IETF Logo Mail Archive

Re: [AVTCORE] Roman Danyliw's Discuss on draft-ietf-avtcore-rtp-scip-04: (with DISCUSS and COMMENT)

Roman Danyliw <rdd@cert.org> Fri, 06 January 2023 17:49 UTC

Return-Path: <rdd@cert.org>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3085EC14CE25; Fri, 6 Jan 2023 09:49:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W4IXJZy_iNeD; Fri, 6 Jan 2023 09:49:27 -0800 (PST)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0134.outbound.protection.office365.us [23.103.208.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9C90C14CF00; Fri, 6 Jan 2023 09:49:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=fh4WcVvBUr3bw+xmnGS5nSuzOueF5O2YDaUajGGyIyjzg6YXuGYB7K2hPDJBa3OV+xwglvVNuq7mjDDrjhZMqaPQUtYAntpVb5YBjKVxZEPKMph4Tu8FcbNP0G7pkh+VcEsBH0XPL/if5krKUXp+tFaO+ynb0n/bbBzsO61DJt8UDeylggV8+EcC2hsC30yw4OGaaOBagqwJsu4eXRJMbWFBgPfeBLj4q/U3zanqSUZQnUb+jmk8XVyZ4K8Pjze0kZUqfk8O2MAnHbqhiT+yRvchOmGJd8MeSZdOIr/OOXexIoETy0Etdab0PnGIJyV9KzTgKSAxZ9IwH4eFnb1q1Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kkWN5aUJpRBjC01V+tb9pETZ1BLT0F09/q9WUMIzeWg=; b=Ig4nS8+gMESFBZZCyIk5CxqGBVJnW50Hodm5gxXbxwiEHrZ7VgXK3fKxFt0Tsr41GSGeZbVo8ze8HWFLMstdH+LqntBbJl0LqaZg/SvKpTqdHCqFTKzNUEaMCQjqp02xIW5vQREcnRt1SK7tydBlwzXhRC6vrz69qMHDTjUYAG5yyyDEeurBpVqOYJOLMlI8674xL9KDrF8zF56dwhgRvd/3bGP18+hAt0B1d6FzTyERPZQDAqzcNnsn3AbOZ2U2qkMFkmFjoAtU67eGi6kK55XPVFbOraSRlJ1mxW2By/3DCs/N+oCWq7x+t45FtN31yfCIUxllT4s2Kgx0qNWGNA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kkWN5aUJpRBjC01V+tb9pETZ1BLT0F09/q9WUMIzeWg=; b=rZxvE8IrMzgo6AcsZt92Lc0taKfkXOBvNhiWZsmnF6CV/RBGZCBm0pfHRVMeFAxZ0k9nB5zY0kUSh6HOhMVcnBQZFhNImSMuaTTZ+Au9D+q1T+UQ/os9rbA8uCimXO2yyybhsZdMERiZ3bI7mp8qQAhkO2DZ2xUGR1o3m09PfZU=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1510.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:178::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Fri, 6 Jan 2023 17:49:22 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::dacc:e769:564c:f0e]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::dacc:e769:564c:f0e%6]) with mapi id 15.20.5944.019; Fri, 6 Jan 2023 17:49:22 +0000
From: Roman Danyliw <rdd@cert.org>
To: "Dan.Hanson@gd-ms.com" <Dan.Hanson=40gd-ms.com@dmarc.ietf.org>, The IESG <iesg@ietf.org>
CC: "draft-ietf-avtcore-rtp-scip@ietf.org" <draft-ietf-avtcore-rtp-scip@ietf.org>, "avtcore-chairs@ietf.org" <avtcore-chairs@ietf.org>, "avt@ietf.org" <avt@ietf.org>, "jonathan.lennox@8x8.com" <jonathan.lennox@8x8.com>, "bernard.aboba@gmail.com" <bernard.aboba@gmail.com>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-avtcore-rtp-scip-04: (with DISCUSS and COMMENT)
Thread-Index: AQHZH6UOHDPmPYCh1UynQDdp6w+wJ66On02AgAME1eA=
Date: Fri, 06 Jan 2023 17:49:21 +0000
