Re: [dispatch] draft-davis-valverde-srtp-assurance [was: Re: IETF 117 - do you have something for DISPATCH?]
"Kyzer Davis (kydavis)" <kydavis@cisco.com> Mon, 17 July 2023 21:10 UTC
Return-Path: <kydavis@cisco.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2682FC14CEFF; Mon, 17 Jul 2023 14:10:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.594
X-Spam-Level:
X-Spam-Status: No, score=-9.594 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="B3RgEq8x"; dkim=pass (1024-bit key) header.d=cisco.com header.b="ffhKYW2p"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uag7AQB4DSN0; Mon, 17 Jul 2023 14:09:57 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B7B4C14CEFE; Mon, 17 Jul 2023 14:09:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=36179; q=dns/txt; s=iport; t=1689628197; x=1690837797; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=J4dVXOlwPwy2Loq72wgz/Vca3j8I9qUOm2IPBnQ6fyk=; b=B3RgEq8xb4fyzb8GI1E6HkfnWLMCRgW0yZccBB0I4YXPsL6JuI/Re3QF 3g+JlDg2xKXtN3votqFlIEZUTGuBpVRvRSNrOW//KG2hqRRJT1G4g5V/J C5sQZ3ncaDBifGb+PM1IUxnDJFfX2Syh/UqQya+l56+kEhm6uzRyGQ3yl Q=;
X-Files: smime.p7s : 5465
X-IPAS-Result: A0ADAACbrbVkmI0NJK1aGQEBAQEBAQEBAQEBAQEBAQEBARIBAQEBAQEBAQEBAQFAJYEWBAEBAQEBCwGBLzFScwIrLioSRwOIGgOETl+IXgOIcoJjkh2BJQNWCAcBAQEKAwEBPQcEAQGFBgKGKQIlNAkOAQICAgEBAQEDAgMBAQEBAQEDAQEFAQEBAgEHBBQBAQEBAQEBAR4ZBRAOJ4VoDYYEAQEBAQIBEhsTAQE3AQQLAgEIEQQBAQEgAQILAh8RHQgCBAENBQgGDQeCXAGCFRMDDhIRAwEQBqFdAYFAAoomeIE0gQGCCQEBBgQFgU5BrgcNgkIHAwaBQgGBVoYLBBoBBWBjglyBBoMtgR8nG4FJRIEVQ4FmgQI+gQWBG0ICAgGBXyuDZ4IuiVGERoVWBzKOQIEnb4EegR56AgkCEWeBCAhfgW8+Ag1UCwtjgRxSOYFAAgIROhRQeBsDBwOBBRAvBwQyBxYJBgkYLyUGUQctJAkTFUEEg1MKgQk/FQ4RglEiAgc2OxtNgmoJFUEHNxV+EDEEFB2BFgRZLQNEHUADC2sFDgItNQYOGwUEZ4FXMD58CgIiJKMULgNugU8QFV0dECpRAhRSX2cGCD2SOwETkD2gLnAKhAuGS4MpZoEjjxOGJxeEAZNZkR1ih2GQRSCNP4N0kSYTDYR8AgQCBAUCDgEBBoFjOoFbcBWDIlIZD44gDA0JFYM9hRSKZXUCCy4CBwsBAQMJi0gBAQ
IronPort-PHdr: A9a23:O1Vf2h3ba5gdQg1KsmDPZFBlVkEcU/3cNwoR7N8gk71RN/3l9JX5N 0uZ7vJo3xfFXoTevupNkPGe87vhVmoJ/YubvTgcfYZNWR4IhYRenwEpDMOfT0yuBPXrdCc9W s9FUQwt5Gm1ZHBcA922fFjOuju35D8WFA/4MF92N+j8BI/Jp8+2zOu1vZbUZlYAiD+0e7gnN Byttk2RrpwPnIJ4I6Atyx3E6ndJYLFQwmVlZBqfyh39/cy3upVk9kxt
