Re: [AVT] DTLS-SRTP over TCP?
"Roni Even" <ron.even.tlv@gmail.com> Tue, 26 August 2008 04:58 UTC
Return-Path: <avt-bounces@ietf.org>
X-Original-To: avt-archive@optimus.ietf.org
Delivered-To: ietfarch-avt-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BF5303A699C; Mon, 25 Aug 2008 21:58:42 -0700 (PDT)
X-Original-To: avt@core3.amsl.com
Delivered-To: avt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DA5AC3A699C for <avt@core3.amsl.com>; Mon, 25 Aug 2008 21:58:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.74
X-Spam-Level:
X-Spam-Status: No, score=-0.74 tagged_above=-999 required=5 tests=[BAYES_20=-0.74]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T+qdxhnXskbb for <avt@core3.amsl.com>; Mon, 25 Aug 2008 21:58:41 -0700 (PDT)
Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.190]) by core3.amsl.com (Postfix) with ESMTP id 98F1C3A699A for <avt@ietf.org>; Mon, 25 Aug 2008 21:58:40 -0700 (PDT)
Received: by nf-out-0910.google.com with SMTP id b11so889304nfh.39 for <avt@ietf.org>; Mon, 25 Aug 2008 21:58:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:references :in-reply-to:subject:date:mime-version:content-type :content-transfer-encoding:x-mailer:thread-index:content-language :message-id; bh=Rpgs0va+vaiUULp0aDzgGvvs4zrI5gR+I1taZLgDATk=; b=RFR3L4StIXC5lBTh/luxmlYLaSVjdMnr87OUOQyxtBYHcu/8WttRk3ss1fAM60xFxV 1jHQH6a/hCZk8fK5Nn2neO9Z1DGjB3N94vkfT+nlRQfx1X1X2wgsjlbHsN1i8kynjU4p YaKyLScUAtAkRKHhqZnjHA6CwLwzZQ7G7KVcY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:references:in-reply-to:subject:date:mime-version :content-type:content-transfer-encoding:x-mailer:thread-index :content-language:message-id; b=m37diZ0vlUxU3w0as3N59rZrpy1jKXbXwHiOiJc9/eprw/I7/gYFVqiE6WCkNgcQ5e dP27vBdYadyubBnkdOXpBLrV1mxuz/mhZDVV2y968Jp6RpY187n+yHTacLhvOGItGwbV 0FbOYCMKyptE5P1fC1gwZQKg2hSa7ud8VQBws=
Received: by 10.103.192.10 with SMTP id u10mr3431127mup.29.1219726720127; Mon, 25 Aug 2008 21:58:40 -0700 (PDT)
Received: from windows8d787f9 ( [79.177.169.240]) by mx.google.com with ESMTPS id e8sm30467223muf.6.2008.08.25.21.58.37 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 25 Aug 2008 21:58:38 -0700 (PDT)
From: Roni Even <ron.even.tlv@gmail.com>
To: 'Dan Wing' <dwing@cisco.com>, 'Eric Rescorla' <ekr@networkresonance.com>, avt@ietf.org
References: <20080825211342.E917F556335@kilo.rtfm.com> <07f201c906f9$e9cc3f30$c2f0200a@cisco.com>
In-Reply-To: <07f201c906f9$e9cc3f30$c2f0200a@cisco.com>
Date: Tue, 26 Aug 2008 07:58:48 +0300
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AckG95MEGZ+KdXVZRkaF10The/zIMQAAgr6QAA+KTQA=
Content-Language: en-us
Message-ID: <48b38d7e.08b6660a.61e5.ffff9966@mx.google.com>
Subject: Re: [AVT] DTLS-SRTP over TCP?
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: avt-bounces@ietf.org
Errors-To: avt-bounces@ietf.org
Hi, I think it is reasonable to remove TCP in the current draft. Maybe, for completeness, have some text similar to section 3 of draft-ietf-avt-srtp-not-mandatory-00 suggesting that for TCP you can use TLS and suggest that DTLS-SRTP-over-TCP is for further study. Roni Even -----Original Message----- From: avt-bounces@ietf.org [mailto:avt-bounces@ietf.org] On Behalf Of Dan Wing Sent: Tuesday, August 26, 2008 12:31 AM To: 'Eric Rescorla'; avt@ietf.org Subject: Re: [AVT] DTLS-SRTP over TCP? > In his WGLC comments on draft-ietf-avt-dtls-srtp, SEC AD Pasi > Erenon writes: > > Section 8 seems to specify a token DTLS over TCP. However, RFC 4347 > doesn't specify how that would work (and it's obvious that it won't > work as is -- e.g. the state machine handling > timeouts/retransmissions > needs changes, MTU discovery won't be identical, etc.). If > the intent > is to specify DTLS-over-TCP, that really needs a separate > section (or > ideally, a separate document) describing the deltas from ordinary > DTLS. > > Pasi is right that this is underspecified. > > I know that we agreed that this would be the way forward in the future > for secure media over TCP, but what I don't know is whether this > is imminent. My normal instinct would be to remove this from this > document and when (if?) necessary, fully specify the DTLS-SRTP > behavior in a separate document. What do others think? This primarily affects ICE-TCP, when UDP communications can't be established and only TCP can be established. I don't see much other significant use of DTLS-SRTP-over-TCP. I am okay with removing it, so long as ICE-TCP mentions that DTLS-SRTP cannot utilize an ICE-TCP-negotiated TCP transport. -d _______________________________________________ Audio/Video Transport Working Group avt@ietf.org https://www.ietf.org/mailman/listinfo/avt _______________________________________________ Audio/Video Transport Working Group avt@ietf.org https://www.ietf.org/mailman/listinfo/avt
- [AVT] DTLS-SRTP over TCP? Eric Rescorla
- Re: [AVT] DTLS-SRTP over TCP? Dan Wing
- Re: [AVT] DTLS-SRTP over TCP? Roni Even