Re: [Ecrit] Roman Danyliw's Discuss on draft-ietf-ecrit-data-only-ea-21: (with DISCUSS and COMMENT)
Adam Roach <adam@nostrum.com> Mon, 02 March 2020 21:44 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: ecrit@ietfa.amsl.com
Delivered-To: ecrit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 540AD3A1269; Mon, 2 Mar 2020 13:44:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.403
X-Spam-Level:
X-Spam-Status: No, score=-1.403 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, KHOP_HELO_FCRDNS=0.276, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nuMq2y1RoXEJ; Mon, 2 Mar 2020 13:44:58 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3581A3A1288; Mon, 2 Mar 2020 13:44:58 -0800 (PST)
Received: from [172.17.121.48] (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id 022LimOH000546 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 2 Mar 2020 15:44:49 -0600 (CST) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1583185490; bh=tDBnRDsLUvhlDgI09FHugTGTB3I8293Zu2/jbbZTNaI=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=lSm7LHXOApa07Tkho4B5YjgIxP3taeEoFCxN7YGzNAmaao7R4vvwRx8Ao4XvtBMcD i5Ka6a+fFGuw9ymNH2kBaQNXzfWmLBimGglPli9weVI4fib0xsqmzvh6gBxEeK8nPp g5B6xh/rAqIBZRRWHbzduINKvEJgagQ2ejJZUx7k=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be [172.17.121.48]
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
Cc: allison.mankin@gmail.com, ecrit-chairs@ietf.org, ecrit@ietf.org, draft-ietf-ecrit-data-only-ea@ietf.org
References: <158318494177.27467.10769075669362560529@ietfa.amsl.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <227ba0d7-8ace-2ad2-c28c-e74996210c4e@nostrum.com>
Date: Mon, 02 Mar 2020 15:44:41 -0600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0
MIME-Version: 1.0
In-Reply-To: <158318494177.27467.10769075669362560529@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ecrit/T5c2wWSd_Z8ubWk7plr-B3YFCqY>
Subject: Re: [Ecrit] Roman Danyliw's Discuss on draft-ietf-ecrit-data-only-ea-21: (with DISCUSS and COMMENT)
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Mar 2020 21:45:07 -0000
On 3/2/2020 3:35 PM, Roman Danyliw via Datatracker wrote: > Section 9. Per “To provide protection of the entire SIP message exchange > between neighboring SIP entities, the usage of TLS is REQUIRED.”, can you > please provide guidance on how to use TLS. I think the strong implication here is that TLS is to be used in the same way that TLS is used in other SIP applications (in the same way that an HTTP document saying "MUST use TLS" is pretty clearly saying to use HTTPS as per the existing HTTP RFCs). Unfortunately, the TLS handling for SIP is mixed into RFC 3261 all _over_ the place, so there's not anything particularly comprehensive to point to. The best that I think could be said would be something along the lines of "...the usage of TLS, as described in section 26 of [RFC3261], is REQUIRED." Would that satisfy your concern? /a
- [Ecrit] Roman Danyliw's Discuss on draft-ietf-ecr… Roman Danyliw via Datatracker
- Re: [Ecrit] Roman Danyliw's Discuss on draft-ietf… Adam Roach
- Re: [Ecrit] Roman Danyliw's Discuss on draft-ietf… Roman Danyliw
- Re: [Ecrit] Roman Danyliw's Discuss on draft-ietf… Brian Rosen
- Re: [Ecrit] Roman Danyliw's Discuss on draft-ietf… Brian Rosen