[AVTCORE] Comments on draft-ietf-avt-srtp-aes-gcm-01
Qin Wu <bill.wu@huawei.com> Thu, 22 September 2011 12:09 UTC
Return-Path: <bill.wu@huawei.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6D0C21F8CD1 for <avt@ietfa.amsl.com>; Thu, 22 Sep 2011 05:09:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.417
X-Spam-Level:
X-Spam-Status: No, score=-5.417 tagged_above=-999 required=5 tests=[AWL=1.182, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r0H+nfYM-FzN for <avt@ietfa.amsl.com>; Thu, 22 Sep 2011 05:09:17 -0700 (PDT)
Received: from szxga03-in.huawei.com (szxga03-in.huawei.com [119.145.14.66]) by ietfa.amsl.com (Postfix) with ESMTP id E5F0D21F8CE5 for <avt@ietf.org>; Thu, 22 Sep 2011 05:09:16 -0700 (PDT)
Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LRX00JCEB7MQJ@szxga03-in.huawei.com> for avt@ietf.org; Thu, 22 Sep 2011 20:11:46 +0800 (CST)
Received: from szxrg02-dlp.huawei.com ([172.24.2.119]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LRX00E5QB7LEM@szxga03-in.huawei.com> for avt@ietf.org; Thu, 22 Sep 2011 20:11:46 +0800 (CST)
Received: from szxeml203-edg.china.huawei.com ([172.24.2.119]) by szxrg02-dlp.huawei.com (MOS 4.1.9-GA) with ESMTP id ADV41315; Thu, 22 Sep 2011 20:11:45 +0800
Received: from SZXEML403-HUB.china.huawei.com (10.82.67.35) by szxeml203-edg.china.huawei.com (172.24.2.55) with Microsoft SMTP Server (TLS) id 14.1.270.1; Thu, 22 Sep 2011 20:11:38 +0800
Received: from w53375q (10.138.41.130) by szxeml403-hub.china.huawei.com (10.82.67.35) with Microsoft SMTP Server (TLS) id 14.1.270.1; Thu, 22 Sep 2011 20:11:44 +0800
Date: Thu, 22 Sep 2011 20:11:44 +0800
From: Qin Wu <bill.wu@huawei.com>
X-Originating-IP: [10.138.41.130]
To: avt@ietf.org, mcgrew@cisco.com
Message-id: <E0259356234E413093E94734F9DA36BC@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.6109
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
Content-type: text/plain; charset="iso-8859-1"
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal
X-CFilter-Loop: Reflected
References: <4FD125153A070D45BC87645D3B88028802BB7BC639@IMCMBX3.MITRE.ORG>
Subject: [AVTCORE] Comments on draft-ietf-avt-srtp-aes-gcm-01
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2011 12:09:17 -0000
Hi, This draft is well written. I would like to see this work moving forward. Here are my minor comments to this document: 1. Section 1, Second Paragraph [Qin]: It looks SRTP (together with SRTCP) utilizes AES as the default cipher. However in some case(e.g., in ITU-T H.235.8), Public key cryptography be used with SRTP to provide end to end confidential and authentication. So is it fair to assume in SRTP, both sender and receiver only use symmetric cryptography? what if asymmetric cryptography? 2. Section 1.1 Second Bullet [Qin]: It is not clear why four instantiations is required for each participant in the session, I think it is better at least to have a reference to put here. 3. Section 1.2.1, First Paragraph [Qin]: Is the AEAD authentication tag is authentication tag defined in SRTP/SRTCP packet? If not, how they are different? If yes, it is better to be clear about this in the draft. 4. Section 1.2.1, Second Pragraph [Qin]: Should it say the optional SRTP Authentication Tag is NOT Recommended to be present to be consistent with the figure in section 1.2.5. 5. Section 1.2.5 [Qin]: Should it also say authentication tag is not reccommended in the note to the figure? 6.Section 2.1 Four Paragraph [Qin]: How the number of invocations is calcualted for SRTP/SRTCP respectively? 7. Section 2.2, Table 1 [Qin]: You also need to support the algorithm specified in [RFC5282],Should it say A detailed description of the AES-GCM family can be found in [RFC5116][RFC5282]? 8. Section 2.2 Last Paragraph [Qin]: You didn't mentioned IV is formed from invocation counter in the section 1.2.2, rather than you point out "The packet counter is closely related to the invocation field", what is missing? [Qin]:It is not clear to me how the invocation counter is related to each instantiation of AES-GCM? 9.Section 3 [Qin]: I can not understand this formulation and table. how do you get this formulation and table? what's the rationale behind? 10.Section 4 [Qin]:It looks not complete since you didn't specify the SRTP transform parameters fro each profile. Regards! -Qin
- [AVTCORE] Comments on draft-ietf-avt-srtp-aes-gcm… Peck, Michael A
- Re: [AVTCORE] Comments on draft-ietf-avt-srtp-aes… David McGrew
- [AVTCORE] Comments on draft-ietf-avt-srtp-aes-gcm… Qin Wu
- Re: [AVTCORE] Comments on draft-ietf-avt-srtp-aes… David McGrew