Re: [AVTCORE] I-D Action: draft-ietf-avtcore-aria-sdes-00.txt

Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 02 June 2015 14:44 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DDF11ACD35; Tue, 2 Jun 2015 07:44:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d2LaRo2aC066; Tue, 2 Jun 2015 07:44:56 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D0731ACD34; Tue, 2 Jun 2015 07:44:54 -0700 (PDT)
X-AuditID: c1b4fb3a-f79ec6d000006dc0-f5-556dc165bb60
Received: from ESESSHC021.ericsson.se (Unknown_Domain [153.88.253.125]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 44.1C.28096.561CD655; Tue, 2 Jun 2015 16:44:53 +0200 (CEST)
Received: from [127.0.0.1] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.83) with Microsoft SMTP Server id 14.3.210.2; Tue, 2 Jun 2015 16:44:07 +0200
Message-ID: <556DC136.3090801@ericsson.com>
Date: Tue, 2 Jun 2015 16:44:06 +0200
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: <internet-drafts@ietf.org>, <i-d-announce@ietf.org>
References: <20150529083445.8323.60833.idtracker@ietfa.amsl.com>
In-Reply-To: <20150529083445.8323.60833.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrILMWRmVeSWpSXmKPExsUyM+JvrW7qwdxQgxkXZC1e9qxkt1iy6zmz xYe7uQ7MHkuW/GQKYIzisklJzcksSy3St0vgymiccYWl4DV3xffXr9kbGNdzdjFyckgImEis mvKFHcIWk7hwbz1bFyMXh5DAUUaJjw0TWCCcZYwSh4+cZwGp4hXQlpi74yZYB4uAisTmYxvB 4mwCFhI3fzSygdiiAlESUx+vg6oXlDg58wmQzcEhImAusWmZJUiYWUBI4vScb6wgYWEBN4mj F1JBwkICDhJtPYfAOjkFHCWmN95gAylhFrCXeLC1DKJTXqJ562xmiHJtiYamDtYJjIKzkOya hdAxC0nHAkbmVYyixanFxbnpRkZ6qUWZycXF+Xl6eaklmxiBYXpwy2+rHYwHnzseYhTgYFTi 4VXgyw0VYk0sK67MPcQozcGiJM7r2RUSKiSQnliSmp2aWpBaFF9UmpNafIiRiYNTqoGxw6aP I2H35SKTBzysU38siDGUkNngvNOS4Z/IuW3HHG33bTh3a/o8hs+uUSXLbe23HObeVv0vTdPz rN9NvbWPE0pT48+Ev/KbK3k02O3/3fnaXdEdU4zr/OfKzWyIzv0jtDnw8cwz195mtO+b2G2y TbB237yPLOnGVnMn2/RM2b2B+/u7boMHSizFGYmGWsxFxYkAD9QauzQCAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/avt/EGnjyhMup46z5MWt_dhW1rC7_ZM>
Cc: avt@ietf.org
Subject: Re: [AVTCORE] I-D Action: draft-ietf-avtcore-aria-sdes-00.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2015 14:44:57 -0000

Hi,

I have reviewed this draft based on the split.

1. Section 1:

    This document defines Secure Real-time Transport Protocol (SRTP)
    [RFC3711] crypto suites based on the the ARIA [RFC5794] block cipher
    algorithm for use with the SDP Security Descriptions attributes
    [RFC4568].

I think this paragraph needs to be rewritten with the goal to make it 
clear that it is a SDP Security Description definition for what is 
defined in [draft-ietf-avtcore-aria-srtp]. As currently formulated one 
can get the impression that it actually defines the ARIA crypto suits 
for SRTP.

2. Removal of AEAD_ARIA_128_GCM_8.

Based on that this cipher is not meeting the expected security goals I 
think it should be removed.

3. Section 2.

Section heading "Patameters" should be changed to "Parameters".

4. Section 2:

For the CTR cipher suites depending on the answer on the main aria draft 
you may have to change the lines for lifetime:

"Default key lifetime            | 2^31 packets "

Cheers

Magnus Westerlund

----------------------------------------------------------------------
Services, Media and Network features, Ericsson Research EAB/TXM
----------------------------------------------------------------------
Ericsson AB                 | Phone  +46 10 7148287
Färögatan 6                 | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------