IronPort-Data: A9a23:sy5iyKOWbB1gGpDvrR00l8FynXyQoLVcMsEvi/8bNHDolHp+jmZWi jtAB3bGYazJZX+2Io4oOcnztx82DaSljYs6FVdy7S52J54hgcOUDtnJJU6vZX2YcZOdRhM4t p4TZ4HKfM05EyWArU7xObXq93Qt2f7WGrejBrPOYCl7SQU+FC59gk5ty+Vl09MAbbRVbe+ok YuaT5r3ZQP7hlaYS14p1p9viC+DndytszhBsgA3bKEXslGDxiBFAZ9EeP7sfyGiTIQJQrfnG 8/Oneqzlo/7E7jBKT8EfpLTKBBirmv6ZFDW4pZuc/H+xEAE/ETe645jXBYmQR8/Zw6hwZYpk b2hibTqEV1yZvKVx7xEO/VlO3gW0ZNuqeevzUeX6aR//2WeG5c766wzZK2eFdRwFtdfWQmix 9RBQNw+Rkzra9aN/V6OYrIEavLPgyXcFNh3VnlIlVk1BBu9KHzJa/2iCdRwhF/cii3SdBrTT 5JxVNZhUPjPSyZzOEwvLoIsoOSppHL5dBsHpnuztZNitgA/zCQpuFTsGNPRftrPTsJPkwPI4 GnH5G/+RBodMbRzyxLcrSnq3bGJxHi9Ad5LfFG73qYCbFm7xX0fAQMXTnOwoOKyjQi1XNc3x 0k8qnty8PForxDDot/VXUznvmOVoBAnXf12AdUT4luHy4bOylPMboQDZmcRNIN53CMsfhQv0 0KSntjBBDFzvvuSU3313ruVtiu7JSMVBW4PeSFCShEKi+QPu6k6ihbJC91kCqPw3pv+GCr7x HaBqy1Wa6gvYdAj7Jm55mjhkyCQpZnrRQgywFrZd0S111YsDGK6XLCA5V/e5PdGCY+WSFido XQJ8/RyCshTU/lhcwTQHo0w8KGVC+Wta2aE0AQ/d3U133H8pSD/INw4DCRWeR8BDyoSRdP+j KY/Uyt44JteOhNGhocoPtrpUazGIUUcfOkJu9jdat5IJ5N2bgLCrGdlZFWb2Cbml01EfUAD1 XWzL5zE4ZUyUPsPIN+KqwE1jeVDKscWmTu7eHwD5077uYdynVbMIVv/DHOAb/oi8ISPqxjP/ tBUOqOikksPAbOnMneMrddLcTjmyETX47io8qS7kcbdemJb9J0JUJc9PJt4IdU+xvQJ/gs21 iHnCie0N2YTdVWeeVnVNRiPmZvkXI10qjogLDcwMFOzs0XPkq7xhJrzg6AfJOF9nMQ6lKYcZ 6BcK62oXK8VIhyZoGt1UHUIhNE4HPhdrVjQb3PNjflWV8MIejElDfe0J1u0qHNQUnTfWAlXi +TI6z43iKErHmxKJM3Xc/moiVi2uBAgdChaASMk/vE7lJ3QzbVX
IronPort-HdrOrdr: A9a23:njYPG6D1aK2wWkblHegesceALOsnbusQ8zAXPh9KKCC9I/b3qy nxppsmPEfP+UkssREb8+xpOMG7MBThHO1OkPcs1NaZLUTbUQ6TTL2KgrGSuAEIdxeOk9K1kJ 0QD5SWa+eAQWSS7/yKmjVQeuxIqLLqgcPY59s2jU0dMD2CAJsQiTuRfzzranGeMzM2fKbReq DsgvavoQDMRV0nKuCAQlUVVenKoNPG0Lj8ZwQdOhIh4A6SyRu19b/TCXGjr1kjegIK5Y1n3X nOkgT/6Knmmeq80AXg22ja6IkTsMf9y+FEGNeHhqEuW3TRY0eTFcRcso+5zXIISdKUmRMXeR 730lMd1vFImjDsl6eO0FzQMkfboXATAjTZuC6laDPY0LzErXQBeoV8bUYzSGqA16Lm1+sMiZ 5jziaXsYFaAgjHmzm479/UVwtynk7xunY6l/UP5kYvGbf2RYUh27D3xnklWasoDWb/8sQqAe NuBMbT6LJfdk6bdWnQui1qzMa3Vno+Ex+aSgxa0/blmQR+jTR81Q8V1cYflnAP+NY0TIRF/f 3NNuBtmKtVRsEbYKphDKMKQNexCGbKXRXQWVjiamjPBeUCITbAupT36LI66KWjf4EJ1oI7nN DbXFZRpQcJCjXT4A21rel2Gzz2MRCAtG7Wu7JjDrBCy8/BeIY=
X-Talos-CUID: 9a23:qAkiK2wbw2QVWoqcVsPFBgUvJsI+SlvN3kvTIm2zD2FPF7O8b0+prfY=
X-Talos-MUID: 9a23:DRd8Mg4tKiZL22bfkoLVbrjAxoxqsvuwFVETn64AnO+WDQV6YT2coC6eF9o=
X-IronPort-Anti-Spam-Filtered: true
Received: from alln-core-8.cisco.com ([173.36.13.141]) by rcdn-iport-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jul 2023 21:09:54 +0000
Received: from alln-opgw-1.cisco.com (alln-opgw-1.cisco.com [173.37.147.229]) by alln-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 36HL9sWu028243 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 17 Jul 2023 21:09:54 GMT
