Re: [avtext] Alia Atlas' Discuss on draft-ietf-avtext-splicing-notification-07: (with DISCUSS)
Alissa Cooper <alissa@cooperw.in> Wed, 15 June 2016 23:17 UTC
Return-Path: <alissa@cooperw.in>
X-Original-To: avtext@ietfa.amsl.com
Delivered-To: avtext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C37512D7EA; Wed, 15 Jun 2016 16:17:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cooperw.in header.b=Kx+Z5Qpe; dkim=pass (1024-bit key) header.d=messagingengine.com header.b=s5DX//kK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YNydSfibRbET; Wed, 15 Jun 2016 16:17:28 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5837012D699; Wed, 15 Jun 2016 16:17:28 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 4F95320172; Wed, 15 Jun 2016 19:17:27 -0400 (EDT)
Received: from frontend1 ([10.202.2.160]) by compute3.internal (MEProxy); Wed, 15 Jun 2016 19:17:27 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-sasl-enc :x-sasl-enc; s=mesmtp; bh=vnznrNpyOZa2BTjIyM1BhwRUVZ0=; b=Kx+Z5Q pe3gP5uCe0fvVPIRU+XtJmGeFTfPDECd4FDhqIK0hP2+RaN4UIqbZoPac6/TBn5d QWc9O0DSPF2UFVHtz5PnkhC0A3I2sVfBlFFDvyOIIOhHHxXV+y5SKWGUFtAA1bTv g3WiTEBdx5EW0nnOY85RB2VepvwaFJWCSrhBU=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=vnznrNpyOZa2BTj IyM1BhwRUVZ0=; b=s5DX//kK5yjqQ/CpsC4PDZPT7HzAj9J635ochqUE04WCCaR OJXB2MS7kvJwVSmLCgZ+QE6o1mbVUxi4N1jLh7Fn7dUSrNPi0q6goEqOiPwbOMAF 5FdquatVtZLiFB8RJJjVc1xFokz2F+ZcwUhsklzFbKID55BnsH65rRBcO448=
X-Sasl-enc: 7qoxtBngIX+Rz8mi/ZmZQ2obyJxt6b4qYEf3fBMqWJU+ 1466032646
Received: from dhcp-171-68-21-47.cisco.com (dhcp-171-68-21-47.cisco.com [171.68.21.47]) by mail.messagingengine.com (Postfix) with ESMTPA id 758D0F29FA; Wed, 15 Jun 2016 19:17:26 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Alissa Cooper <alissa@cooperw.in>
In-Reply-To: <20160614215932.31629.25074.idtracker@ietfa.amsl.com>
Date: Wed, 15 Jun 2016 16:17:26 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <1E7F244A-2045-48E5-B817-7B87D6E5B094@cooperw.in>
References: <20160614215932.31629.25074.idtracker@ietfa.amsl.com>
To: Alia Atlas <akatlas@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/avtext/xVDE79AvdC1FBhYqMLvHvgXAxPE>
Cc: avtext-chairs@ietf.org, draft-ietf-avtext-splicing-notification@ietf.org, avtext@ietf.org, IESG <iesg@ietf.org>, Jonathan Lennox <jonathan@vidyo.com>
Subject: Re: [avtext] Alia Atlas' Discuss on draft-ietf-avtext-splicing-notification-07: (with DISCUSS)
X-BeenThere: avtext@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Audio/Video Transport Extensions working group discussion list <avtext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avtext>, <mailto:avtext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avtext/>
List-Post: <mailto:avtext@ietf.org>
List-Help: <mailto:avtext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avtext>, <mailto:avtext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 23:17:31 -0000
A couple of thoughts here: - RTP middleboxes do all kinds of things to cleartext media that they receive. Of course people have realized the security drawbacks of this, which is why we have developed security technologies designed to prevent media manipulation and why we have other WGs working on extending that model to conferencing and defining best practices for how to secure media end-to-end. - I agree that the MUST NOT forward language is ill-advised, and it’s also unnecessary. But even if this document said MUST forward, there is nothing in the protocol semantics that would require implementations to do that, so I imagine that splicers that do not want to forward this information (whether to prevent detection or to reduce overhead) won’t forward it. Similarly, I would imagine that at least some of the payload-specific mechanisms used for this purpose have the same property, so even if systems rely on those mechanisms rather than RTP because the RTP spec says MUST forward, there is no guarantee that the splicing information will reach the receiver. Alissa > On Jun 14, 2016, at 2:59 PM, Alia Atlas <akatlas@gmail.com> wrote: > > Alia Atlas has entered the following ballot position for > draft-ietf-avtext-splicing-notification-07: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-avtext-splicing-notification/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > I believe this is more a discussion for the IESG. > > First, this is way out of my area and I'm not particularly commenting on > the details - but > I do agree with Mirja's discuss about > "- The following action does not seem to be appropriate for a > specification of an end-to-end protocol: > "And if the splicer wishes to prevent the downstream receivers from > detecting splicing, it MUST > NOT forward the message."" > > The full paragraph at the end of Sec 3.2 is: "When the splicer intercepts > the RTCP splicing notification message, > it SHOULD NOT forward the message to the down-stream receivers in > order to reduce RTCP bandwidth consumption. And if the splicer wishes > to prevent the downstream receivers from detecting splicing, it MUST > NOT forward the message." > > Even more specifically to me, superficially this seems to me to be a way > to change what is in the > stream that a receiver has requested or subscribed to without permission > or notification. In that light, > the idea that the splicer is able to prevent downstream receivers from > detecting the splicing does > not sound good. > > Similarly, the end of Sec 3.1 says "After the splicer intercepts the RTP > header extension and derives the > Splicing Interval, it will generate its own stream and SHOULD NOT > include the RTP header extension in outgoing packets to reduce header > overhead." > > This looks like another example of making the choice to hide information > from the receiver. > > I realize that there is probably an technical arms-race going on - of > inserting advertisements and > building receivers to block undesired advertisements. I am not seeing a > balanced solution that > considers the receivers as well as the senders. > > I am startled that there is no consideration of the impact of this > extension on the receivers > in the security considerations. > > The only reference I see in the Security Considerations further assumes > that it is appropriate to have an undetectable splicing. > > " A malicious endpoint may also break an undetectable splicing. To > mitigate this effect, the splicer SHOULD NOT forward the splicing > time information RTP header extension defined in Section 4.1 to the > receivers. And it MUST NOT forward this header extension when > considering an undetectable splicing. " > > At a minimum, I feel like there should be a very clear consideration of > the > pros and cons - including from the viewpoint of a receiver. > > If we end up with this biased technology, then it should be clearly > stated > - not hidden in assumptions. > > > >
- Re: [avtext] Alia Atlas' Discuss on draft-ietf-av… Mirja Kuehlewind (IETF)
- Re: [avtext] Alia Atlas' Discuss on draft-ietf-av… Alissa Cooper
- Re: [avtext] Alia Atlas' Discuss on draft-ietf-av… Huangyihong (Rachel)
- [avtext] Alia Atlas' Discuss on draft-ietf-avtext… Alia Atlas