Re: [bfcpbis] Stephen Farrell's No Objection on draft-ietf-bfcpbis-rfc4582bis-13: (with COMMENT)

Tom Kristensen <2mkristensen@gmail.com> Fri, 11 September 2015 12:54 UTC

Return-Path: <2mkristensen@gmail.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F7701B48B5; Fri, 11 Sep 2015 05:54:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNDVZStKSfSA; Fri, 11 Sep 2015 05:54:50 -0700 (PDT)
Received: from mail-lb0-x22e.google.com (mail-lb0-x22e.google.com [IPv6:2a00:1450:4010:c04::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4EE31B474A; Fri, 11 Sep 2015 05:54:49 -0700 (PDT)
Received: by lbcjc2 with SMTP id jc2so39037213lbc.0; Fri, 11 Sep 2015 05:54:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bMpW78VWd8nLWSoVpCBAus6kTcApIUBWJTocC6jv8x0=; b=arpMI/h8+NDxtBebcrOonISaab4wMfGL28tkIvQnF2grLgq4+/6dRNDaKzQel7Q2xR 0jAnuPs26Od5sZdqAOCVdPcFpORtlsWyI9DQHvsOHndn/VbSH7yEpi+hO5aRupPTnSx+ g/z/3/PtpiqppIKEEH+BzKTQwIGi1qvPU7sXMatqZLiRElTWuiBZ5vf8NX9y48DU4vAV XPhoWbu43GTcTndBsw4sUmeoqYjUGQsRUqUNHHx5YgZZ8dy3IuLHcESuDhm4O+CfuR+A dDIE1TsQpMdgmuf8oacdwWwC4V6TygiOA+RpjPbbLDIKRfxUQzMgOtYQCLYE9PDPuUVZ 4uCA==
MIME-Version: 1.0
X-Received: by 10.152.10.4 with SMTP id e4mr4484538lab.79.1441976087990; Fri, 11 Sep 2015 05:54:47 -0700 (PDT)
Received: by 10.25.79.77 with HTTP; Fri, 11 Sep 2015 05:54:47 -0700 (PDT)
In-Reply-To: <20150305152844.22120.78057.idtracker@ietfa.amsl.com>
References: <20150305152844.22120.78057.idtracker@ietfa.amsl.com>
Date: Fri, 11 Sep 2015 14:54:47 +0200
Message-ID: <CAFHv=r8m=A8Z339QcqypuV2YNukZ30mPS5zY-LOCH+Uhei9iWw@mail.gmail.com>
From: Tom Kristensen <2mkristensen@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="001a1132f3a07fd971051f783827"
Archived-At: <http://mailarchive.ietf.org/arch/msg/bfcpbis/QRRDVevBKlDJnzKLyH0xvNb30ys>
Cc: draft-ietf-bfcpbis-rfc4582bis.all@ietf.org, bfcpbis-chairs@ietf.org, Tom Kristensen <tomkrist@cisco.com>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>, The IESG <iesg@ietf.org>, Mary Barnes <mary.ietf.barnes@gmail.com>
Subject: Re: [bfcpbis] Stephen Farrell's No Objection on draft-ietf-bfcpbis-rfc4582bis-13: (with COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Sep 2015 12:54:52 -0000

On 5 March 2015 at 16:28, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> Stephen Farrell has entered the following ballot position for
> draft-ietf-bfcpbis-rfc4582bis-13: No Objection
>

[...]


> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> - section 7: As in other cases, this might be better to refer
> to the generic UTA work rather than have it's own list of
> preferred ciphersuites.
>

The main reason for this is the fact that this is an extension of an
existing RFC and that the current version of BFCP will continue to live and
existing implementations will not be updated.

- I wondered why you'd not just moved all the way to make TLS
> mutual-auth mandatory to use for this.
>

Of the same reasons SRTP and other protocols/channels in this (for the
most/currently SIP based) world does not rely on mutual-auth, more
deployment friendly alternatives are specified and used.

-- Tom

-- 
# Cisco                         |  http://www.cisco.com/telepresence/
## tomkrist@cisco.com  |  http://www.tandberg.com
###                               |  http://folk.uio.no/tomkri/