Re: [dispatch] Fwd: I-D Action: draft-johnston-dispatch-osrtp-00.txt
"Roni Even" <ron.even.tlv@gmail.com> Wed, 04 November 2015 21:52 UTC
Return-Path: <ron.even.tlv@gmail.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E18041B3430 for <dispatch@ietfa.amsl.com>; Wed, 4 Nov 2015 13:52:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ruHAtNGdc8cE for <dispatch@ietfa.amsl.com>; Wed, 4 Nov 2015 13:52:19 -0800 (PST)
Received: from mail-pa0-x234.google.com (mail-pa0-x234.google.com [IPv6:2607:f8b0:400e:c03::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A31CC1B342E for <dispatch@ietf.org>; Wed, 4 Nov 2015 13:52:19 -0800 (PST)
Received: by pasz6 with SMTP id z6so66475974pas.2 for <dispatch@ietf.org>; Wed, 04 Nov 2015 13:52:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type:thread-index:content-language; bh=/wWfTrMQOfkjFU2OY8PE+IZKU8umDW0sUTsOvYciYcQ=; b=KIFWw2NSQrD7gdwvXIedj9RbwIVXCxsGIL/OE/lPBc3K0HVVUpcZe/WtEPNMHjo3Ct 18TLP5sneMxZ1iHgeA6uXCnzl2AYnMybvSwKk1JNk3HkQQukwRgtW95DCPc3VKkY6Yuy 3FbrnJNO0RCtJlsbj5VsuCa8qLUmleKohHlL7h1MvesQXSGZc9lmeotq73varotRWwF3 loMNjPyWowtwWYTP6BFPHzlApf2NF34UcyOV1jDKcC6XoEmY/eHpIZvbso+mk41TX9at DuRWc/ALnPEWu9vvb5GqFa6RtRsObAH9G/v7H2S/yAAH9n+rAuv53RZ9rlD2tsXL9IRn 60mw==
X-Received: by 10.68.65.67 with SMTP id v3mr4861662pbs.69.1446673938930; Wed, 04 Nov 2015 13:52:18 -0800 (PST)
Received: from RoniPC (122x210x83x163.ap122.ftth.ucom.ne.jp. [122.210.83.163]) by smtp.gmail.com with ESMTPSA id cx5sm3846239pbc.50.2015.11.04.13.52.15 (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 04 Nov 2015 13:52:17 -0800 (PST)
From: Roni Even <ron.even.tlv@gmail.com>
To: "'Hutton, Andrew'" <andrew.hutton@unify.com>, 'Laura Liess' <laura.liess.dt@googlemail.com>
References: <20150706184857.15450.31472.idtracker@ietfa.amsl.com> <CAKhHsXH73Uf7_dafmwwDk+CShHHfF7mMhsD1X1aVjXm7pjR8mg@mail.gmail.com> <004101d116b6$1d3a3d30$57aeb790$@gmail.com>, <CACWXZj2xM=izmPAWGrR3YfUqsUqjs3B3hPjBwrsM4eHaLJ6O9Q@mail.gmail.com> <DE7D80A9-792A-45FC-B797-4DE272FF1003@unify.com>
In-Reply-To: <DE7D80A9-792A-45FC-B797-4DE272FF1003@unify.com>
Date: Wed, 04 Nov 2015 23:52:04 +0200
Message-ID: <00f901d1174b$0ecc6f80$2c654e80$@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00FA_01D1175B.D25873D0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQF1yENlE6yHyEUvqkOwv7lEvrYecwFMUzNtAZtPprMBkWr3FwMwf4LcnwW4o0A=
Content-Language: he
Archived-At: <http://mailarchive.ietf.org/arch/msg/dispatch/LEY2MRrQzHGbd2Qb9Uj6-WUw0Jc>
Cc: dispatch@ietf.org
Subject: Re: [dispatch] Fwd: I-D Action: draft-johnston-dispatch-osrtp-00.txt
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2015 21:52:23 -0000
HI, My concern is about having inconsistency in the standards. If you go ahead with OSRTP there is a need also to update RFC5763 accordingly Roni From: Hutton, Andrew [mailto:andrew.hutton@unify.com] Sent: Wednesday, November 04, 2015 3:31 PM To: Laura Liess Cc: Roni Even; dispatch@ietf.org Subject: Re: [dispatch] Fwd: I-D Action: draft-johnston-dispatch-osrtp-00.txt Agree with Laura what we are doing here is aligning existing implementations that already exist in the field and document that in and RFC so that we can move forward with regard to deployment of SRTP in SIP Trunking environments. Currently RFC 5763 is not supported at all in this environment and I have not heard a single voice in support of using SDP capability negotiation for SIP Trunking. Moving forward with the draft is our best chance of seeing SRTP start to be deployed with SIP Trunking. Andy On 4 Nov 2015, at 19:52, Laura Liess <laura.liess.dt@googlemail.com> wrote: Hi Roni, [MMUSIC-SDP <https://tools.ietf.org/html/rfc5763#ref-MMUSIC-SDP> ] is now RFC 5939 and it seems to be a MUST for implementations of the RFC 5763 (SRTP with DTLS). At Deutsche Telekom we plan to connect SIP-PBXe in the near future using SRTP with SDES. We are not aware of any existing SIP-PBX which supports RFC 5763, most existing SIP-PBXs suport different flavors of the kaplan-draft. RFC 5763 seems to be too complex so that PBX vendors are not willing to support it, at least in connection