Re: [AVTCORE] AD review: draft-ietf-avt-srtp-not-mandatory and draft-ietf-avtcore-rtp-security-options

Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 12 November 2013 15:11 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F23F11E8178 for <avt@ietfa.amsl.com>; Tue, 12 Nov 2013 07:11:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.523
X-Spam-Level:
X-Spam-Status: No, score=-105.523 tagged_above=-999 required=5 tests=[AWL=0.726, BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZVvHpE0KUmD4 for <avt@ietfa.amsl.com>; Tue, 12 Nov 2013 07:11:48 -0800 (PST)
Received: from mailgw7.ericsson.se (mailgw7.ericsson.se [193.180.251.48]) by ietfa.amsl.com (Postfix) with ESMTP id A532111E817E for <avt@ietf.org>; Tue, 12 Nov 2013 07:11:20 -0800 (PST)
X-AuditID: c1b4fb30-b7f228e000003e6c-f7-52824516922b
Received: from ESESSHC024.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw7.ericsson.se (Symantec Mail Security) with SMTP id 55.A5.15980.61542825; Tue, 12 Nov 2013 16:11:18 +0100 (CET)
Received: from [127.0.0.1] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.92) with Microsoft SMTP Server id 14.2.328.9; Tue, 12 Nov 2013 16:11:13 +0100
Message-ID: <52824556.8020809@ericsson.com>
Date: Tue, 12 Nov 2013 16:12:22 +0100
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: Richard Barnes <rlb@ipv.sx>, <avt@ietf.org>, <draft-ietf-avt-srtp-not-mandatory@tools.ietf.org>, <draft-ietf-avtcore-rtp-security-options@tools.ietf.org>
References: <CAL02cgRRvx8puZoDRHv39Am+2oHy44iion_x77WfiqW0hEPgxw@mail.gmail.com>
In-Reply-To: <CAL02cgRRvx8puZoDRHv39Am+2oHy44iion_x77WfiqW0hEPgxw@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprALMWRmVeSWpSXmKPExsUyM+Jvra64a1OQwXZzi5c9K9kttu9eyWax dNdfFoupfbYOLB5Llvxk8pi8cRaLx5fLn9kCmKO4bFJSczLLUov07RK4Mn5tesha0CRQsfzQ dpYGxmbeLkZODgkBE4k109azQNhiEhfurWfrYuTiEBI4xCgxf8dGVpCEkMByRolbizVBbF4B bYk/S6+AxVkEVCXary5jA7HZBCwkbv5oBLNFBYIlzr9azA5RLyhxcuYTFpChIgILGSWWLXkF ViQskCrxd9teoAQH0IIAid8TJEDCnAKBEt/XTmYCCUsIiEv0NAaBhJkF9CSmXG1hhLDlJZq3 zmaGOE1boqGpg3UCo+AsJNtmIWmZhaRlASPzKkb23MTMnPRy802MwFA9uOW3wQ7GTffFDjFK c7AoifN+eOscJCSQnliSmp2aWpBaFF9UmpNafIiRiYNTqoGxUlPqFW/Mqe/H3q0xPHNb2bFW Yenun6WNkilaKTEbJ088JTG3yUBC/8fLVTs0RT5usil6aHZD+lCZ9PxUidCDOkFS/Md/c+0z rz0bpzXFwjeyv2HTvQuu0z4tXhj53HvJPNPZX1QSPSLtfVe/Kn63YKP43Oc9Xx4tyektOFri 2tGpxrb4p/YnJZbijERDLeai4kQAphH2GSMCAAA=
Subject: Re: [AVTCORE] AD review: draft-ietf-avt-srtp-not-mandatory and draft-ietf-avtcore-rtp-security-options
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Nov 2013 15:11:53 -0000

Richard and WG,

We have updated the RTP Security Options document. This adds three
guidance sub-sections regarding automated key-management, tunnels vs
end-to-end security and plain text key considerations.

I also fixes a missing reference. All visible in the diff:
http://www.ietf.org/rfcdiff?url2=draft-ietf-avtcore-rtp-security-options-09

I hope everyone can take a look at these changes and react if they are
wrong or non-acceptable.

Cheers

Magnus

On 2013-11-03 01:12, Richard Barnes wrote:
> On draft-ietf-avt-srtp-not-mandatory:
> I have reviewed this draft in preparation for IETF Last Call and IESG
> processing.  Clearly, this is not the best moment in history to be
> making this sort of argument, given the increased focus on .  However, I
> think this document makes the case pretty clearly.  It helps to have
> draft-ietf-avtcore-rtp-security-options as a positive statement to go
> alongside this document.
> 
> On draft-ietf-avtcore-rtp-security-options:
> I have reviewed this draft in preparation for IETF Last Call and IESG
> processing.  One question to discuss briefly before IETF LC:  My major
> concern is that it seems like there's a lot of old stuff in here.  Has
> the WG considered explicitly marking each of the mechanisms with some
> sort of recommendation level?  I would like to avoid having someone
> choose SDES in a case where they could use DTLS-SRTP, for example.
> 
> If the authors could follow up on that one point, we should be able to
> get these both into LC soon.
> 
> Thanks,
> --Richard


-- 

Magnus Westerlund

----------------------------------------------------------------------
Multimedia Technologies, Ericsson Research EAB/TVM
----------------------------------------------------------------------
Ericsson AB                | Phone  +46 10 7148287
Färögatan 6                | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------