Re: [AVTCORE] [MMUSIC] SDP Directorate review: draft-ietf-avtcore-cryptex
Christer Holmberg <christer.holmberg@ericsson.com> Tue, 14 June 2022 08:53 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C11FAC15D86A; Tue, 14 Jun 2022 01:53:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.855
X-Spam-Level:
X-Spam-Status: No, score=-2.855 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.745, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WtwCdxcv8ss0; Tue, 14 Jun 2022 01:53:26 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on0600.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe06::600]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A21BAC1649D6; Tue, 14 Jun 2022 01:53:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S7v9ro3uMbw4JEIsfiNARhRYTd7YLsiIPvldAPPQdnCN698ToadEaiaLZuz48Dk6wiVJy80nzGd47s4wD5UI9uqPL53ZmZZI06MyfC98SZiLm8ailZd/2Lw2yuihae6CZwqNVGG20FVKdEDrz/qubvTggN7ejBjnKAvIh8vI36OqFZvyaN/WpQblvGGXv/FNZOb7Fnn9kxzkWG+s9508F/kfOjoT5j8pOkqZh1bqrDpENwpZ9kExPDocpHLR9dE2Qs2yF21m1mtaEihSV5hAjDHh0WbjSpWqr/2enf0+9jfkSD2embmomKA5+rpy0VNUxZNBMwkLS1wZm/cuUZtJLg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=B1OBHWU9415n/A5uz9arnY/yHstdYaK/ICfk5hcEI+M=; b=O4TLtodv/9so8o+7O7le40Pc7q6DyPJpsEdQdlhdowPTWUp7Uir4Gvx0MOJ5Fap6aDcuQrrgU+L0nBpQ8aEi8n+MVa6h2Scd5T/y/6hj2aUVItTezHTiSrYxhW2x3UYDalAGcKL9NGwYYzDNRRiN5xKBgb2iWL7muVCSs23m6T5afkcrpoLZ0c61JntlXs1RFsO+id553JcAoHhdXisPML4d7gxQVP/9FlCHu7XM9aQKtzPjReZlqiR5HiDFbHtYxo0D08v7GcT7ME+Ib9OhEEtlbBhPNPF1HuPfsQyKI4fzQgAtRz/Al1HiJGdHBwDXhXBgg910JUqBiK3rujWGhQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B1OBHWU9415n/A5uz9arnY/yHstdYaK/ICfk5hcEI+M=; b=TDtw1blHDc+PlToEtj2tMh0Qm8RQN+x1m7QWBEzzbteTTIahVZ8zF777h0gYjvisYgxUJ5LOHdBH8AwyHClkts6ehSaY1Lw6JauMwx4DdyYpdKhw23+dvtFQmM3va6sDmuUrMG2xSF/yzzvRnfpxzYSVDjcTrcsmX0pVTBJnHSc=
Received: from HE1PR07MB4441.eurprd07.prod.outlook.com (2603:10a6:7:9f::27) by DB7PR07MB4124.eurprd07.prod.outlook.com (2603:10a6:5:a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.6; Tue, 14 Jun 2022 08:53:21 +0000
Received: from HE1PR07MB4441.eurprd07.prod.outlook.com ([fe80::39f4:2b8e:e73:2c99]) by HE1PR07MB4441.eurprd07.prod.outlook.com ([fe80::39f4:2b8e:e73:2c99%5]) with mapi id 15.20.5353.011; Tue, 14 Jun 2022 08:53:21 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>
CC: IETF AVTCore WG <avt@ietf.org>, "Murray S. Kucherawy" <superuser@gmail.com>, mmusic <mmusic@ietf.org>, "avtcore-chairs@ietf.org" <avtcore-chairs@ietf.org>
Thread-Topic: [MMUSIC] SDP Directorate review: draft-ietf-avtcore-cryptex
Thread-Index: Adh8y7jb9EknSxcHQ1qEgIsHKrcmdwACd4aAAL1RhrA=
Date: Tue, 14 Jun 2022 08:53:20 +0000
Message-ID: <HE1PR07MB44417BC524A9F7F1CAD1DCE293AA9@HE1PR07MB4441.eurprd07.prod.outlook.com>
References: <HE1PR07MB4441160C0170EE3B9C827BD893A69@HE1PR07MB4441.eurprd07.prod.outlook.com> <CA+ag07YD7J5ta13buFPOVeKp3fQYvdg0xPm2qcjXOuNXsANc4Q@mail.gmail.com>
In-Reply-To: <CA+ag07YD7J5ta13buFPOVeKp3fQYvdg0xPm2qcjXOuNXsANc4Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a3b02c38-8379-4c72-070e-08da4de35554
x-ms-traffictypediagnostic: DB7PR07MB4124:EE_