with SDES. This is also the case for our service provider call control vendors. So, a less complex mechanism is needed for best effort SRTP. Thank you Laura 2015-11-04 5:05 GMT+01:00 Roni Even <ron.even.tlv@gmail.com>: Hi, In my view this approach contradict section 6.11 of RFC5763 Best Effort Encryption [RFC5479] describes a requirement for best-effort encryption where SRTP is used and where both endpoints support it and key negotiation succeeds, otherwise RTP is used. [MMUSIC-SDP] describes a mechanism that can signal both RTP and SRTP as an alternative. This allows an offerer to express a preference for SRTP, but RTP is the default and will be understood by endpoints that do not understand SRTP or this key exchange mechanism. Implementations of this document MUST support [MMUSIC-SDP <https://tools.ietf.org/html/rfc5763#ref-MMUSIC-SDP> ]. From: dispatch [mailto:dispatch-bounces@ietf.org] On Behalf Of Alan Johnston Sent: Wednesday, July 08, 2015 2:03 PM To: dispatch@ietf.org Subject: [dispatch] Fwd: I-D Action: draft-johnston-dispatch-osrtp-00.txt All, Many of us have been talking about "Best Effort SRTP" for many years, and there are a number of deployments. In addition, the IMTC has recommended it, and the SIP Forum would like to recommend it in SIPconnect 2.0 which for the first time includes SRTP media. With the publication of RFC 7435 (https://tools.ietf.org/html/rfc7435), the IETF has endorsed this approach as Opportunistic Security (OS), so it would be nice to bring standards in line with industry practice. Comments on the draft, "An Opportunistic Approach for Secure Real-time Transport Protocol (OSRTP)" and the best way forward are most welcome! - Alan - ---------- Forwarded message ---------- From: <internet-drafts@ietf.org> Date: Mon, Jul 6, 2015 at 1:48 PM Subject: I-D Action: draft-johnston-dispatch-osrtp-00.txt To: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : An Opportunistic Approach for Secure Real-time Transport Protocol (OSRTP) Authors : Alan Johnston Bernard Aboba Andy Hutton Laura Liess Thomas Stach Filename : draft-johnston-dispatch-osrtp-00.txt Pages : 8 Date : 2015-07-06 Abstract: Opportunistic Secure Real-time Transport Protocol (OSRTP) allows encrypted media to be used in environments where support for encryption is not known in advance, and not required. OSRTP is an implementation of Opportunistic Security, as defined in RFC 7435. OSRTP does not require advanced SDP extensions or features and is fully backwards compatible with existing secure and insecure implementations. OSRTP is not specific to any key management technique for SRTP. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-johnston-dispatch-osrtp/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-johnston-dispatch-osrtp-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce <https://www.ietf.org/mailman/listinfo/i-d-announce%0d%0aInternet-Draft> Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt _______________________________________________ dispatch mailing list dispatch@ietf.org https://www.ietf.org/mailman/listinfo/dispatch _______________________________________________ dispatch mailing list dispatch@ietf.org https://www.ietf.org/mailman/listinfo/dispatch
- [dispatch] Fwd: I-D Action: draft-johnston-dispat… Alan Johnston
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Martin Thomson
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Alan Johnston
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Eric Rescorla
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Alan Johnston
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Martin Thomson
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Richard Barnes
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Eric Rescorla
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Alan Johnston
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Roni Even
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Laura Liess
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Hutton, Andrew
- Re: [dispatch] Fwd: I-D Action: draft-johnston-di… Roni Even