IETF Logo Mail Archive

Re: [clue] FW: I-D Action: draft-ietf-clue-rtp-mapping-13.txt

Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 27 February 2017 14:15 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: clue@ietfa.amsl.com
Delivered-To: clue@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C318D129FC8 for <clue@ietfa.amsl.com>; Mon, 27 Feb 2017 06:15:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w62yp_pkWApm for <clue@ietfa.amsl.com>; Mon, 27 Feb 2017 06:15:00 -0800 (PST)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4572F1298C3 for <clue@ietf.org>; Mon, 27 Feb 2017 06:14:59 -0800 (PST)
X-AuditID: c1b4fb3a-ae2b298000007c1e-7e-58b43461bd85
Received: from ESESSHC017.ericsson.se (Unknown_Domain [153.88.183.69]) by (Symantec Mail Security) with SMTP id 58.0D.31774.16434B85; Mon, 27 Feb 2017 15:14:57 +0100 (CET)
Received: from [127.0.0.1] (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.71) with Microsoft SMTP Server id 14.3.319.2; Mon, 27 Feb 2017 15:14:10 +0100
To: Roni Even <roni.even@huawei.com>, "clue@ietf.org" <clue@ietf.org>
References: <148697819872.24905.9378282459902101772.idtracker@ietfa.amsl.com> <6E58094ECC8D8344914996DAD28F1CCD77374B@DGGEMM506-MBX.china.huawei.com> <8d7ca9a1-b4de-8c3f-833e-c7119c1b7614@ericsson.com> <6E58094ECC8D8344914996DAD28F1CCD776942@DGGEMM506-MBX.china.huawei.com>
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
Message-ID: <4ef3844c-f726-2747-51cf-e077bc1ef547@ericsson.com>
Date: Mon, 27 Feb 2017 15:14:10 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <6E58094ECC8D8344914996DAD28F1CCD776942@DGGEMM506-MBX.china.huawei.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrFLMWRmVeSWpSXmKPExsUyM2K7q26iyZYIg7vfTSz2n7rMbPHp2HkW ByaPliNvWT2WLPnJFMAUxWWTkpqTWZZapG+XwJVx6t9W1oJZghX9166wNTA+5e1i5OSQEDCR +HR4O3sXIxeHkMA6RonnR9awQjjLGSU+f9vMDFIlLOAmceLpKRYQW0TAVeLIgn1QHdOZJL5s Og6WYBOwkLj5o5ENxOYVsJeYOOExO4jNIqAq8bh3HtggUYEYib3995kgagQlTs58AtbLKRAi sfDYdLA4M9CcmfPPM0LY8hLNW2eD9QoJaEs0NHWwTmDkn4WkfRaSlllIWhYwMq9iFC1OLS7O TTcy0kstykwuLs7P08tLLdnECAzBg1t+W+1gPPjc8RCjAAejEg/vh9jNEUKsiWXFlbmHGCU4 mJVEeL9qb4kQ4k1JrKxKLcqPLyrNSS0+xCjNwaIkzmu28n64kEB6YklqdmpqQWoRTJaJg1Oq gXH1/j1f17csvac0k88n8tlqh4O3D4uL/JJ4Y/2SRXiCWau1h1Oaueoh5o1ya+b9EPMRzO/q C4vb9X5a8kwHwds3E+Y/tFpvW/RQOzBT81Zi5wLDrgkywvuPqmsyGD65kHr5rZPH0UvbBbj+ bny+VO5wOsvWEznhlbZupppvL3w8qGzkKtH15a0SS3FGoqEWc1FxIgCz3B+RPQIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/clue/YAR71ENTVWdWNxKwT2sLljCwplU>
Subject: Re: [clue] FW: I-D Action: draft-ietf-clue-rtp-mapping-13.txt
X-BeenThere: clue@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: CLUE - ControLling mUltiple streams for TElepresence <clue.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/clue>, <mailto:clue-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/clue/>
List-Post: <mailto:clue@ietf.org>
List-Help: <mailto:clue-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/clue>, <mailto:clue-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Feb 2017 14:15:02 -0000

Den 2017-02-26 kl. 08:13, skrev Roni Even:
> HI Magnus, Thanks,
>
> The security consideration when discussing captureID references
> RFC7941 where it says:
>
> "In RTP sessions where any type of confidentiality protection is
> enabled for RTCP, the SDES item header extensions MUST also be
> protected.  This implies that to provide confidentiality, users of
> the Secure Real-time Transport Protocol (SRTP) need to implement and
> use encrypted header extensions per [RFC6904].  "
>
> so since we mandate RTCP confidentiality the RTP header extension
> MUST also be encrypted.

Yes, but I think it would be much clearer to have the implementation 
requirement written out in Section 7.

I would expand this paragraph:

All CLUE implementations MUST implement DTLS 1.0, with the cipher
    suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA with the the P-256 curve
    [FIPS186].  The DTLS-SRTP protection profile
    SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.

to say:

    All CLUE implementations MUST implement DTLS 1.0, with the cipher
    suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA with the the P-256 curve
    [FIPS186].  The DTLS-SRTP protection profile
    SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP. Encrypted 
SRTP Header extensions [RFC6904] MUST be supported.



>
> As for the non-traceable I will change to
>
> "CLUE endpoint MUST generate short-term persistent RTCP CNAMES, as
> specified in [RFC7022], and thus can't be used for long term tracking
> of the user."

Sounds good.

>
> Any other open issue? I would like to submit what would maybe be the
> final version Roni
>
>

Not to my knowledge. I think this is done.

Thanks

Magnus Westerlund

----------------------------------------------------------------------
Services, Media and Network features, Ericsson Research EAB/TXM
----------------------------------------------------------------------
Ericsson AB                 | Phone  +46 10 7148287
Färögatan 6                 | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email