x-microsoft-antispam-prvs: <DB7PR07MB4124D9F589360AB7372F790E93AA9@DB7PR07MB4124.eurprd07.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cunM/eerO5T6c1CwfRu3SRg19x1CyF592gultGPE1Lv1TH7uv0UzDYgLhY8ziRhnWWAAfZIsmSGKjVlbMnXpycOPNLlXLFdpkCtIkgmBn2Ji5jL2uOM++n2c5MOzxCQ+Veo6cDyDlnp5BGZ4TdArtUAFKqKR1Csa+HUvmu7B3mgiBNANsQ4Crythcwha29RDlXBYCxkfj/GRohrIYFG09QSijUbsz7lfjMyhY6LrowBAzCiDhb6xm1eZLTuCpOVaFqBm2HsD7ghfagP4maPR7BB5Ug8qMnZ6KCpxFYoT21v8/boHhn7S/522AH7iYXIT0JjPgWPAXeDebzxj2J6wjW8hlvKo0tYpw1xzTl5xjDcbh1IqlpcpOzi+JCY8oDnANoSbUQeceg0A0nhp0P+Dst6+HPUTxLD9fAVIO3e6UF5LffITEtkITO2+jWBDGJOm3szx0GhxQZN1dWv1PURquFLWxsdt0lmlBkCNf7Mxc1cMfxgLNRlBs4ZW+Nv2VsYPZUxqe/1e7yGU2cBofsEM6/+rAjxF7KL8LDyT+mpqgG0pxoxbWrp6bn/56nsWko5KNdspctWBho6r14gUDELzo9oVGI6bnfILFxYDpVDXC8R/WQWfjGaIptu3rbfrYZe3e2yAZBsn+XL7mywaD0/YvhvXLhJODiAFV2O9HiigEUAT4KNdnhuBaCx1m/nRQcTrSayIX3MrrJCi1d8wIN730UDMyyoxCb2JBBDo39ShR3jqONJNTquhUFYYTKjx+scn
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4441.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(186003)(8676002)(55016003)(71200400001)(4326008)(26005)(38070700005)(6506007)(7696005)(83380400001)(86362001)(64756008)(2906002)(52536014)(508600001)(8936002)(44832011)(9686003)(66556008)(66446008)(5660300002)(33656002)(66476007)(316002)(6916009)(82960400001)(54906003)(76116006)(122000001)(38100700002)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: zq5PMeRAVAX5PtoVPeqoiAGb+5AuKy+N3J3i00gkV7C0aTh599Foa/DVCep/Fi2Ajs2g8k9XQZL1sfNIrCAgnEwpluhi7LWwqg5pvK6qq+wZAlu1+C+54zrfJpfmCLZkko0fi95Z2nkcsQSyUuyxY7GQmzL/URZliy3dsgZ+lfN/K74ihzjSoO0ZgKVKV6YhlflJS+uM9bBd+OAbqyDd2aWxlozUv6/kr6E2RhBsBQw9G6a/PhCEod92sntSm/fL96/4jN8RL6MtR0aMQO9vdR3L5C1YZayKih8Ra+tSKs5T1PowZyBPlV3krpjA3lLXbrtPNZ7OmlfdL8W+OvBW0eQ0xFiGfcW8gqUhp+8ElbPmMv16QbYb8cm3crSsXTgkcvEUsBoiSMtwx8gCb8ihxG7aETycYYdBHQCyPrMBUc8jqLYjLpHJ5rwKpwXR060GAq5E6/oy6dzNMw70LAzDcvidgf/M9ZjSYBfnXaCQF0eDiWPsbvh/UGPVzxFn4+uAbGI5og00dS0gaBdfh6F6HDem0Qrq4IHa5qqhmo7zUm5bY2VBPCZExB+DS4+8a8DlQAIXboV960yYkgl4SgoEClK0CvuqI07KVV6rgsvO5uIUWx3VwGq9ML2KBUTpkNmZyxKEwv5n2awx4ayBGOCtl7/u+YhtEB7sGFBCwsNjMe75+AmWjIVtF0jdvtFFovYDMr0dkDgzWj/50/BXu+kemFkY3QP2O0JyYi7LvMJV3DJXYCURARAOiYZUoRWeuBDeXzK62pPtE9UpkpoXANfMpnXxITdq5v1m4hjFzNS5ddcxwX7ieKJf6wmtiNHj2JFFLgW6Ma00Qamkkwr1aue6JrCasYBN2V+zZVzY0xfwQkoKbUuvjXPsAXUyBMoPdc4XOHAU0TkEaoPlX7ZVpZ0embBmhuexySs83hykbrPTWbJeyHyEx/S/kkrU4AakHaqSAqvRJ2GAa1P/G75p/nltACmJrsrONwr1LLB1XrdgUfxoFSg+GhU1Y14KzoPHezcJM9NJaT4Bk+GwBts38Z4aUnVEbx4VxgyWdNTo4VpkVxL7Gsn7eSMLQWqJPeOtcpPFqujTaJsOuzzMDbu4Xj+IWcgp4YlETmnPefAl9ljiBDRBfAMry7U/9WUHdEuCTiq/RYeHwMPAoat/UjkhJVKIFL7g+KCkE9E2jL26uS0qe3VM7mUPsouPf2+VmhAsLXiwv5HqOz7vnPr5RVnDuvijydN4j5D2ZtQIKBlSKK++7h9m348yYXAGCOlboMKKjeSctDq8YunLA3WR3QqxP8k9b6Lk4QOhDLCdFHiJwSLc2AD0xf2yoEJtQz8TesYEbVaAo4E+78NzUYOsXOQoDCznCARia7BC47LpDW+ifr+PHb6G9VcbF+phHRE0VPhWDTzMQcD2lTlNf+Ev2g1DXWPpCL1RTdNqvfRppkPZwkk7Es3kpOToOlyf5zAjTFHnLFTlEoq7SOq2ewm75pGoG5IIFscOzDUjsdEVevg42AthgVifwSZHajrGuEVgIuL86/dOQUNQ3wr6eazlgX3KMkgL9yOS+M2uh2qYt1IkxXnLjFWCdJ3FU9glXi8pOCicF0BRLV/uSl6hiiTXEFhjI3qr3gRyE1gDib4pZRHm0gjC+Bv/eXawxoC/MtqRkyaVUuF3mDVpDvuCErKg+kRflsnAAabpZ/MXuyp4/qXfJC3pyiyYgaU3NtlT6fslbAu/E/OvZijXcZOPpyCuoxwcTfilDhabDOVYYEPq09sEdv8Nj5Y=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4441.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a3b02c38-8379-4c72-070e-08da4de35554
