IETF Logo Mail Archive

Re: [AVT] draft-ietf-avt-rapid-acquisition-for-rtp-07: Minor issues

"Ali C. Begen (abegen)" <abegen@cisco.com> Mon, 08 March 2010 00:05 UTC

Return-Path: <abegen@cisco.com>
X-Original-To: avt@core3.amsl.com
Delivered-To: avt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E5CB53A67D4 for <avt@core3.amsl.com>; Sun, 7 Mar 2010 16:05:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.445
X-Spam-Level:
X-Spam-Status: No, score=-10.445 tagged_above=-999 required=5 tests=[AWL=0.154, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nZ8Uuv5OShoR for <avt@core3.amsl.com>; Sun, 7 Mar 2010 16:05:49 -0800 (PST)
Received: from sj-iport-1.cisco.com (sj-iport-1.cisco.com [171.71.176.70]) by core3.amsl.com (Postfix) with ESMTP id EF5623A676A for <avt@ietf.org>; Sun, 7 Mar 2010 16:05:48 -0800 (PST)
Authentication-Results: sj-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAHPOk0urR7Hu/2dsb2JhbACbI3OgE5dBhHgEgxc
X-IronPort-AV: E=Sophos;i="4.49,599,1262563200"; d="scan'208";a="306110218"
Received: from sj-core-5.cisco.com ([171.71.177.238]) by sj-iport-1.cisco.com with ESMTP; 08 Mar 2010 00:05:52 +0000
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-5.cisco.com (8.13.8/8.14.3) with ESMTP id o2805qrm021272; Mon, 8 Mar 2010 00:05:52 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 7 Mar 2010 16:05:52 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Sun, 07 Mar 2010 16:05:40 -0800
Message-ID: <04CAD96D4C5A3D48B1919248A8FE0D540B7A6F01@xmb-sjc-215.amer.cisco.com>
In-Reply-To: <4B8E7CB9.2040701@ericsson.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: draft-ietf-avt-rapid-acquisition-for-rtp-07: Minor issues
Thread-Index: Acq7AE8ZfsyOpk+lT8Whwdd21izBzwDPUKgg
References: <4B8E7CB9.2040701@ericsson.com>
From: "Ali C. Begen (abegen)" <abegen@cisco.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, IETF AVT WG <avt@ietf.org>, draft-ietf-avt-rapid-acquisition-for-rtp@tools.ietf.org
X-OriginalArrivalTime: 08 Mar 2010 00:05:52.0821 (UTC) FILETIME=[1DFDB650:01CABE53]
Subject: Re: [AVT] draft-ietf-avt-rapid-acquisition-for-rtp-07: Minor issues
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Mar 2010 00:05:50 -0000

Hi Magnus,

We are addressing the other minor issues in the -08 version, which I
hope will be submitted before the deadline.

For the security-related part, see below:

> 31. Section 10.
> The security mitigation for the authentication of the RTCP messages
> between the RTP_RX and the RS is SRTP. However, the document fails to
> indicate anything on how you would successfully configure the SRTP
with
> keying information. Can you provide some insight into how this would
> work in RAMS scenario? I am more interested if you think there exist a
> keying method that fits the trust model and scenarios? And if it does
> that it might be worth indicating that in the draft as a recommended
> method. I know there will some that has different trust that can do it
> differently. But some baseline is likely worth to lay down here.
> 
> 32. Section 10, page 43:
>    In addition to the denial-of-service attacks, man-in-the-middle and
>    replay attacks can also be harmful.  However, RAMS itself does not
>    bring any new risks or threats other than the ones discussed in
>    [I-D.ietf-avt-rtcpssm].
> 
> I think the document fails to describe the increased risk for other
> attacks that isn't focused on blasting a lot of packets on to some
> target. For example an on-path attacker can beyond preventing the
RTP_RX
> to get service, it may discretely change parameters to make the
service
> work less well. Due to that the RAMS extensions are more a control
> protocol than a feedback protocol a different level of security
threats
> exist than what is primarily discussed in the RTCP SSM RFC.

Dan W. has suggested the following text. If you are happy with it, let
me know so that we can put it in the draft before Monday's deadline. I
am afraid we are not addressing all potential man-in-the-middle attacks.

-acbegen


To protect the RTCP messages from man-in-the-middle and replay attacks,
the RTP receivers and Retransmission Server SHOULD perform a DTLS-SRTP
handshake [I-D.ietf-avt-dtls-srtp] over the RTCP channel.  Because there
is no integrity-protected signaling channel between an RTP receiver and
the Retransmission Server, the Retransmission Server MUST maintain a
list of certificates owned by legitimate RTP receivers, or their
certificates MUST be signed by a trusted Certificate Authority. Once the
DTLS-SRTP security is established, non-SRTCP-protected messages received
from a particular RTP receiver are ignored by the Retransmission Server.
To reduce the impact of DTLS-SRTP overhead when communicating with
different feedback targets on the same Retransmission Server, it is
RECOMMENDED that RTP receivers and the Retransmission Server both
support TLS Session Resumption without Server-side State [RFC5077].

v2.23.0 | Report a Bug | By Email