[AVTCORE] Request for Security Review of draft-ietf-avtcore-rtp-scip
Bernard Aboba <bernard.aboba@gmail.com> Fri, 03 June 2022 17:20 UTC
Return-Path: <bernard.aboba@gmail.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EE31C14F73D; Fri, 3 Jun 2022 10:20:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3qkZzqglGA5M; Fri, 3 Jun 2022 10:20:22 -0700 (PDT)
Received: from mail-vs1-xe2d.google.com (mail-vs1-xe2d.google.com [IPv6:2607:f8b0:4864:20::e2d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79C15C14F6E7; Fri, 3 Jun 2022 10:20:22 -0700 (PDT)
Received: by mail-vs1-xe2d.google.com with SMTP id 68so7938386vse.11; Fri, 03 Jun 2022 10:20:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to:cc; bh=YeYunhaK2f0DQiJPzVDo43fWR0jjVDv/uD2kYdbx9yQ=; b=EXkOpsZH1vuftaoBxKIXhEdrEfonsAPunT/EfJbKK9tBj09rKhRNvM4TyazLoKOcwX ZtHDDvPHfRLfk9MoBM6aYDAWMh7NlIepzg8czC6AZ07I/fMYdX0bWtA17HF5hlvGWfos 1vHHdLApX9+uj4uTqBbGUPL6OSOp7Kz1oeMuvemUtln+Pe5lU1A7vFl1nghZghfsltK5 XR1+Gd3JMsZ45upe7VfT9jaNogb4N36/bixrbZ667kb/ilt6k9QY5r5E7k15pIBNhTHO KkIRWAOSbK6sPHZOSKrMXpEnl+iaxhWLqsCM1P8LNBUYcEOKF/MH5U6tUnaNPhgD2q2J 5aRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=YeYunhaK2f0DQiJPzVDo43fWR0jjVDv/uD2kYdbx9yQ=; b=f3QNAr80bM0ebOTkfzCsAIB3gZV9YH5yo300ZpAjUUZxgx5YdNaKSGoQovY9FOn8xi ZhghvpxcZdq6iKVXZEHToq0Xk+0K1DTOttk6o2J6KGL0qMl6G+RB2UKmmA7cOTMqxJEb BlwRvqlQvgcHS8O0k8DZ6d/TGtsOk5n6tSIGPgoXKlBzrWvWHUB0vgOPVS5YFjGl8AJw 2VT+tY1PG3RfScOGVG7bgHXNdReE4lg/z2Ze64U6AYTsPJdw6twTFyzi+2/C4FOAQEK9 oLQhyBkGGaZeeXC3AaT+fABH21aTL4bvR4nJAW54jZd8/ulnztVl+cdmICIy0Q9KNtMx +5AA==
X-Gm-Message-State: AOAM5327KdC3ZahGKecQj2L+2VvkuL6jbYcI8ibux+lCs02RFCArXof5 88gRwuXYleCxa6bQvlcGUSUf/n05505rKz7yld8obSjm8+E=
X-Google-Smtp-Source: ABdhPJy7+ZeFqqzQnHygYYl5UZkyK76nkDZumR1gVHKHGxA5uGe6BwQvrXF+9qDCJCZqFr9ijazS6VErSs32e+KZw80=
X-Received: by 2002:a05:6102:50a4:b0:335:bfc3:5cda with SMTP id bl36-20020a05610250a400b00335bfc35cdamr4612465vsb.85.1654276820973; Fri, 03 Jun 2022 10:20:20 -0700 (PDT)
MIME-Version: 1.0
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Fri, 03 Jun 2022 10:20:10 -0700
Message-ID: <CAOW+2dsMjcP3X1rC9-0gJ4xikyQRtR4izwNnz_vDE+Y1Ccwmtg@mail.gmail.com>
To: saag <saag@ietf.org>
Cc: IETF AVTCore WG <avt@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000463b5105e08e562e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/pb2ZrMwLnC2UWWZ2dTLWGej2Dmk>
Subject: [AVTCORE] Request for Security Review of draft-ietf-avtcore-rtp-scip
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jun 2022 17:20:24 -0000
The AVTCORE WG would like to solicit a Security review of "RTP payload format for the SCIP codec" (draft-ietf-avtcore-rpt-scip). The document is available for inspection here: draft-ietf-avtcore-rtp-scip-01 - RTP Payload Format for the SCIP Codec <https://datatracker.ietf.org/doc/draft-ietf-avtcore-rtp-scip/> When submitting a review, please CC the AVTCORE WG (avt@ietf.org). As noted in the introduction, SCIP is a "pseudo-codec" that provides secure session establishment and transport over RTP. One of the goals of the document is to improve interop between SCIP endpoints and intermediaries such as SBCs and RTP relays. For example, SBCs have been observed to reject SDP Offers including SCIP, and some RTP relays have attempted to interpret or transcode SCIP RTP payloads, which is not helpful because they are encrypted and integrity protected. While SCIP is primarily used for secure audio communications, there is some experience with video (H.264) as well. In conferencing use cases, SCIP should be considered a "hop by hop" security service, in contrast to an "end to end" service such as SFrame. That is, SCIP is compatible with audio mixing or video MCU services, with the central conferencing server having access to cleartext media, thereby being considered "trusted". Note that the document has informative references to the following documents which can be made available upon request: [SCIP210] SCIP-210, "SCIP Signaling Plan", Revision 3.10, 26 October 2017, request access via email <ncia.cis3@ncia.nato.int>. [SCIP214] SCIP-214.2, "Secure Communication Interoperability Protocol (SCIP) over Real-time Transport Protocol (RTP)", Revision 1.1, 18 April 2014, request access via email <ncia.cis3@ncia.nato.int>. Bernard Aboba For the AVTCORE WG Chairs
- [AVTCORE] Request for Security Review of draft-ie… Bernard Aboba