Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04
Magnus Westerlund <magnus.westerlund@ericsson.com> Thu, 02 December 2010 12:57 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: avt@core3.amsl.com
Delivered-To: avt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 934BF28C0F9 for <avt@core3.amsl.com>; Thu, 2 Dec 2010 04:57:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.559
X-Spam-Level:
X-Spam-Status: No, score=-106.559 tagged_above=-999 required=5 tests=[AWL=0.041, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ckEoNcVVuiEo for <avt@core3.amsl.com>; Thu, 2 Dec 2010 04:57:00 -0800 (PST)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by core3.amsl.com (Postfix) with ESMTP id 7A0FF28C0E9 for <avt@ietf.org>; Thu, 2 Dec 2010 04:57:00 -0800 (PST)
X-AuditID: c1b4fb39-b7bafae000002a42-af-4cf797e70047
Received: from esessmw0256.eemea.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id 9E.40.10818.7E797FC4; Thu, 2 Dec 2010 13:58:15 +0100 (CET)
Received: from [147.214.183.21] (153.88.115.8) by esessmw0256.eemea.ericsson.se (153.88.115.97) with Microsoft SMTP Server id 8.2.234.1; Thu, 2 Dec 2010 13:58:14 +0100
Message-ID: <4CF797E7.1060207@ericsson.com>
Date: Thu, 02 Dec 2010 13:58:15 +0100
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; sv-SE; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6
MIME-Version: 1.0
To: avt@ietf.org
References: <EDC0A1AE77C57744B664A310A0B23AE21E36365D@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com>
In-Reply-To: <EDC0A1AE77C57744B664A310A0B23AE21E36365D@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: AAAAAA==
Subject: Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2010 12:57:01 -0000
Hi, Yes, I think the discussed security issue is resolved in that I think the suggested mitigations are sufficient. I think the text around this is acceptable. But, I do invite others to see if they agree or it simply me having discussed this so much. Cheers Magnus DRAGE, Keith (Keith) skrev 2010-12-01 15:46: > (As WG chair) > > At the AVT face to face meeting in Beijing, there was considerable discussion on the security issues regarding token versus cookie. > > My only conclusion from that discussion was that the text needs to be improved, and shortening the timer may provide the only real solution to such attacks. > > Has this issue been nailed down and closed in the -04 version of the document, or is more work still required? > > In particular I'd like to see responses from EKR, Magnus and Colin, who all indicated more work was required in Beijing. > > regards > > Keith > _______________________________________________ > Audio/Video Transport Working Group > avt@ietf.org > https://www.ietf.org/mailman/listinfo/avt > -- Magnus Westerlund ---------------------------------------------------------------------- Multimedia Technologies, Ericsson Research EAB/TVM ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Färögatan 6 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04 DRAGE, Keith (Keith)
- Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rt… Ali C. Begen (abegen)
- Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rt… Magnus Westerlund