Authentication-Results: alln-opgw-1.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=kydavis@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.01,211,1684800000"; d="p7s'?scan'208,217";a="4347399"
Received: from mail-mw2nam12lp2045.outbound.protection.outlook.com (HELO NAM12-MW2-obe.outbound.protection.outlook.com) ([104.47.66.45]) by alln-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jul 2023 21:09:53 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QcUE/b9VuYUbnVCDrG0dNdUlkVk4kV1Ju7hT4QKwpjpQ25tFOS3V6KOmgUOL2WeigNaD4jJL0RJO482IdEhY49+pJR4KQPtntxhTpVDVsF6Ie31zWPRzsSEc7WKRptNI5Bn9vsXGu9DhlK+SiVYYqRSE8IQ59yXgVs07NY7Clxrm1CpI4UAnwurdxOQ+YvXhWzxnYMCFDlwXumsQkWjDJxgITIGiAY9TN0rL9EuRpO2/D7zjOGq4y/b1nRgbqCGuXhtJTyrIKTlIeFVu0dOErhZ1QozHXjk+EwNl4H4lr/5y9h5IOEGbOrwRI/JVlCX45gyWJESzDQ83GG7moO+cLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zGurHcgPzUPkbEhnRVBJABNVYEC+Wn1s1kMAl97gfUU=; b=KQJ/1yoVX4BuEoSTKEGG3bqdrouA+criiWdMHhAbvjD30sWo1SaHqYMrHTb0ZF5Ok28NOK4D3z2kw66OnmEAE0HCzS6eqVq650d2IzDDR/nx/xuLc4hcJQc2HpGdWRa81gimzkhSgFw1feXLy5UURf3+w5s/LPxEF4wtbhSzy6VfrZldBKuJbGiThUpmzBi+JWydVyFYB1QcWJ5YgWvR93DxqzPJ5SVdSJP3pzKBuYw3drWxHRlzRkUlxDgRLQ31PrdDpc56Qm7MJUw1Z6TfJveN30t2aEUJlXcMLWX07ZRq7W55dmIZfAJrF7Ut3pqkbhWzi0bUsa9gd3TMceDbbQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zGurHcgPzUPkbEhnRVBJABNVYEC+Wn1s1kMAl97gfUU=; b=ffhKYW2pvyIN4uptEOAVlCdJE3JapxxzCKNY35iEgJef4H+LYVV+nnA7nqUpTUzoN+indvfdtgtjsphKAtezNaLGY6ScTxw9b9LvBMLTTi3tCsNkWubDa0KHBytJ/3IiMLgfgUaI6OTcy8NS1/F4tJAlUureBogIKpj2+rsuG6g=
Received: from PH0PR11MB5029.namprd11.prod.outlook.com (2603:10b6:510:30::15) by DM6PR11MB4626.namprd11.prod.outlook.com (2603:10b6:5:2a9::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6588.32; Mon, 17 Jul 2023 21:09:51 +0000
Received: from PH0PR11MB5029.namprd11.prod.outlook.com ([fe80::a58f:c151:a89:69a5]) by PH0PR11MB5029.namprd11.prod.outlook.com ([fe80::a58f:c151:a89:69a5%3]) with mapi id 15.20.6588.031; Mon, 17 Jul 2023 21:09:51 +0000
From: "Kyzer Davis (kydavis)" <kydavis@cisco.com>
To: Dan Wing <danwing@gmail.com>, "dispatch@ietf.org" <dispatch@ietf.org>
CC: Robert Sparks <rjsparks@nostrum.com>, "mmusic@ietf.org" <mmusic@ietf.org>
Thread-Topic: draft-davis-valverde-srtp-assurance [was: Re: [dispatch] IETF 117 - do you have something for DISPATCH?]
