IETF Logo Mail Archive

Re: [Gen-art] Genart last call review of draft-ietf-sframe-enc-07

Richard Barnes <rlb@ipv.sx> Wed, 03 April 2024 12:43 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85DA5C14F684 for <gen-art@ietfa.amsl.com>; Wed, 3 Apr 2024 05:43:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9elURqAQPhPb for <gen-art@ietfa.amsl.com>; Wed, 3 Apr 2024 05:43:46 -0700 (PDT)
Received: from mail-il1-x135.google.com (mail-il1-x135.google.com [IPv6:2607:f8b0:4864:20::135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2CE2C14F6B2 for <gen-art@ietf.org>; Wed, 3 Apr 2024 05:43:46 -0700 (PDT)
Received: by mail-il1-x135.google.com with SMTP id e9e14a558f8ab-368c53761cdso8106245ab.2 for <gen-art@ietf.org>; Wed, 03 Apr 2024 05:43:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20230601.gappssmtp.com; s=20230601; t=1712148226; x=1712753026; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=YFllSP3me46oINHgX+RmkIrY8+mz77ictmzM0sEwxmI=; b=ydyFu18UPvoL/pwXRWU4/pWjPTPI1n+Cj1sBomb+x+G7pUVVmbI24TDFXGEKyuhxDy BB3Z4q5p9Xsz/0QaV2zx7sHJqic4WQvmi604zLJccWqJV0b4am/JwEk72qn2+v6ZVE7r nUvMiftQcq4h0KX9VL8eXDnwGaeCjm+PSxpHTmNaDDgXUS7fgYrcTc23XbXAh2hNBLj5 qrmleoTTg3pPa+A50pPZzDDHVjT1kTkWQNo+NuHxTt/hXkDynpUoEmOffJyssJa72jWp 9O9kAYDoTlxil5fS4vo00BR7ux3CLY9Ec6G0mMlGZoMqZJV8LgHHbjfHr7ZRAbl3RuVu 9Pyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712148226; x=1712753026; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YFllSP3me46oINHgX+RmkIrY8+mz77ictmzM0sEwxmI=; b=Ec9lzIuhw0d1c68E17I5ZTEKcqG1000FSfXxBIWi1RPt36RVPrXcZDWKPABAjAt1uU g2sduJbZr1H1Au0AwTTEVD+bSJgkKN4j1lOCDVI6nwesPSWwK8Qfqk0VWgLe8oTlgVpP 0h/nHo9cdGuyxjuPPScjg+6pArP5DX07FILB5ZcVkdjb9EXp4YnDtmZUm4hdcy71MuJ5 ViK/SL88iPBl7zAflZKXcmGtE6/M66C9nAkDeUqZ2LkZvQIwiKHCAKTwx0ONcDgiyjtV HiCv13/cVmNUHNCkCUtBH9AcsK15pbAMwVrnS5EI7EKIzRga3xvHzNdgZYdXt7NWVnuB uEjQ==
X-Gm-Message-State: AOJu0YwIwF17m3jqQRLna4ZUecaL3VfyQXO7LI7sqi4csM+eo10kphGR XWbpPC7Pzpv1CUtzmlRQZAgL5jIIZN4TkI4Vgs/bNHxIaKN3zy9se6cP2cGlO7ps6XpRW3/sGYr nhJc7lZ27bEY1B/toV9aIr+/gMhjD+CEYzKk4Kg==
X-Google-Smtp-Source: AGHT+IHXE75j4doHtvnmlMk0flzc8pgYJj50Trj3UlwsGv9xsQY49wbRlp1BpNTGuLdXSXZPCXorI8WDjOXNArMm7UM=
X-Received: by 2002:a05:6e02:3206:b0:366:3e54:c1e with SMTP id cd6-20020a056e02320600b003663e540c1emr18028436ilb.4.1712148225842; Wed, 03 Apr 2024 05:43:45 -0700 (PDT)
MIME-Version: 1.0
References: <171180498845.29677.4965556570307146979@ietfa.amsl.com>
In-Reply-To: <171180498845.29677.4965556570307146979@ietfa.amsl.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Wed, 03 Apr 2024 08:43:34 -0400
Message-ID: <CAL02cgR1kFyP2MJ3GYqsLTt-R=TkjwMZ0t1Ds-6GO3NQ9NmS4g@mail.gmail.com>
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: gen-art@ietf.org, draft-ietf-sframe-enc.all@ietf.org, last-call@ietf.org, sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ce00f70615309279"
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/WJXSTWRUI68AeWHux9tIiQDvVa0>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-sframe-enc-07
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 12:43:47 -0000

Hi Linda,

Secure Frames are *not* decrypted by the SFU.  The outer HBH encryption is
decrypted by the SFU, but the point of the E2E encryption is that the SFU
does not have the keys.

The document does not claim to save on SFU processing.  For a switching
SFU, the processing should be roughly the same with or without SFrame.

--Richard



On Sat, Mar 30, 2024 at 9:23 AM Linda Dunbar via Datatracker <
noreply@ietf.org> wrote:

> Reviewer: Linda Dunbar
> Review result: Ready
>
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair.  Please treat these comments just
> like any other last call comments.
>
> For more information, please see the FAQ at
>
> <https://wiki.ietf.org/en/group/gen/GenArtFAQ>.
>
> Document: draft-ietf-sframe-enc-??
> Reviewer: Linda Dunbar
> Review Date: 2024-03-30
> IETF LC End Date: 2024-02-15
> IESG Telechat date: 2024-04-04
>
> Summary: This document describes the Secure Frame (SFrame) end-to-end
> encryption and authentication mechanism for media frames.
>
> Question: As the Secure Frames are decrypted by the SFU, why it is less
> processing than the Hop-by-hop encryption between endpoint and SFU?
>
> Thank you,
> Linda
>
>
>

v2.23.0 | Report a Bug | By Email