Re: [dispatch] DISPATCH IETF 111 meeting - preliminary outcomes and draft minutes

[Cullen Jennings <fluffy@iii.ca>]

The jabber chat certainly does not represent the room in any WG I have been in. I do not think the slides represent an accurate summary of the what we are trying to achieve by deprecating SDES or what we would need to do get there and thus don’t lead to a useful input on what to do next or where to dispatch it. 

As I said at the meeting, I am in favor of discussing and solving the problems we need to sort out to have a viable replacement. It is pretty hard to have a conversation about that in 10 minutes when some of the people are arguing that SDES is worse than unencrypted traffic. 

A real good starting point to the conversation would be agreeing about the fundamental differences - in my mind the largest difference is that in DTLS-SRTP, the attacker has to be able to modify the SDP to MITM the media while in SDES the attacker only needs to see the SDP to MITM the media. 



> On Jul 27, 2021, at 5:09 PM, Eric Rescorla <ekr@rtfm.com> wrote:
> 
> 
> 
> On Tue, Jul 27, 2021 at 4:08 PM John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org <mailto:40ericsson.com@dmarc.ietf.org>> wrote:
> westhawk thp@westhawk.co.uk <mailto:thp@westhawk.co.uk> wrote:
> 
>  
> 
> >> On 26 Jul 2021, at 23:30, Kirsty P <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org> <mailto:&lt;Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org&gt;> >wrote:
> >> 
> >> SDP Security Descriptions is NOT RECOMMENDED and Historic: consensus was >sub-optimal. There was support for revisiting the space currently standardised >by SDP, but not on direction (whether to do a deprecation with/without >replacement). Future paths suggested included: mmusic, a new WG, more work >required for it to be ready, or a BoF (said in chat) to vet the idea further.
> >My sense is that there was a rough consensus around a goal to make it possible >to deprecate SDES - but the required steps were unclear.
>  
> 
> Yes, looking at the Jabber log there was quite strong support for the goal of deprecating SDES:
> 
>  
> 
> Eric Rescorla: Let's all just agree that this (Mattson's SDES) draft is a good idea and promote it to full standard toda
> 
> 
> This was maybe slightly sarcastic but for avoidance of doubt, I strongly support this work .
> 
> -Ekr
> 
> Martin Thomson: now that I see John presenting this, I have to wonder: why didn't this deprecation happen before?
> Sean Turner: When Dan Wing got up and said not to use SDES in Berlin - I assumed that was that ;)
> Pete Resnick: Why "NOT RECOMMENDED" instead of "MUST NOT"?
> Sean Turner: +1 to what ekr said
> Rich Salz: +1 also
> 
>  
> 
>  
> 
> Regarding the next required steps I agree with Pete. Let’s charter.
> 
>  
> 
> Ben Kaduk: So is this dispatch to BoF, or straight to WG?
> 
> Pete Resnick: @ben: Sounds like this discussion has done the equivalent of BoFing. Charter.
> 
>  
> 
> Cheers,
> 
> John
> 
> _______________________________________________
> dispatch mailing list
> dispatch@ietf.org <mailto:dispatch@ietf.org>
> https://www.ietf.org/mailman/listinfo/dispatch <https://www.ietf.org/mailman/listinfo/dispatch>
> _______________________________________________
> dispatch mailing list
> dispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/dispatch