Re: [AVTCORE] Re-send:Comments on draft-ietf-avtcore-aria-srtp-06.txt
"Roni Even" <ron.even.tlv@gmail.com> Sun, 07 September 2014 06:07 UTC
Return-Path: <ron.even.tlv@gmail.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 700B21A0235; Sat, 6 Sep 2014 23:07:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.301
X-Spam-Level: *
X-Spam-Status: No, score=1.301 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_26=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16Gtt9plgnug; Sat, 6 Sep 2014 23:07:21 -0700 (PDT)
Received: from mail-wi0-x230.google.com (mail-wi0-x230.google.com [IPv6:2a00:1450:400c:c05::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65A771A0240; Sat, 6 Sep 2014 23:07:20 -0700 (PDT)
Received: by mail-wi0-f176.google.com with SMTP id bs8so1147970wib.3 for <multiple recipients>; Sat, 06 Sep 2014 23:07:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :content-type:thread-index:content-language; bh=pb1pEgk01K1RtXrxnK+3ctMHP+sfTsmtvAXuay/+C6w=; b=KX/dZGTRn7AJnmdYyX76K/2nBTTi3bTaKG/Zp/+gd8ECYgbqKL26i9obrbdKcwaCOF gtMFspk8w2ZpV15NAZ8G7m2MGF2Kn97TqWBfe2hoiLUuEOQnmI7oAjKNgtDp+O2I48ic zBG5oB8Kxkxo1VvYvPZbJwnZEtQ+FLmJBUbk6W/95b5LO4Km2IF9Bv9gIbOHN3Dtmruy y58Ga0KZijrVNqiDyS6ryB0OH6YeKuBK6gwdzLz6f7Ij9Y/38GjuYbNC9tFqcj2WwWQa uBuq9SODmix3SVdr2w95wqqMPwvIg3RXDS5LPQTBKd+VVyTB8RhRC1unTp7xu+el+EU0 PL9A==
X-Received: by 10.180.38.84 with SMTP id e20mr13991304wik.43.1410070038879; Sat, 06 Sep 2014 23:07:18 -0700 (PDT)
Received: from RoniE (bzq-79-176-126-132.red.bezeqint.net. [79.176.126.132]) by mx.google.com with ESMTPSA id ys5sm6675769wjc.25.2014.09.06.23.07.16 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 06 Sep 2014 23:07:18 -0700 (PDT)
From: Roni Even <ron.even.tlv@gmail.com>
To: 'Eric Rescorla' <ekr@rtfm.com>, avt@ietf.org, 'IESG' <iesg@ietf.org>
References: <CABcZeBOWA4zAF-gXvz4F9uav3_HGK=_bvt0dqUSzmtq-Bcx-CA@mail.gmail.com>
In-Reply-To: <CABcZeBOWA4zAF-gXvz4F9uav3_HGK=_bvt0dqUSzmtq-Bcx-CA@mail.gmail.com>
Date: Sun, 07 Sep 2014 09:07:12 +0300
Message-ID: <038701cfca61$f9169940$eb43cbc0$@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0388_01CFCA7B.1E6509C0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQCuj72oPOvHeb6xNGXYxOAfpnJdHZ43osdw
Content-Language: en-us
Archived-At: http://mailarchive.ietf.org/arch/msg/avt/joN9VsvjeM1K32J26SZg4VkP1tY
Subject: Re: [AVTCORE] Re-send:Comments on draft-ietf-avtcore-aria-srtp-06.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Sep 2014 06:07:22 -0000
Hi Eric, This document registers the IANA codepoints for Security Descriptions, DTLS-SRTP, and MIKEY. The registration procedure requires standard track document. ARIA itself in RFC5794 is informational. The WG agreed to have a milestone for this work. Roni Even From: avt [mailto:avt-bounces@ietf.org] On Behalf Of Eric Rescorla Sent: 07 September, 2014 1:47 AM To: avt@ietf.org; IESG Subject: [AVTCORE] Re-send:Comments on draft-ietf-avtcore-aria-srtp-06.txt [Now with a right address] I just took a look at draft-ietf-avtcore-aria-srtp-06.txt and I'm trying to figure out why it's being advanced, especially as Standards Track. I have two concerns: 1. The arguments for specifying ARIA at all seem to be fairly weak. I went back to the mail archives and found my question about this from 2012, where I asked why we needed ARIA given that we have already standardized one KISA algorithm (SEED). http://www.ietf.org/mail-archive/web/avt/current/msg15603.htm The answer, apparently, is that the Korean government wants it: http://www.ietf.org/mail-archive/web/avt/current/msg15632.html Both SEED and ARIA were established as KS(Korean Standard) by the Ministry of Knowledge Economy of Korea. But SEED and ARIA have different application areas each other. While SEED is mainly used for for electronic commerce and financial service, ARIA is for government use and public purpose. As the governmental area is growing recently, we need to standardize SRTP-ARIA even though SRTP-SEED is already defined in RFC 5669. Substantively, standardizing a cipher just because a national government wants to use it doesn't seem like a really great idea. I just went back through the mailing list and was unable to find any messages that argued for standardizing ARIA other than those that appear to be by the authors. Procedurally, this doesn't really seem like the level of support that we should be looking for, especially for a standards track document. 2. If we are to specify ARIA, we shouldn't be specifying the combinatoric explosion of all the key lengths and cipher modes. Rather, we should specify GCM with one authentication tag and one or two key sizes. In response to my comments above, the authors argued that they were looking for parity with AES, but this isn't a good reason, since AES is the algorithm we are actually encouraging people to use (and even there it would be better to have fewer modes). In TLS we are trying to move away from non-AEAD ciphers and SRTP should probably do the same. -Ekr
- [AVTCORE] Re-send:Comments on draft-ietf-avtcore-… Eric Rescorla
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Roni Even
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Eric Rescorla
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Barry Leiba
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Stephen Farrell
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Roni Even
- Re: [AVTCORE] Re-send:Comments on draft-ietf-avtc… Eric Rescorla