Thread-Index: AQHZuOafHRGVAgmsMUa/nDvH2dEhRq++a5qw
Date: Mon, 17 Jul 2023 21:09:51 +0000
Message-ID: <PH0PR11MB50293AD3FEDA894B9B2D3041BB3BA@PH0PR11MB5029.namprd11.prod.outlook.com>
References: <0490249B-C51B-4E18-8155-144CE044E994@gmail.com>
In-Reply-To: <0490249B-C51B-4E18-8155-144CE044E994@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR11MB5029:EE_|DM6PR11MB4626:EE_
x-ms-office365-filtering-correlation-id: cf6d1d10-b510-4e76-348e-08db870a291b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: wYJzBI1Cm2IQr8hNyZxvw5l0slbpsfFR61cKvag0f3B1daxKvsiHTsDXP0gyEQhBgvOozVrkF70SQJyKjciJskuBK3FoKwDAd/XkkrZ+VaGdKS7de3zPpwUTNnEHt9sTag5e2A+gj1pcpnOhEG2mdP72Q24cHIT5HUqd8EIfuF/rJLfEX9echUHKVzfTA6dVNc7FTS45EhT1f7i5sK4tNKihd7OMcrNqb39DZzPF8+kYART9RlLmBKIdmD9mu84pHYZmj/2feDHyWND95GpxutPVSLc/6nXZqDszTUkz+vWn4UcJ8MoavRBBjU+vUVU0rd7qmR8NxPjyRzYPoHVy7nQGYB1ebQJX6AlQI86XOAP/qfnaR+C1nhfyQsnQLvt0loTyexLOkV2sBcYBMWhz7Jf5GVAZQChfTKSSuOe1yiWARNlNF1Oc+m6xAMtiiUgjnsgrEYLzcDLmmVt0nekzahYfEyL3fG0f6WNl8s3GdEXisEF0mILnQ523DfJXVn49hJMOUPNXCTs4r965RZHvWzbaTg5p6mfd08PMDtVLDp9zDgehLL3DBti967lSrbjazVxxv0nJAZsEZ5zoR5JMNMXmTYlDVCyp5hbMQQv0zBsTMFY3F74XXfqV1OkMl0Q5Lu1CpT7kgdW36lkMZ3VmGg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB5029.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(396003)(39860400002)(346002)(376002)(366004)(136003)(451199021)(66899021)(478600001)(7696005)(71200400001)(110136005)(54906003)(66574015)(83380400001)(86362001)(33656002)(38070700005)(55016003)(2906002)(26005)(186003)(6506007)(53546011)(9686003)(966005)(38100700002)(122000001)(66446008)(316002)(99936003)(4326008)(76116006)(52536014)(66556008)(66476007)(66946007)(41300700001)(64756008)(8936002)(8676002)(5660300002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: P5hm7h+ys+t7KZD1lImDISgV+iX5bV5HUdKFiUPz0kg7wyOb+AS8jfQ1SHXi3tInIxYtPoc4jv8U6sFmVvLAdbN3paQ1b+oh5E4w8Lgd18SJcLjItTGm2RjweynyBrbDQVTOUoE9Fw7th/VbzXh3+4qzHGJZb77QxMXzKAq58buJ/3HYPNnsdLyS5lW48ZFUfVUlnCcxl1uz0Ta0nt1qDraNyXrnyYFh9BZja5UGzb7eF7UxM80LsCxuFYDP0w+/6jPUgPx8nNqu0GtIMVJA2mA3sJrwUFgxZ8pBm4JShDn33IKGv4cFrbQhwitJEzvaXYDYwpZRfDhWjLdLiFchO9lQTPllFpchWszCIlcCqNvOXqJHSizTQTtmnFkkQnJ0V5/O4/HwTlYisTv1tfrjZS/uKdzyYMbMdEI0Ax+R/moJIU4r1/FFUrZUftYdVWSKLy6zZ7/ee3Jclkd+OQAnQaBAf70DQdoGu2NZSxHpJtaah79bPuhNIvhR43m22VnNp6Nyt6sDKwR+/KZkzUr895cYT+sDL9826Q/RbyukDKEAoRNK+w8RopPMhNyMRu7MSxc2xJxLklwI87xydmhuAJQQYvYTIRzF5n3xPk7LyZV9036p5DJtWrtO+sbCo2/eVc+PDQpX/WFN0TbyqKzPhgHMZcb2Yy8JI8FBFciowpZri7uIC2oTEaJRkQZS1QczmpQZS+Qnu8khikrnX4dDDee8efsOtzvLvWPWN8xPaGm4AiTFLMPta9pGib/ctWdPXo9N10oUGWqVeHAXYYj0qxbDA8tcrCVogoJxWmOks9VNYYxKzbm65d6/O3PSZJs0glsbneKlYXS5n2ibGstSTZxfNBIx53ku8Ib01xl/WmFy9ept4esNyV34OESzo/2d3oiyZbCgsCAnZev6iexx0mwHDk5Huacf+/ASsI7MPZ9R6zyV3eWSUE44/sbp0CpWD5Ga3698awb7VrP8ZtLBBzG+76IitinEd+4MWHFx1gYuuL6E2C2EgKYHa7MTOoMd/h7SbQg2U1QGiq3K/v2YzxDCzELEcU4cAT/kxwOHT/qKAX7CcSB5f+OMyhpy4iL0OeL8GEbY900IyJrvSPefVKs/J41y//jJuZZdg6ptjPMC+y0d0mtn9lk09Hjpt5J+1ZK/jLn+StPh2MUuVAkFtYiBEuyv47lNsQ9vblp/1qFrQopA6xtld+DlwRVp55tB/jfcg45xNPTCp2R4sEm0ZIynCquBZ002JNc9zLIyPE+pBKeriMmybhnH4kRYOYj4H5eKhpp1nOjdIjryhDbbJHePdh08lduh4Sy68M6FDufpFlCcRRyUwv84rHgu4uiywP0N+xcr1/JrcNhce5v88Fd9HGjpoecXbmOA1toZObIl7DpqhKb5yCjlbY+IHq678xBiLeUKNCUU/eyWAp6EpDcyzHSIdhLgIBEErddi6dVM4lpcJg+WurffmDhx/pd0xwQRWv6njiIhAXNfTG5QSGJElwmSUVkuxDmpWQ9acYD0MOkZF3zcxxultdbLDabMCb3WPUwX+G+/TRJEOBvZtqXEt1LaaY5+GLz/P0Utj78=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_01F3_01D9B8D1.7E9945B0"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5029.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cf6d1d10-b510-4e76-348e-08db870a291b
