Re: [clue] Eric Rescorla's No Objection on draft-ietf-clue-signaling-14: (with COMMENT)

Paul Kyzivat <pkyzivat@alum.mit.edu> Mon, 26 November 2018 19:48 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: clue@ietfa.amsl.com
Delivered-To: clue@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39FA112D84C; Mon, 26 Nov 2018 11:48:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1L-w6c285YAg; Mon, 26 Nov 2018 11:48:37 -0800 (PST)
Received: from alum-mailsec-scanner-6.mit.edu (alum-mailsec-scanner-6.mit.edu [18.7.68.18]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF5B130F8E; Mon, 26 Nov 2018 11:48:36 -0800 (PST)
X-AuditID: 12074412-41bff70000007195-65-5bfc4e1401a6
Received: from outgoing-alum.mit.edu (OUTGOING-ALUM.MIT.EDU [18.7.68.33]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by alum-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP id 45.93.29077.41E4CFB5; Mon, 26 Nov 2018 14:48:36 -0500 (EST)
Received: from PaulKyzivatsMBP.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id wAQJmXYj022267 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 26 Nov 2018 14:48:34 -0500
To: Eric Rescorla <ekr@rtfm.com>
Cc: Roni Even <roni.even@huawei.com>, IESG <iesg@ietf.org>, Daniel Burnett <danielcburnett@gmail.com>, clue@ietf.org, roni.even@mail01.huawei.com, clue-chairs@ietf.org, draft-ietf-clue-signaling@ietf.org
References: <154268892146.26648.17870778354406192041.idtracker@ietfa.amsl.com> <6E58094ECC8D8344914996DAD28F1CCD18C762DF@DGGEMM506-MBX.china.huawei.com> <CABcZeBMcQxZuRUFx=tz==C5eCc8zNBrxkKaZfBa+gYnyaV3FOQ@mail.gmail.com> <6E58094ECC8D8344914996DAD28F1CCD18C7B5DE@DGGEMM506-MBS.china.huawei.com> <CABcZeBOPPojS2zsR6uZCagcs7yBBmtMW9rcyPw_gEK44u7GH1w@mail.gmail.com> <b9922f72-932c-a509-95c2-c86765d5ce6d@alum.mit.edu> <CABcZeBNb4nG7U9KdMLCT8f4oOYXqWydM_1JQPbfceSu31+Bg1A@mail.gmail.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <e8a805d2-762d-6cd7-bed5-4518e943453c@alum.mit.edu>
Date: Mon, 26 Nov 2018 14:48:33 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <CABcZeBNb4nG7U9KdMLCT8f4oOYXqWydM_1JQPbfceSu31+Bg1A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrBKsWRmVeSWpSXmKPExsUixO6iqCvi9yfa4PA+YYuvk5awWew/dZnZ YuNObYv3lzYxWax4fY7dYsaficwWn46dZ7F40vKD2YHDY+esu+weLUfesnosWfKTyWPH5ges HpMftzEHsEZx2aSk5mSWpRbp2yVwZTQ8SCn4zVPxYfN7lgbGA5xdjJwcEgImEosf/mPrYuTi EBI4yCSx6vVqFgjnIZPEuQsn2ECqhAWiJaYdbQGzRQQUJH79OQFWxCzwjFHiVucsqI6PzBK3 H55nBqliE9CSmHPoPwuIzStgL7Fy00tGEJtFQFXidcNtsBpRgTSJv51LGCFqBCVOznwCVs8p ECixf/MhJhCbWcBMYt7mh8wQtrjErSfzoeLyEs1bZzNPYBSYhaR9FpKWWUhaZiFpWcDIsopR LjGnNFc3NzEzpzg1Wbc4OTEvL7VI10wvN7NELzWldBMjJDqEdjCuPyl3iFGAg1GJh3fD99/R QqyJZcWVuYcYJTmYlER5Pf4ChfiS8lMqMxKLM+KLSnNSiw8xSnAwK4nw+i4ByvGmJFZWpRbl w6SkOViUxHmZTfZGCQmkJ5akZqemFqQWwWRlODiUJHgVfP9ECwkWpaanVqRl5pQgpJk4OEGG 8wANP+ADVMNbXJCYW5yZDpE/xWjMsedr0wxmjlUzOmYwC7Hk5eelSonzxoCMEwApzSjNg5sG S3CvGMWBnhPmXQ0ykAeYHOHmvQJaxQS06tpEkD+KSxIRUlINjKvST4Rf0X1oPXXd/v+KM4Ki zdiaI3SAgXy56WVX8/+vpjs72Mz2v9iykLekz/POKjdTCy323NZjYkZKdXwWOizpxl+9C6pq WgxuRHmU7DZQyjzWmy5859mbxzdEMwsD1T7Mu8fKOU1jdXGE1rwdC/uEFtikeTV+fmqoL38u YnXQOdbzSj5KLMUZiYZazEXFiQBs+guXSwMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/clue/dMjYvcdyHo5-Vz8MU-iWs4Zpfrs>
Subject: Re: [clue] Eric Rescorla's No Objection on draft-ietf-clue-signaling-14: (with COMMENT)
X-BeenThere: clue@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CLUE - ControLling mUltiple streams for TElepresence <clue.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/clue>, <mailto:clue-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/clue/>
List-Post: <mailto:clue@ietf.org>
List-Help: <mailto:clue-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/clue>, <mailto:clue-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2018 19:48:40 -0000

On 11/25/18 2:29 PM, Eric Rescorla wrote:
> 
> 
> On Sun, Nov 25, 2018 at 9:35 AM Paul Kyzivat <pkyzivat@alum.mit.edu 
> <mailto:pkyzivat@alum.mit.edu>> wrote:
> 
>     On 11/25/18 8:14 AM, Eric Rescorla wrote:
>      >
>      >
>      > On Sat, Nov 24, 2018 at 9:41 PM Roni Even (A)
>     <roni.even@huawei.com <mailto:roni.even@huawei.com>
>      > <mailto:roni.even@huawei.com <mailto:roni.even@huawei.com>>> wrote:
>      >
>      >     Hi,____
>      >
>      >     The point that is made that in general CLUE is similar to no CLUE
>      >     RTP media calls. The difference is that since the EP may open
>     more
>      >     than one RTP video channel there is a greater risk of sending
>     more
>      >     media to the victim.
>      >
>      >
>      > Yes, but in order to have a useful countermeasure, that needs to be
>      > mandatory, and yours is not.
> 
>     But one of the goals of clue is to be backward compatible with regular
>     sip calls. If we impose constraints on the media over and above those
>     required for regular sip calls then we lose that.
> 
> 
> ISTM that that's already not true for these media flows, because 4.4.1 
> requires them to
> be inactive and you need to use an SCTP/DTLS control channel to 
> negotiate them.
> What I'm saying is that those other flows should also have a consent check

I was more concerned with the basic audio and/or video in the initial 
invite, before it is known whether the answerer supports clue. I don't 
have a particular problem with putting further restrictions on the clue 
controlled media.

	Thanks,
	Paul