Re: [AVTCORE] AD review: draft-ietf-avt-srtp-not-mandatory and draft-ietf-avtcore-rtp-security-options

Richard Barnes <rlb@ipv.sx> Fri, 22 November 2013 21:59 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 220341AE334 for <avt@ietfa.amsl.com>; Fri, 22 Nov 2013 13:59:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GunklraXI5NP for <avt@ietfa.amsl.com>; Fri, 22 Nov 2013 13:59:48 -0800 (PST)
Received: from mail-ob0-f175.google.com (mail-ob0-f175.google.com [209.85.214.175]) by ietfa.amsl.com (Postfix) with ESMTP id EFF421AE28E for <avt@ietf.org>; Fri, 22 Nov 2013 13:59:47 -0800 (PST)
Received: by mail-ob0-f175.google.com with SMTP id uz6so1937351obc.20 for <avt@ietf.org>; Fri, 22 Nov 2013 13:59:40 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=XCq1nrGUNUZMAfuK0PXM5VseAP81FxpL28W3SqeNVG8=; b=aBpdgF2RtEbh5FP/zyjCbai/j8tTY+WEmja+RGFDzon7e56TOmulrf18HxqKzGme3k /jdLQs8pjawDxVswsQ1fsQDascMXhJDbxF4yCjVHBibgz/bQkpVjdrkdA715XNiXLSpl tW10sffDU5caUZeznyaojpR0a+0oM7i1YEDvEm3eeQOHBpri6HC7BedveEZVyNh2Lt7X bKx7c8z3uyCFKJQZ6DQvxrlvYiHD429D11hgHSIEwRMJrnRHsLPzNuUqu712JjMD3Jyh 2Ffq7WGUk6u78PX2btkCB4gUv9RfBAKquEr3mVAkefJ5ezW4kp2ggS0Rfv8ryVr+BGvu jmNQ==
X-Gm-Message-State: ALoCoQmEVqYzKdiZZ0EZG981G8/n7vXfYneR/kwYvDtMwLb67Ek2+hxNvQms8zON92W0rAu88TWA
MIME-Version: 1.0
X-Received: by 10.60.51.7 with SMTP id g7mr12836933oeo.6.1385157580674; Fri, 22 Nov 2013 13:59:40 -0800 (PST)
Received: by 10.60.31.74 with HTTP; Fri, 22 Nov 2013 13:59:40 -0800 (PST)
In-Reply-To: <52824556.8020809@ericsson.com>
References: <CAL02cgRRvx8puZoDRHv39Am+2oHy44iion_x77WfiqW0hEPgxw@mail.gmail.com> <52824556.8020809@ericsson.com>
Date: Fri, 22 Nov 2013 16:59:40 -0500
Message-ID: <CAL02cgRCFmUJkfj--bCCPWeRzNX0woSG9i89ugqmmEOzmXRuew@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Content-Type: multipart/alternative; boundary=001a11c308e08dee9804ebcb2153
Cc: draft-ietf-avt-srtp-not-mandatory@tools.ietf.org, avt@ietf.org, draft-ietf-avtcore-rtp-security-options@tools.ietf.org
Subject: Re: [AVTCORE] AD review: draft-ietf-avt-srtp-not-mandatory and draft-ietf-avtcore-rtp-security-options
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Nov 2013 21:59:50 -0000

Hey Magnus,

That looks much better.  Thanks for the text.  I will put this out to LC
along with -srtp-not-mandatory.

--Richard


On Tue, Nov 12, 2013 at 10:12 AM, Magnus Westerlund <
magnus.westerlund@ericsson.com> wrote:

> Richard and WG,
>
> We have updated the RTP Security Options document. This adds three
> guidance sub-sections regarding automated key-management, tunnels vs
> end-to-end security and plain text key considerations.
>
> I also fixes a missing reference. All visible in the diff:
> http://www.ietf.org/rfcdiff?url2=draft-ietf-avtcore-rtp-security-options-09
>
> I hope everyone can take a look at these changes and react if they are
> wrong or non-acceptable.
>
> Cheers
>
> Magnus
>
> On 2013-11-03 01:12, Richard Barnes wrote:
> > On draft-ietf-avt-srtp-not-mandatory:
> > I have reviewed this draft in preparation for IETF Last Call and IESG
> > processing.  Clearly, this is not the best moment in history to be
> > making this sort of argument, given the increased focus on .  However, I
> > think this document makes the case pretty clearly.  It helps to have
> > draft-ietf-avtcore-rtp-security-options as a positive statement to go
> > alongside this document.
> >
> > On draft-ietf-avtcore-rtp-security-options:
> > I have reviewed this draft in preparation for IETF Last Call and IESG
> > processing.  One question to discuss briefly before IETF LC:  My major
> > concern is that it seems like there's a lot of old stuff in here.  Has
> > the WG considered explicitly marking each of the mechanisms with some
> > sort of recommendation level?  I would like to avoid having someone
> > choose SDES in a case where they could use DTLS-SRTP, for example.
> >
> > If the authors could follow up on that one point, we should be able to
> > get these both into LC soon.
> >
> > Thanks,
> > --Richard
>
>
> --
>
> Magnus Westerlund
>
> ----------------------------------------------------------------------
> Multimedia Technologies, Ericsson Research EAB/TVM
> ----------------------------------------------------------------------
> Ericsson AB                | Phone  +46 10 7148287
> Färögatan 6                | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------
>
>