[AVTCORE] Zaheduzzaman Sarker's Yes on draft-ietf-avtcore-cryptex-06: (with COMMENT)
Zaheduzzaman Sarker via Datatracker <noreply@ietf.org> Wed, 15 June 2022 21:38 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: avt@ietf.org
Delivered-To: avt@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 47EDCC14CF18; Wed, 15 Jun 2022 14:38:27 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Zaheduzzaman Sarker via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-avtcore-cryptex@ietf.org, avtcore-chairs@ietf.org, avt@ietf.org, bernard.aboba@gmail.com, bernard.aboba@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 8.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Zaheduzzaman Sarker <Zaheduzzaman.Sarker@ericsson.com>
Message-ID: <165532910728.61351.9861764949299743814@ietfa.amsl.com>
Date: Wed, 15 Jun 2022 14:38:27 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/vg_Is6Y_9EwCPWN4wiAgwL9q5jk>
Subject: [AVTCORE] Zaheduzzaman Sarker's Yes on draft-ietf-avtcore-cryptex-06: (with COMMENT)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2022 21:38:27 -0000
Zaheduzzaman Sarker has entered the following ballot position for draft-ietf-avtcore-cryptex-06: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-avtcore-cryptex/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for working on this important specification. I just wish if we could provide more stronger specification and don't allow the mix of cryptex with other not so secure exiting solutions. I have some comments/suggestions/questions - - the shepherd's write-up says there is not IPR declarations but https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-avtcore-cryptex return two hits on IPR declarations. The write up should be updated, was the WG not aware of these IPRs? - section 1.1 : it says - "Accordingly, these identifiers can be considered a fingerprinting issue." is there any analysis of this claim that can be referred to?" - section 1.3 : it says - "While we considered possible solutions that would have encrypted more of the RTP header (e.g., the number of CSRCs), we felt the inability to parse the resultant packets with current tools, as well as additional complexity incurred, outweighed the slight improvement in confidentiality" if I have understood it correctly, I would suggest to rewrite this to something like - While considering the possible solutions that would have encrypted more of the RTP header (e.g., the number of CSRCs), lack of support on current tools was inevitable and the additional complexity outweighed the slight improvement in confidentiality by fixing previous solutions. Hence, new approach was needed to solve the described problem in section 1.1.
- [AVTCORE] Zaheduzzaman Sarker's Yes on draft-ietf… Zaheduzzaman Sarker via Datatracker
- Re: [AVTCORE] Zaheduzzaman Sarker's Yes on draft-… Bernard Aboba