Message-ID: <BN2P110MB1107234793FC7AA980448D90DCFB9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <167277215682.29620.18106963117546535615@ietfa.amsl.com> <PH1P110MB1172517274360EB464E94EB5D5F59@PH1P110MB1172.NAMP110.PROD.OUTLOOK.COM>
In-Reply-To: <PH1P110MB1172517274360EB464E94EB5D5F59@PH1P110MB1172.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1510:EE_
x-ms-office365-filtering-correlation-id: bb4076ec-e1e0-4b9f-373f-08daf00e57d5
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: D+Mf/V/wmiFTZ7ZyS1tDTvVL1KmTAHiRH5ptJbAPUPZtkWEXh3ZrhDyMK1NCmcF3b8Pw8CIauuuzrhS+eaAjMGs+2kajwiwqov4QDRlZKMQ0WtmMSKROA+owMQfsmwdEuhyxPTMm70bI3WRxA6rXiTIDwWGNnyS/FW0PIbvKfKgzQqoNczerZTXAkGHrhlvQyQ731deTRTzBx7dU9FMI6qJX0M6r8dI4iznFjZ0o6L+kgabEH1ucp43J7dYuoYyEJ9TiKXFCE44sqYkBxd3N3D2wUGQS2J5QXP5JxeQQ61cs8/5vfJc+zt3F3VQyE7NoZugGyLTXTWN1NxAxsnshN35oEKbLnNtLv3X8/D+8MwsTHHBoz2Eq3OSKR3vG1XJekfJMkiVqrm8lMxicZS7eNfR8TlsG5qTs0aYn/KoaEdsyYTo9S6MxqAJVSDHqNeXtlx9jWojA6pQl0cc9UoDtNPNJJSUogd9uFQVw2YuTMC8Jrn8iLujsES68cwLnxlyo55Hol9EY/svzGFvgGq/lU5r2MO15RkEdAJBhIwMyyalEmLYUdmPj2BIb34vmeZqDUxTaxg2+BRojvNHJlG/dgwxJs5RemIGH8q7SOHUweRSd/QbXgCBtF/5yB3ErYMd9qajRJKx0XnAXh1oIZLm9wa2vbbjLhbV/4T5xu3oadsg=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(396003)(366004)(39830400003)(136003)(451199015)(6506007)(186003)(9686003)(53546011)(5660300002)(76116006)(110136005)(2906002)(52536014)(966005)(508600001)(7696005)(71200400001)(4326008)(26005)(54906003)(41300700001)(66946007)(8676002)(86362001)(55016003)(66476007)(83380400001)(122000001)(66446008)(38100700002)(64756008)(38070700005)(82960400001)(41320700001)(166002)(8936002)(33656002)(66556008)(491001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: CIaWnNe/bG9P2LtyxyLgbKEdzup8nXsGd5FpiKBMP8ZGsZWc176DUr6ie2XwDDHYo1e5C0/2qXkkZnXTDo8WKcCT8aKGMueVup+ogB3BPwAbf5+l9PwDTCn0r+bIxwe1vWX01ExwkwbnnDjyvVVgNEMIu2txy6O1xm/sA18shCi1wzk4omVrLgEjPCh5CWd5tRUdASEBe7M+QvB/t2qfidkIsLOg1KDs/dQ7iGHTwwiQKohp2LrGXozVjMtkAz9Sn5SHqezrC7hhU72sZ1ko8aHCBrSBSjvINy19/4oFiUWB+l9Qrf4c64YcMxA/RCHsNT3JkwOr0eVLxjxSDeqeULnc4T+tnp8puIrqQBrJVHIDr+/85hwOBbjhlofp/mvBoQZUWSyf1/uy9pwL1QPn9Bl6iPtH61DINRR3q2TH6ow=
Content-Type: multipart/alternative; boundary="_000_BN2P110MB1107234793FC7AA980448D90DCFB9BN2P110MB1107NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: bb4076ec-e1e0-4b9f-373f-08daf00e57d5
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2023 17:49:21.9989 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1510
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/qfuUEuzeTD9EJ71NlpV4MuyH7NI>
Subject: Re: [AVTCORE] Roman Danyliw's Discuss on draft-ietf-avtcore-rtp-scip-04: (with DISCUSS and COMMENT)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2023 17:49:32 -0000

