Re: [AVTCORE] Last Call: <draft-ietf-avt-srtp-not-mandatory-14.txt> (Securing the RTP Protocol Framework: Why RTP Does Not Mandate a Single Media Security Solution) to Informational RFC

Martin Thomson <martin.thomson@gmail.com> Mon, 09 December 2013 22:55 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01B6A1A1F61; Mon, 9 Dec 2013 14:55:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9SEvCbKm2INd; Mon, 9 Dec 2013 14:55:22 -0800 (PST)
Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) by ietfa.amsl.com (Postfix) with ESMTP id 4E6731A1F06; Mon, 9 Dec 2013 14:55:22 -0800 (PST)
Received: by mail-wi0-f174.google.com with SMTP id z2so4582805wiv.13 for <multiple recipients>; Mon, 09 Dec 2013 14:55:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=jyhKvsMCSPx4mDW74bbZHIAcVMc3NtmWzx7p/8LqqG8=; b=ay7ADVuQd3uMhrSBtp1Ar5ugObiQnRmxZVXAthOGAUEeE9HOny6Zk1x8tvGmeoG+jb uRXKHnSScX/JhkEDgbkTFEFOSyFnamJEBwg2AmOepyd7GMt7ZN9QUGQhpB6tnSFi6196 pSmWSQeMkpcQLsW3PGk2+VOamhhF2IFevFFYCUpqYfx27AW4v3EHwDSczAxu2VRGA75h mhsbXhWwOh21J3M6JmXpz6FvEe0YJaaQnPuShfKM0yu2Vz2sycAdbIw94Cwl+2QLXgvw XObFkoqZk6Auh/s5QMK5edCMe43r2QEYzGeixxbiezrGw3JlOGvyg5PPqIL4SmoZRlYX LXUw==
MIME-Version: 1.0
X-Received: by 10.180.188.175 with SMTP id gb15mr11303452wic.50.1386629716926; Mon, 09 Dec 2013 14:55:16 -0800 (PST)
Received: by 10.227.134.195 with HTTP; Mon, 9 Dec 2013 14:55:16 -0800 (PST)
In-Reply-To: <A22A842D-8391-467B-8DC0-17A3966DFF74@cisco.com>
References: <20131122220752.31098.83432.idtracker@ietfa.amsl.com> <1286562B-6C43-4ADC-8999-C70CA356F587@cisco.com> <017801cef20f$6f82aff0$4e880fd0$@gmail.com> <A22A842D-8391-467B-8DC0-17A3966DFF74@cisco.com>
Date: Mon, 9 Dec 2013 14:55:16 -0800
Message-ID: <CABkgnnWvaH1VKCdNPvVdWSj=J0kBq6x1Dof7Fnx=PhdQE2qLjw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
Content-Type: text/plain; charset=UTF-8
Cc: "<ietf@ietf.org>" <ietf@ietf.org>, "<avt@ietf.org>" <avt@ietf.org>
Subject: Re: [AVTCORE] Last Call: <draft-ietf-avt-srtp-not-mandatory-14.txt> (Securing the RTP Protocol Framework: Why RTP Does Not Mandate a Single Media Security Solution) to Informational RFC
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 22:55:24 -0000

On 9 December 2013 14:16, Cullen Jennings (fluffy) <fluffy@cisco.com> wrote:
> I was pushing more on the privacy / confidentiality for RTP vs the keying, so more SRTP than SDES.

I don't think that you get anything meaningful without tackling key
agreement.  Even then, we're not done until we've got systems in place
for doing authentication.  Good thing we're doing something about that
with WebRTC.