(66556008)(99286004)(26005)(102836004)(64756008)(66446008)(66946007)(14454004)(71190400001)(71200400001)(14444005)(256004)(76116006)(5660300002)(229853002)(2501003)(316002)(6116002)(9686003)(6246003)(53936002)(66066001)(55016002)(486006)(25786009)(3846002)(8936002)(2906002)(110136005)(478600001)(305945005)(81156014)(81166006)(99936001)(186003)(6436002)(33656002)(7736002)(44832011)(476003)(8676002)(68736007)(74316002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB4252; H:HE1PR07MB3259.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: kMJ3ZkVez0Q26ppKOqPij2mCRfddYj7OdaUbKgA9i9uwdwlvF8B5FT6ITtIh9Johd1/6ZSl9iDrhQlubBbLGrcuTVMNAu9x5dm4y8SKJhPLCQK33TwZW0hf3z1fzquDo+3frTzqOlCrjAHIoau0LVzUm6HexvQX1W+h6wiEU5khvq9D6r7XWLiIu/wlTLp21KlB3EAj/bD0OfVnSvU3J8jB4XOb1Luv23wF0JoAEtRmI7MjZS7o4gqF2sFTU4Dwgo7b58KbtMrxUMWmjQ9XshNi83pPgJNyMDU0VSQDF4jbIgy67q67A4/oIGvtlyhYI+cWB0WOIwVNrL3+UyYL3XzvQj30v1+1eVQ3n0tycgDNqLAHUvwi32LWI7nwgLm+6fKlNBDA2s4OdYimZwVyNLCTBsH0wf8i9Es5IZbGRrzA=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0030_01D538C4.86282120"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: aa0a16be-b99e-4405-d034-08d706cae674
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jul 2019 13:14:41.2522 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: bo.burman@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4252
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/FUhbHZLX-4UUjMG7W33zCtil3jo>
Subject: Re: [AVTCORE] AD Evaluation of draft-ietf-avtcore-multiplex-guidelines-08 - substantive comments part
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jul 2019 13:14:51 -0000
Long overdue, this is a response to the AD review, commenting on the substantive part inline below. My response to the editorial comments will follow in a separate mail. Cheers, /Bo > -----Original Message----- > From: Ben Campbell <ben@nostrum.com> > Sent: den 27 mars 2019 15:26 > To: draft-ietf-avtcore-multiplex-guidelines.all@ietf.org > Cc: Barry Leiba <barryleiba@computer.org> > Subject: AD Evaluation of draft-ietf-avtcore-multiplex-guidelines-08 > > Hi, > > This is my AD evaluation of draft-ietf-avtcore-multiplex-guidelines-08. > > I have a few material comments and a number of editorial comments. I don’t > think any of these need block IETF LC. They can be handled along with any > other IETF LC feedback. > > Also, Barry will become the responsible AD after today, so the resolution of > my comments will be at his discretion. > > Thanks! > > Ben. > > ———————————————— > > *** Substantive Comments *** > > § 3.4.1: Please don’t quote that much material. It’s better to reference it, > especially since RFC 3550 predates the current IPR rules. [BoB] That probably makes sense, but on the other hand makes it harder to follow what the quoted arguments from RFC 3550 are that we are discussing. Would it be a workable middle-way to include shortened versions of the bullets in RFC 3550 with the same numbering that provides the reader with at least some context before commenting on them? > > §3.4.3, last paragraph: This paragraph recommends going against a 3550 > recommendation. I realize this is an informational draft offering opinions > rather than normative text, but did the WG consider an update to 3550? [BoB] Not entirely sure what is suggested, but will assume it doesn't suggest we change _this_ document to update RFC 3550, but rather if the WG has considered creating a small standards track RFC changing just that recommendation? I cannot recall the WG considering that. Does the WG believe such update is needed? > > §3.4.4: "Those receivers that are not seeing packet loss don’t need to join > the multicast group with the FEC data, and so avoid the overhead of receiving > unnecessary FEC packets, for example.” > > Does this require the receiver to predict in advance whether packet loss may > occur during the session? [BoB] That was not the intent, but it could wait to join the FEC data group until observed loss rate is considered too high, or it could choose to leave if observed loss rate is very low. > > §4.1.3: "For applications that uses any security mechanism, e.g., in the form > of SRTP, the gateway needs to be able to decrypt incoming packets and re- > encrypt them in the other application’s security context.” > > It seems like this should also talk about authentication/signing, at least for > when modifications to the packets occur. [BoB] What about re-phrasing to "For applications that use any security mechanism, e.g., in the form of SRTP, the gateway needs to be able to decrypt and verify source integrity of the incoming packets, and re-encrypt, integrity protect, and sign the packets as peer in the other application’s security context"? > > §4.3.2: It’s not clear to me that this section is specific to multiplexing. [BoB] Agree. Suggest to clarify that better, e.g. changing the first sentence to "The capabilities of the key-management combined with the RTP multiplexing choices affects the resulting security properties, control over the secured media, and who have access to it". Also suggest to add a sentence on how PERC (draft-ietf-perc-private-media-framework) provides yet another trust model, which happened since this text was originally written. > > §10.2: The following references need to be normative since they are needed > to fully understand guidance or security considerations: > > ietf-avtcore-multi-media-rtp-session > [I-D.ietf-mmusic-rid] > [I-D.ietf-mmusic-sdp-bundle-negotiation] > [I-D.ietf-mmusic-sdp-simulcast] > [I-D.ietf-perc-srtp-ekt-diet] > RFC 3551 > RFC 3711 > RFC 3830 > RFC 4585 > RFC 5760 > RFC 5761 > RFC 5776 > RFC 7667 [BoB] OK (5776 above should likely be 5576, though) > > - Appendix A: "To use payload type as the single discriminator for multiple > streams implies that all the different RTP streams are being sent with the > same SSRC, thus using the same timestamp and sequence number space.” > > That doesn’t seem to make sense. How could discriminating on PT mean that > all streams use the same PT? [BoB] I think this was either misread (the text says "same SSRC", not "same PT"), or alternatively didn't consider that PT is assumed to be "single discriminator", which means that SSRC indeed is the same for all packets. I don’t see that any change would be necessary.
- Re: [AVTCORE] AD Evaluation of draft-ietf-avtcore… Bo Burman
- Re: [AVTCORE] AD Evaluation of draft-ietf-avtcore… Magnus Westerlund