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2023 21:09:51.1802 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: BBV8jZTod+YyiAmBysFGyF2JSTDtwirV1ib51mwVb/eQrzILHjWurtjwbGbqtI5dbrO5FCRtr/aaXRYcd+OOmQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4626
X-Outbound-SMTP-Client: 173.37.147.229, alln-opgw-1.cisco.com
X-Outbound-Node: alln-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/PjqakpPrNW_80fKvwEK27nO_VEo>
Subject: Re: [dispatch] draft-davis-valverde-srtp-assurance [was: Re: IETF 117 - do you have something for DISPATCH?]
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2023 21:10:02 -0000
Hello Dan, I reached out to the MMUSIC chairs (along with AVTCORE Chairs and Dispatch chairs CC'd) MMUSIC felt like it belonged but still wanted the dispatch time since there is no MMUSIC meeting at 117. To address a few other statements: > I would like to understand where EKT-SRTP (RFC8870) fails to meet needs. I think EKT-SRTP does a great job. That is, if we are using DTLS-SRTP. I am only aiming to do the same for SDP Security (SDES). > I would rather see RFC8870 extended to work with SDP Security Descriptions because it moves us on a path towards DTLS-SRTP: DTLS-SRTP-signaled endpoints could interop with SDP Security Descriptions-signaled endpoints because they're both using EKT to handle SSRC/ROC and key changes when group membership changes. I believe you are referencing the act of an SBC/B2BUA interoperating SDP Security and DTLS-SRTP w/EKT? I found some older EKT-SRTP drafts that I think are the topic: https://www.ietf.org/archive/id/draft-mcgrew-srtp-ekt-06.html#anchor6 https://www.ietf.org/archive/id/draft-mcgrew-srtp-ekt-06.html#anchor21 One point discussed in there was "SDP Security Descriptions however does not negotiate SSRCs and their associated Rollover Counter (ROC). Instead, SDES relies on a so-called "late binding", where a newly observed SSRC will have its crypto context initialized to a ROC value of zero. Clearly, this does not work for participants joining an SRTP session that has been established for a while and hence has a non-zero ROC." If that is the point then I agree; having the SSRC, ROC, SEQ in SDES/SDP security could allow for an intermediary to easily interwork SDES<>DTLS-EKT-SRTP. Note: I would need to audit EKT-SRTP to see if there is anything else SDES is missing that could help that Key Management Interworking. > We really should be deprecating SDP Security Descriptions because it has far worse security properties compared with DTLS-SRTP. I also know SDP as a means for conveying keying material for SRTP isn't exactly the best method in the grand scheme when compared to the other available options. That being said, there are many millions of devices across different vendors still using SDP Security as the SRTP key management protocol. Further, I continue to see more modern internet telephony service providers providing TLS SIP w/SRTP via SDES and the acceleration of cloud registered SIP endpoints utilizing SDP Security. Ignoring the problem that could positively affect so many does