Hi Dan!

Thanks for the follow-up.  More inline ...

From: iesg <iesg-bounces@ietf.org> On Behalf Of Dan.Hanson@gd-ms.com
Sent: Wednesday, January 4, 2023 2:04 PM
To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org>
Cc: draft-ietf-avtcore-rtp-scip@ietf.org; avtcore-chairs@ietf.org; avt@ietf.org; jonathan.lennox@8x8.com; bernard.aboba@gmail.com
Subject: RE: Roman Danyliw's Discuss on draft-ietf-avtcore-rtp-scip-04: (with DISCUSS and COMMENT)

Roman,

Responses to comments below in [DH] red.

Dan Hanson
General Dynamics Mission Systems

-----Original Message-----
From: Roman Danyliw via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>>
Sent: Tuesday, January 03, 2023 1:56 PM
To: The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>
Cc: draft-ietf-avtcore-rtp-scip@ietf.org<mailto:draft-ietf-avtcore-rtp-scip@ietf.org>; avtcore-chairs@ietf.org<mailto:avtcore-chairs@ietf.org>; avt@ietf.org<mailto:avt@ietf.org>; jonathan.lennox@8x8.com<mailto:jonathan.lennox@8x8.com>; bernard.aboba@gmail.com<mailto:bernard.aboba@gmail.com>; bernard.aboba@gmail.com<mailto:bernard.aboba@gmail.com>
Subject: Roman Danyliw's Discuss on draft-ietf-avtcore-rtp-scip-04: (with DISCUSS and COMMENT)

----
External E-mail --- CAUTION: This email originated from outside GDMS. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Roman Danyliw has entered the following ballot position for
draft-ietf-avtcore-rtp-scip-04: Discuss

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-avtcore-rtp-scip/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

(I conducted my review without access to [SCIP210])

** Section 4.  It isn't clear what the format of the payload is from the
description provided in this text beyond asserting that it is negotiated via
SCIP-210 and that the SCIP codec is an encrypted bitstream.  Are all details
entirely opaque?  If so, can the text please be more explicit in stating that.

[DH] All of the security properties are within the SCIP-210 session establishment protocol so it is "opaque" at the RTP payload level.

[Roman] I appreciate this clarification.  I'm still confused.  Taking the title of this document ("RTP Payload Format for the Secure Communication Interoperability Protocol (SCIP) Codec") and the associated section title ("Section 4.  Payload Format") literally, and considering that this document has proposed standard status, I was expecting the text to explain in a normative fashion how to decode or interpret the contents of the RTP payload.  Two common ways I could envision that could be done is by putting text in this document or via normative references.

[Roman] The text that is present here makes an informal reference to SCIP-210 and provides no further guidance on how to read the RTP payload.  As a reader, I don't have sufficient information to understand the RTP payload.  It's fine that it's blob (in a sense, all RTP payload is a blob of some kind), but where is the normative reference to parse the blob.

[Roman] Appreciating there is a rich IETF history in publishing "RTP Payload" documents, I conducted a quick survey to confirm that their substance is consistent with my expectations described above.  My quick survey of other "RTP Payload" format documents seems to confirm that they all devote some text to explaining how to decode what is in the RTP payload and crucially provide a normative reference to the associated codec/payload.  I looked that these:

-- RFC4578 (RTP Payload Format for H.261 Video Streams)
-- RFC6184 (RTP Payload Format for H.264 Video)
-- RFC7587 (RTP Payload Format for the Opus Speech and Audio Codec)
-- RFC7798 (RTP Payload Format for High Efficiency Video Coding (HEVC))
-- RFC9134 (RTP Payload Format for ISO/IEC 21122)
-- draft-ietf-payload-vp9 (RTP Payload Format for VP9 Video)
-- draft-ietf-avtcore-rtp-v3c (RTP Payload Format for Visual Volumetric Video-based Coding)

[Roman] Can the WG explain how it's possible to describe an RTP payload format without citing or explaining the details of that format in a normative fashion?

** Section 6.  RFC7202 appears to be cited here as a reminder to the reader
that there are a variety of possible security solutions in the RTP ecosystem.
My confusion is that it isn't clear how this flexibility applies in the case of
SCIP.  It appears that there is tight coupling between the SCIP session
negotiation and the embedded content in the RTP stream.  Specifically, Section
4 notes that "The SCIP codec produces an encrypted bitstream that is
transported over RTP."  Doesn't the use of an SCIP payload (the blob generated
by a SCIP codec) imply a set of security properties?  Where are those formally
documented?  Section 2 hints at them being "end-to-end security at the
application layer, authentication of user identity, the ability to apply
different security levels for each secure session, and secure communication
over any end-to-end data connection."

[DH] All of the security properties are specified in SCIP-210. While the SCIP payload is encrypted, it does not address many of the RTP security issues identified in RFC7202. For example, there is no RTP header authentication as specified SRTP (RFC3711), nor are RTCP messages encrypted or authenticated.  Therefore we feel this Security Considerations boilerplate text still applies.

[Roman] Thanks for explaining.  I respectfully disagree that the RFC7202 boilerplate is sufficient here.  My high-level read of RFC7202 is that there are a range of solutions in the rich RTP ecosystem by which a generic RTP stream could be secured - these would apply to SCIP or anything else - and applications need to make the specific decisions.  What is different in the case of SCIP is that unlike RTP payloads such as H.261, H.264, H.265, V9, etc, the SCIP payload has and provides security services above an beyond whatever would be provided by RTP.  If the RTP payload of SCIP is being described by the document, the residual (above an beyond RTP) protections it affords need to be described or cited.

----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

[snip]

[DH] With respect to network equipment manufacturers, the intent is to inform them of the existence of the "scip" payload so they can allow "scip" to traverse their networks.  There is no "implementation" of SCIP itself in network equipment such as Session Border Controllers or Call Managers.

[Roman] The WG understand the community better than me.  In my view, if the primary purpose of the document is intended to inform about the existence of the SCIP payload, why are the media registrations insufficient (https://www.iana.org/assignments/media-types/video/scip, https://www.iana.org/assignments/media-types/audio/scip)?

Regards,
Roman

v2.23.0 | Report a Bug | By Email