Re: [bfcpbis] Kathleen Moriarty's No Objection on draft-ietf-bfcpbis-sdp-ws-uri-08: (with COMMENT)

"Ram Mohan R (rmohanr)" <rmohanr@cisco.com> Mon, 30 January 2017 04:27 UTC

Return-Path: <rmohanr@cisco.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51356129958; Sun, 29 Jan 2017 20:27:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.72
X-Spam-Level:
X-Spam-Status: No, score=-17.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6waRU-aUEmKC; Sun, 29 Jan 2017 20:27:28 -0800 (PST)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1523127ABE; Sun, 29 Jan 2017 20:27:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4114; q=dns/txt; s=iport; t=1485750448; x=1486960048; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=1+2uoaevJMJzJNdRuY2TBttBoq9ZEZ6uRxOYLkdQP/M=; b=V2nHKiEqH1hXvAbGkUIIev/ozf7lmwF0XlZYTN1EkglggCtZDnX2+v1/ 8Kt4P47JuRaMFr8zhnf4KkSIWa1DNSG1FJQ6uWM2sc2zhbNZj3eAua8QR ipSUQ9cd3nJO2Z/VmzVg7DnHhViUBb6MNna47KH+eAALZ09rTjdZfJLhw s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BFAQC4v45Y/5RdJa1eGQEBAQEBAQEBAQEBBwEBAQEBgygrYYEJB4NOigmSAIgJjSmCDB8LhS5KAhqCCD8YAQIBAQEBAQEBYiiEaQEBAQQBASEROgsMBAIBCBEDAQIDAiYCAgIfBgsVCAgCBAENBYlJAxgOqmKCJYcjDYM6AQEBAQEBAQEBAQEBAQEBAQEBAQEBGAWBC4dFgmqCUYFKEQEjMQKCTC6CMQWJApIaOAGGZocDhBGBeYUViWmKJ4hXAR84dlUVOxABhCscGYFIdQGGE4EhgQwBAQE
X-IronPort-AV: E=Sophos;i="5.33,310,1477958400"; d="scan'208";a="377371529"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 30 Jan 2017 04:27:27 +0000
Received: from XCH-RTP-017.cisco.com (xch-rtp-017.cisco.com [64.101.220.157]) by rcdn-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id v0U4RQS6026036 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 30 Jan 2017 04:27:26 GMT
Received: from xch-rtp-017.cisco.com (64.101.220.157) by XCH-RTP-017.cisco.com (64.101.220.157) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Sun, 29 Jan 2017 23:27:25 -0500
Received: from xch-rtp-017.cisco.com ([64.101.220.157]) by XCH-RTP-017.cisco.com ([64.101.220.157]) with mapi id 15.00.1210.000; Sun, 29 Jan 2017 23:27:25 -0500
From: "Ram Mohan R (rmohanr)" <rmohanr@cisco.com>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>
Thread-Topic: [bfcpbis] Kathleen Moriarty's No Objection on draft-ietf-bfcpbis-sdp-ws-uri-08: (with COMMENT)
Thread-Index: AQHSccvzicC2YxaLEkmgOd4T5l0SJ6FRJoKA
Date: Mon, 30 Jan 2017 04:27:25 +0000
Message-ID: <B64C04C9-218D-4E5A-BD61-2DB4FFAC6433@cisco.com>
References: <148477238653.1935.13141262288783728473.idtracker@ietfa.amsl.com>
In-Reply-To: <148477238653.1935.13141262288783728473.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1a.0.160910
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.143.30.47]
Content-Type: text/plain; charset="utf-8"
Content-ID: <DE612FB15198EC4CB5D23036ED80C931@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/bfcpbis/UISyarofBNwSrr0Wfo_mEg1jD_s>
Cc: "draft-ietf-bfcpbis-sdp-ws-uri@ietf.org" <draft-ietf-bfcpbis-sdp-ws-uri@ietf.org>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>
Subject: Re: [bfcpbis] Kathleen Moriarty's No Objection on draft-ietf-bfcpbis-sdp-ws-uri-08: (with COMMENT)
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jan 2017 04:27:29 -0000

Hi Kathleen,

Please see inline <Ram>

-----Original Message-----
From: bfcpbis <bfcpbis-bounces@ietf.org> on behalf of Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Date: Thursday, 19 January 2017 at 2:16 AM
To: The IESG <iesg@ietf.org>
Cc: "draft-ietf-bfcpbis-sdp-ws-uri@ietf.org" <draft-ietf-bfcpbis-sdp-ws-uri@ietf.org>, "bfcpbis@ietf.org" <bfcpbis@ietf.org>, "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, "bfcpbis-chairs@ietf.org" <bfcpbis-chairs@ietf.org>
Subject: [bfcpbis] Kathleen Moriarty's No Objection on draft-ietf-bfcpbis-sdp-ws-uri-08: (with COMMENT)

    Kathleen Moriarty has entered the following ballot position for
    draft-ietf-bfcpbis-sdp-ws-uri-08: No Objection
    
    When responding, please keep the subject line intact and reply to all
    email addresses included in the To and CC lines. (Feel free to cut this
    introductory paragraph, however.)
    
    
    Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
    for more information about IESG DISCUSS and COMMENT positions.
    
    
    The document, along with other ballot positions, can be found here:
    https://datatracker.ietf.org/doc/draft-ietf-bfcpbis-sdp-ws-uri/
    
    
    
    ----------------------------------------------------------------------
    COMMENT:
    ----------------------------------------------------------------------
    
    I may have missed it, but don't see a clear reason (would expect to see
    it in the security considerations section) as to why TLS isn't a MUST. 
    RECOMMENDED is good, but having a reason to justify this would be
    helpful.  It seems like it is for legacy support of HTTP applications,
    but spelling that out might be helpful.

<Ram> That’s right. This specification allows the new SDP attribute to carry  secure WebSocket URI (wss-URI) and webSocket URI (ws-URI) as defined in RFC 6455.
I would expect application specifications that refers to this draft when using WebSocket as transport protocol will tighten this by mandating secureWebSocket or webSocket as transport protocol depending on the application requirements. For example, with BFCP over WS draft we are mandating use of secureWebSocket when BFCP signalling is secure.
That said, I can re-word the text here as below (inline with what Section 10.6 of RFC6455 has). Does this sound better ?

EXISTING:
It is also RECOMMENDED that the application signaling traffic being transported 
      over a WebSocket communication session be protected by using a secure WebSocket
      connection (using TLS [RFC5246] over TCP).

NEW:
As described in Section 10 of [RFC6455],  application signalling traffic being transported over WebSocket MUST support secure WebSocket and SHOULD employ it when communicating with their peers.
    
Regards,
Ram    
    _______________________________________________
    bfcpbis mailing list
    bfcpbis@ietf.org
    https://www.ietf.org/mailman/listinfo/bfcpbis