[AVTCORE] Re: I-D Action: draft-lennox-sdp-raw-key-fingerprints-00.txt

Jonathan Lennox <jonathan.lennox@8x8.com> Fri, 18 October 2024 21:31 UTC

Return-Path: <jonathan.lennox@8x8.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20400C18DBB7 for <avt@ietfa.amsl.com>; Fri, 18 Oct 2024 14:31:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=8x8.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XBncLk0WGj9u for <avt@ietfa.amsl.com>; Fri, 18 Oct 2024 14:31:36 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87249C18DB9D for <avt@ietf.org>; Fri, 18 Oct 2024 14:31:36 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id d75a77b69052e-46098928354so17605291cf.1 for <avt@ietf.org>; Fri, 18 Oct 2024 14:31:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=8x8.com; s=googlemail; t=1729287095; x=1729891895; darn=ietf.org; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=o/d06odNlNeObiO2q6zTsIOewsAJOgq42CXQIiWFc1U=; b=Gly3dDrRgMg91WUZFmIRT/SgDUu/yONjeHA0wW9YOWI2c50MhL8/7SOqNVQrUPG9r/ njVeOnmbDuTiEVRxi+PHXCQaoIHMb8m+9vmq52fVdIVIm9cs5Tjg4CembnrsmPkRwxy5 /C8W/UAC1dmGDvlKgV21jQG1JNCnKRqKi3HCc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729287095; x=1729891895; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o/d06odNlNeObiO2q6zTsIOewsAJOgq42CXQIiWFc1U=; b=saXRPw9tTTcdTQmvv5loG89NSDmkRtGWyNd8SjEtgK/JN6qbsylAF6lHNrAbym+ZaE SW2T59dDGZ1YpL+mp9xlo6iqtJ1JTZ0janSRyyBePWJF2aoL+hM09iCAzt41f6exZQd1 zFo9pcoOcD6rC8L6DQDguXd7Re6Qnjc6JJaex2IbOryyFqG04AlJsaHoWvnspbIdXrG6 aCrGR6a4VrWXTFkhKZK/BtwkGNs+EcJGRFAGZWNudMHWdb9hi7AZJD3M4JRPA0s/Ee4p wy79LGh9OHILBmbuqkI9Q52V0/caBbOG+hDIpxeReuhPfaO51lGR6qRowEIgp0sTGR1z S5lw==
X-Forwarded-Encrypted: i=1; AJvYcCUCWWktgkDuVCcyq6zsTHwOect+qpRnkWcLlSgFlRwcPMcQBL/Y5kSmGiW4SQq/Mnn/m8M=@ietf.org
X-Gm-Message-State: AOJu0YwMjX/qk0lEvhmAYfSfeZNh4d+XAoe5RCjC64jq3ej4mCcMOuoe XnuwN1MmHgZ2jN1wbF8LXxkd+o8MyHJ/wGyLd8uxJUBmpqPIt1mO6glHgHpuFA==
X-Google-Smtp-Source: AGHT+IEVOQx0+PeK+g98foUxYdxRZCKL+gsKJQ/XhjvLOmf9XcL2QNfvi2CSuZdVK61DUj3GiKblDg==
X-Received: by 2002:a05:622a:18a1:b0:45b:5cdf:54b5 with SMTP id d75a77b69052e-460aee38890mr45393171cf.41.1729287094997; Fri, 18 Oct 2024 14:31:34 -0700 (PDT)
Received: from smtpclient.apple (collider.cs.columbia.edu. [128.59.13.23]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-460ae9963d4sm11083161cf.45.2024.10.18.14.31.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Oct 2024 14:31:33 -0700 (PDT)
From: Jonathan Lennox <jonathan.lennox@8x8.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51\))
Date: Fri, 18 Oct 2024 17:31:22 -0400
References: <172928612918.1576603.10331362486173581644@dt-datatracker-78dc5ccf94-w8wgc>
To: mmusic@ietf.org, avt@ietf.org, rtcweb@ietf.org
In-Reply-To: <172928612918.1576603.10331362486173581644@dt-datatracker-78dc5ccf94-w8wgc>
Message-Id: <B87EBD43-908A-464B-A888-412030A3E60E@8x8.com>
X-Mailer: Apple Mail (2.3776.700.51)
Message-ID-Hash: ZJJ5OGWEDHYJ5PKRZOFWSFFDJMGTBLOE
X-Message-ID-Hash: ZJJ5OGWEDHYJ5PKRZOFWSFFDJMGTBLOE
X-MailFrom: jonathan.lennox@8x8.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-avt.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [AVTCORE] Re: I-D Action: draft-lennox-sdp-raw-key-fingerprints-00.txt
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/x1daf82AiIZ-5HFoWgo4UnsnkZE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Owner: <mailto:avt-owner@ietf.org>
List-Post: <mailto:avt@ietf.org>
List-Subscribe: <mailto:avt-join@ietf.org>
List-Unsubscribe: <mailto:avt-leave@ietf.org>

Hi, all —

I have submitted this draft defining how to use raw public keys (rather than self-signed certificates) in TLS or DTLS negotiated with SDP, with of course the specific use case in mind of SDP-negotiated DTLS/SRTP such as is used in WebRTC.

Comments are welcome, as well as any suggestions as to the best forum in which to develop this work; the base TLS in SDP (i.e. “a=fingerprint”) work was done in MMUSIC, but that group is closing down.

Thank you!

> On Oct 18, 2024, at 5:15 PM, internet-drafts@ietf.org wrote:
> 
> Internet-Draft draft-lennox-sdp-raw-key-fingerprints-00.txt is now available.
> 
>   Title:   Session Description Protocol Fingerprints for Raw Public Keys in (Datagram) Transport Layer Security
>   Author:  Jonathan Lennox
>   Name:    draft-lennox-sdp-raw-key-fingerprints-00.txt
>   Pages:   9
>   Dates:   2024-10-18
> 
> Abstract:
> 
>   This document defines how to negotiate the use of raw keys for TLS
>   and DTLS with the Session Description Protocol (SDP).  Raw keys are
>   more efficient than certificates for typical uses of TLS and DTLS
>   negotiated with SDP, without loss of security.
> 
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-lennox-sdp-raw-key-fingerprints/
> 
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-lennox-sdp-raw-key-fingerprints-00.html
> 
> Internet-Drafts are also available by rsync at:
> rsync.ietf.org::internet-drafts
> 
>