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jun 2022 08:53:21.0206 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: sxZlFCa2Of2h2fCodH2mI2KTlsBO8U3oq+o1L3S2hbBS4D7syr1SCQKu3TIFqzWyc800QJ88xAs5wtVF7bc2GXEf3uWuXn/u6NP+oUjV5xw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR07MB4124
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/0s4S26GOZHCRXdA2mAPgQgO6lCk>
Subject: Re: [AVTCORE] [MMUSIC] SDP Directorate review: draft-ietf-avtcore-cryptex
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2022 08:53:30 -0000
Hi, ... Q4: >> Section 4 says: >> >> "If BUNDLE is in use and the a=cryptex attribute is present for a >> media line, it MUST be present for all media lines belonging to the >> same bundle group. This ensures that the encrypted MID header >> extensions used to demux BUNDLE can be processed correctly. When >> used with BUNDLE, this attribute is assigned to the TRANSPORT >> category [RFC8859]." >> >> First, as the usage of Cryptex is optional, why mandate it on all media lines? Could you explain the MID header processing justficiation? > > If ssrc info is not exchanged in the SDP O/A, then the only way to assign a packet to an m-line is by the mid value which is encrypted if cryptex is in use. So if the peer signals that it supports receiving cryptex in one m-line, it must support it on all of them. Sure, but if you only indicate cryptex support for m- line X, then the peer is only allowed to use cryptex for the RTP packets associated with X. But, the peer is not allowed to use cryptex for RTP packets associated with m- line Y. But, in general I think it would be good to add some more text on the BUNDLE impacts, e.g., that intermediary nodes might not be able to distinguish/process bundled media if the MID is encrypted. For example, in some networks there are intermediaries that "un-BUNDLE" media into individual 5-tuples, and that won't work unless such nodes have access to the MIDs. >Second, if mandated on all media lines, it will apply also to non-RTP media lines (e.g., a WebRTC data channel), and then I think you need to have some explicit text about that. > >What would be the best term for a "media m-line"? > >- media m-line >- media m line >- media "m=" line My suggestion would be to say "m- lines for RTP transported media", or something like that, because technically you could transport media also using non-RTP mechanisms. Regards, Christer
- [AVTCORE] SDP Directorate review: draft-ietf-avtc… Christer Holmberg
- Re: [AVTCORE] [MMUSIC] SDP Directorate review: dr… Sergio Garcia Murillo
- Re: [AVTCORE] [MMUSIC] SDP Directorate review: dr… Christer Holmberg
- Re: [AVTCORE] [MMUSIC] SDP Directorate review: dr… Sergio Garcia Murillo
- Re: [AVTCORE] [MMUSIC] SDP Directorate review: dr… Paul Kyzivat
- Re: [AVTCORE] [MMUSIC] SDP Directorate review: dr… Christer Holmberg
- Re: [AVTCORE] [MMUSIC] SDP Directorate review: dr… Christer Holmberg