IETF Logo Mail Archive

Re: [Gen-art] Genart last call review of draft-ietf-sframe-enc-07

Linda Dunbar <linda.dunbar@futurewei.com> Wed, 03 April 2024 16:13 UTC

Return-Path: <linda.dunbar@futurewei.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C2E0C14F697; Wed, 3 Apr 2024 09:13:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jQzqpXf0AgVY; Wed, 3 Apr 2024 09:13:48 -0700 (PDT)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2106.outbound.protection.outlook.com [40.107.243.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34565C14F617; Wed, 3 Apr 2024 09:13:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YKcSGzqbYbOAT/5dNV1U4DHYrIMX5UkyAdXb9dUbojiJSAvUmRTrj/1dmQCBVoQoW9cZWaKtMZUkYA4Aj5dKmZMqEFuimzEUY4IvjnwaPyt3l+WIIPlewQ2vT3L/N7Woai3kJ3KZGkeLyqMMQyDn+x3sbNSeH+EX9vd5PVS+OfSn+61z9JLam/gYJuUWdhpJWwfbT93p5EY41edqDSnZ7UMmwtE8XHoDCcLUPCKks36EBQ+Fh+laSWIUfffvJfwj9MJMyDCN0jW3Y7g6+wX5MmAAwE+zPENlBD6r/DSgUUF7ugdKbzxrKgpoWukvUqmxWI75CRPqRAXXnCTD9TgViw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mTmK5YJTRm6FxuK7ymyXGqBW2iUvT9KJXBr+htp3yoQ=; b=glrl3ORcT3c664g+dqV0hYTwp6PboNix3Wq/kSjyTDIbbKM3HpUqznazqf8ZifFt4KNV7iTTjDhzNjXKWYde15XjE5jux1h6qofc0sd5mlBYATeLtxB7MCKoStt0T4X/AfpdDkwCQBBuUsKTPWdPpxU/3lMb6YQlxOHtDH9OG/KmoZ/MexgoxIm24unB5WL8bUt3Dk8aYk/i2hR9VnP8ykpI0QXqZ7waVn4crTYsw8tnprXzQQuWnJv9q6Hs8s0N3eKdIfbNDnmGjQQBWS08Rbnr+4gqpxufOslcFDBMFvnkSuvxR8O303usUZ7/4xo4LeYXLZ6PxhNMKWml1BRvyw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mTmK5YJTRm6FxuK7ymyXGqBW2iUvT9KJXBr+htp3yoQ=; b=UHTApuyBfRcQr2D9LPNouuNBW7pUKbIas3U63YMlWVEZP2e+cyddeaOfis929YfTEr1ydUunYqVCKf4w728mEkXXTtICf6CCOwVZUb+7zcnKrj3UT/g0P2jZ16VRE85qeZeTtQulbeH/aHmx5kBTgECSRr1mji98Vq+5powMYvw=
Received: from CO1PR13MB4920.namprd13.prod.outlook.com (2603:10b6:303:f7::17) by CO3PR13MB5720.namprd13.prod.outlook.com (2603:10b6:303:17a::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Wed, 3 Apr 2024 16:13:39 +0000
Received: from CO1PR13MB4920.namprd13.prod.outlook.com ([fe80::3964:b284:7035:fa48]) by CO1PR13MB4920.namprd13.prod.outlook.com ([fe80::3964:b284:7035:fa48%7]) with mapi id 15.20.7409.042; Wed, 3 Apr 2024 16:13:38 +0000
From: Linda Dunbar <linda.dunbar@futurewei.com>
To: Richard Barnes <rlb@ipv.sx>
CC: "gen-art@ietf.org" <gen-art@ietf.org>, "draft-ietf-sframe-enc.all@ietf.org" <draft-ietf-sframe-enc.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "sframe@ietf.org" <sframe@ietf.org>
