Re: [AVTCORE] Re-send:Comments on draft-ietf-avtcore-aria-srtp-06.txt
Eric Rescorla <ekr@rtfm.com> Sun, 07 September 2014 12:42 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68B3C1A0326 for <avt@ietfa.amsl.com>; Sun, 7 Sep 2014 05:42:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.323
X-Spam-Level: *
X-Spam-Status: No, score=1.323 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_26=0.6, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qvPY11eoHmu9 for <avt@ietfa.amsl.com>; Sun, 7 Sep 2014 05:42:54 -0700 (PDT)
Received: from mail-wg0-f45.google.com (mail-wg0-f45.google.com [74.125.82.45]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A44E41A0331 for <avt@ietf.org>; Sun, 7 Sep 2014 05:42:53 -0700 (PDT)
Received: by mail-wg0-f45.google.com with SMTP id k14so13487599wgh.4 for <avt@ietf.org>; Sun, 07 Sep 2014 05:42:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=XCnwlsLawqNSi2DNes0xK8nxuAFX42JT61f3202nRNY=; b=XeH1CftAMKZ+tEmW3v15TJTXXUJhSHX5VZ2ww58UJNRa7mACwe0FKjC9MgQKM1CM30 GsQoqftR7+Mo+SNMF4ynMgNPElfD04dzv7lssX82ENqD+Vs49NWmWVOQq7PNtELkgtKy 1DOV8xpJMyJFAmjFcxeyr5qGuT6u0bgvc2Enr3ES5+w29aJrRYM6DdcBQn+M4cFbcv+8 RzIzSY/sqs7jl9EYV7/H9AyyBEeI9Jc6bHo6Bl+480t7DwTMDC9Z+pjGSDcgneVDBsGk 2zOMveZGe20T1wzLo8NxDZjGB+6ci5eTUFm245JaoSoTHQ9TKbyMtpCAdF3oKOhuolwW ZRLw==
X-Gm-Message-State: ALoCoQmJm7pjRGNertZLPKPdi00DmM39f0opF0e/98bXQLY7CCX86sHGHsfvvpQqXkPisfI9IC7r
X-Received: by 10.180.37.77 with SMTP id w13mr15549915wij.78.1410093772268; Sun, 07 Sep 2014 05:42:52 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.146.193 with HTTP; Sun, 7 Sep 2014 05:42:12 -0700 (PDT)
In-Reply-To: <038701cfca61$f9169940$eb43cbc0$@gmail.com>
References: <CABcZeBOWA4zAF-gXvz4F9uav3_HGK=_bvt0dqUSzmtq-Bcx-CA@mail.gmail.com> <038701cfca61$f9169940$eb43cbc0$@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 07 Sep 2014 05:42:12 -0700
Message-ID: <CABcZeBO6rvaBC6p-uj5tzrT4bMgLob097UwDY5DrbOTpw6vRKg@mail.gmail.com>
To: Roni Even <ron.even.tlv@gmail.com>
Content-Type: multipart/alternative; boundary="e89a8f6470216577d10502790af2"
Archived-At: http://mailarchive.ietf.org/arch/msg/avt/WZdGMIJqIMlYl--_b3k_LyJlvsw
Cc: "avt@ietf.org" <avt@ietf.org>, IESG <iesg@ietf.org>
Subject: Re: [AVTCORE] Re-send:Comments on draft-ietf-avtcore-aria-srtp-06.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Sep 2014 12:42:55 -0000
On Sat, Sep 6, 2014 at 11:07 PM, Roni Even <ron.even.tlv@gmail.com> wrote: > Hi Eric, > > This document registers the IANA codepoints for Security Descriptions, > DTLS-SRTP, and MIKEY. The registration procedure requires standard track > document. ARIA itself in RFC5794 is informational. > I'm not sure that that changes the situation. The question is whether the IETF should be endorsing the use of ARIA for SRTP, right? The WG agreed to have a milestone for this work. > > Understood. However, I don't think that precludes deciding otherwise at this point. -Ekr > > *From:* avt [mailto:avt-bounces@ietf.org] *On Behalf Of *Eric Rescorla > *Sent:* 07 September, 2014 1:47 AM > *To:* avt@ietf.org; IESG > *Subject:* [AVTCORE] Re-send:Comments on > draft-ietf-avtcore-aria-srtp-06.txt > > > > [Now with a right address] > > > > I just took a look at draft-ietf-avtcore-aria-srtp-06.txt and I'm trying > to figure > > out why it's being advanced, especially as Standards Track. I have two > > concerns: > > > > 1. The arguments for specifying ARIA at all seem to be fairly weak. I > > went back to the mail archives and found my question about this from > > 2012, where I asked why we needed ARIA given that we have already > > standardized one KISA algorithm (SEED). > > > > http://www.ietf.org/mail-archive/web/avt/current/msg15603.htm > > > > The answer, apparently, is that the Korean government wants it: > > http://www.ietf.org/mail-archive/web/avt/current/msg15632.html > > > > Both SEED and ARIA were established as KS(Korean Standard) by the > > Ministry of Knowledge Economy of Korea. But SEED and ARIA have > > different application areas each other. While SEED is mainly used > > for for electronic commerce and financial service, ARIA is for > > government use and public purpose. As the governmental area is > > growing recently, we need to standardize SRTP-ARIA even though > > SRTP-SEED is already defined in RFC 5669. > > > > Substantively, standardizing a cipher just because a national government > > wants to use it doesn't seem like a really great idea. > > > > I just went back through the mailing list and was unable to find any > > messages that argued for standardizing ARIA other than those that > > appear to be by the authors. Procedurally, this doesn't really seem > > like the level of support that we should be looking for, especially > > for a standards track document. > > > > > > 2. If we are to specify ARIA, we shouldn't be specifying the combinatoric > > explosion of all the key lengths and cipher modes. Rather, we should > > specify GCM with one authentication tag and one or two key sizes. > > In response to my comments above, the authors argued that they were > > looking for parity with AES, but this isn't a good reason, since AES is > > the algorithm we are actually encouraging people to use (and even there > > it would be better to have fewer modes). In TLS we are trying to move > > away from non-AEAD ciphers and SRTP should probably do the same. > > > > -Ekr >
- [AVTCORE] Re-send:Comments on draft-ietf-avtcore-… Eric Rescorla
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Roni Even
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Eric Rescorla
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Barry Leiba
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Stephen Farrell
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Roni Even
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Eric Rescorla