not seem like the right thing to do. Other: I started an audit of various enterprise, cloud and service provider offerings to compare MIKEY, DTLS-SRTP, EKT-SRTP, and SDP Security but I will not be able to finish this by the time for dispatch so I have dropped the slide. I can create a wiki page on the drafts GitHub if the group wants to help crowdsource a "Current State of SRTP Key Management Protocol offerings in 2023". Similarly, if a similar study already exists I would love to give it a read. Lastly, I have a WIP draft-01 which provides an alternative solution to draft-00's a=srtpctx SDP attribute. The alternative solution reuses the sdp security session parameter postfix options to convey SSRC, ROC, SEQ. https://www.iana.org/assignments/sdp-security-descriptions/sdp-security-desc riptions.xhtml#sdp-security-descriptions-4 I plan to have a slide on both solutions for the dispatch discussion. Thanks, From: Dan Wing <danwing@gmail.com> Sent: Monday, July 17, 2023 3:41 PM To: dispatch@ietf.org Cc: Kyzer Davis (kydavis) <kydavis@cisco.com>; Robert Sparks <rjsparks@nostrum.com>; mmusic@ietf.org Subject: draft-davis-valverde-srtp-assurance [was: Re: [dispatch] IETF 117 - do you have something for DISPATCH?] Yeah, it feels like draft-davis-valverde-srtp-assurance could go straight to MMUSIC. The I-D needs to discuss what happens when SSRC collision occurs, which I think is "send new SDP indicating the new SSRC and ROC=0". I would like to understand where EKT-SRTP (RFC8870) fails to meet needs. The design of EKT-SRTP avoids signaling SSRC or ROC in the signaling channel and, instead, allow them both to be indicated in the SRTP channel itself. This design allows SSRC collisions to be handled very much like how they are handled with RTP (that is, without the "S"). I would rather see RFC8870 extended to work with SDP Security Descriptions because it moves us on a path towards DTLS-SRTP: DTLS-SRTP-signaled endpoints could interop with SDP Security Descriptions-signaled endpoints because they're both using EKT to handle SSRC/ROC and key changes when group membership changes. We really should be deprecating SDP Security Descriptions because it has far worse security properties compared with DTLS-SRTP. -d Hi Kyzer (et. al.) - Why aren't you taking this straight to mmusic? Am I missing something that says that's not the obvious place for the work? RjS On 6/27/23 7:31 AM, Kyzer Davis (kydavis) wrote: > > Hello, > > I would like to request a bit of dispatch time for the draft just posted: > > <https://datatracker.ietf.org/doc/draft-davis-valverde-srtp-assurance/> https://datatracker.ietf.org/doc/draft-davis-valverde-srtp-assurance/ > > I also plan to attend IETF 117 in person to represent. > > Thanks, >
- [dispatch] draft-davis-valverde-srtp-assurance [w… Dan Wing
- Re: [dispatch] draft-davis-valverde-srtp-assuranc… Kyzer Davis (kydavis)
- Re: [dispatch] draft-davis-valverde-srtp-assuranc… Dan Wing
- Re: [dispatch] draft-davis-valverde-srtp-assuranc… Brian Rosen
- Re: [dispatch] [MMUSIC] draft-davis-valverde-srtp… Roman Shpount
- Re: [dispatch] [MMUSIC] draft-davis-valverde-srtp… DuBois, Sean
- Re: [dispatch] [MMUSIC] draft-davis-valverde-srtp… Roman Shpount
- Re: [dispatch] [MMUSIC] draft-davis-valverde-srtp… Kyzer Davis (kydavis)
- [dispatch] DTLS-SRTP updates Roman Shpount