Thread-Topic: Genart last call review of draft-ietf-sframe-enc-07
Thread-Index: AQHahcSU6voe3jOFC0Wcolp2qxo5abFWtxag
Date: Wed, 03 Apr 2024 16:13:38 +0000
Message-ID: <CO1PR13MB4920FCE989FC4B1AAE8BDEAA853D2@CO1PR13MB4920.namprd13.prod.outlook.com>
References: <171180498845.29677.4965556570307146979@ietfa.amsl.com> <CAL02cgR1kFyP2MJ3GYqsLTt-R=TkjwMZ0t1Ds-6GO3NQ9NmS4g@mail.gmail.com>
In-Reply-To: <CAL02cgR1kFyP2MJ3GYqsLTt-R=TkjwMZ0t1Ds-6GO3NQ9NmS4g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CO1PR13MB4920:EE_|CO3PR13MB5720:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: sbKtlIrj+cMaraTGaWdGRi1Ati+jYgce6tFNnA2FUezZlHq3WejiWDQYcs86ZqUPfUGcy8mG8J2l7yKdKFNSOiximTi5LfGygZi4y+/ZSlXU3whLShymEydzCnZbxtua4s+ZH4avyrICZ1kUW6EHJ4o32Y3EIW3sodqYFENruS5KG8kCL58A4gqWkbfEwOU7wZGOlMlQQo8j2+x6zvmgvHNR+SXKQm/wJ0ZvZztwQ6PzTgBVwS6H8XuRPjjCrrwZiNbvI/TGgNeceWrQLR/AO2JGHwTC52rgf/ZxW630dFNmn1joalvz54QD0C2D1Nn0XVsKvYyVxXySH6S1YiXmF/cg9ORXWx0Gul/JKGpxxWNiUU4uXEuuFAOG91S4MYnn4j17iiriMst/WzzbWeRR55zQ5tm/Hlh4lyJ1L0zK/sKCSbyZh6Me717GLAOxOixyOQsWqCCPnpTZNWJcLbwYuGhGtoXTgEOsJT9Ii3pQZk/5B25f9njUagAyEBOi90mRwlNaGwHLPQrqfHrjQgnq8kFdGN20tnENwQRkdUZZESiIJtwBavifja0WbktedWxdJUR9WCkMd9j1/JFTCOiJHNhmZyzK7+duOowSk2O+qAM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR13MB4920.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(366007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: NGJaD1qUraAchomIoOx8sAPU2FChUnODarMUe/2RmKq1IByr4mIdsFOg9zpO/lWK1V6BrgHPVxOfJf4/TSToaF4zbOgVjNRHubNnZgFuJe/KThD0Krn2dk8cLhNVWnUXFixBuVm7/GP8Htul3W0ORgiuzE7OqAOM7WQh8lpLQZc3sV3mI1fi9EYNRkTydmht/2hF9LyakdsDGcMoDCeuf51jnFwTe9qnwyBxpfpkKmi9CcdIacGAQwLR3xO0G5WZoy43NwbWdEeIbufbrP07faRZwaec73y+VdSACQo8LNuNVI4xthhAbn7KJaqGNvArTOkVjtIs9XyZ/1dk1DeRv8LoOQ2aSZGLauuANR6josGLpSjjx2HhaQn0pVub9nCFC22yZhAu5pMwFJEAa0Fa8WsjIsSyMj7aa6tA241Q/gfyCYdE5XLMUcN4+ku9k57jQDj6p3ai5NTp7iOjqkJO6d/fA4o6EYUupbt6Hgs+yqW4Tuq5dcDsUPK4Vm7q9c7wUeRwImMzgoExdbuPEySCwBPalMd/Z9nDWaq+5ZDKi6Gk0VHgC+OciakyJIbOwceBEsMUg3nMOkLJD5kzKjiNq7cmj7ifq8AUA/YWE2Kae714qSww0o1ktp66mKztGeaukF0zAaJ9X7rRLE2hyHz1OdB5A1QYUrsjBDVGz0+QbPgbbANfWnO42nwLyPDxgwWOrzpQUmceEOUw8XWYAZZEYtDHGbwOsF2CvsKxN1b19FFVWMr9RYCxXwg/0y1OV8Kh5wfBAmPzahOqDwwZ8TlRcDcW69S/IHWynoYe85E7P5vKrf0Ve7bG9DSarPuVSLa1hO9pm1H3bp6DQvHc5r3MjwoKMDQOVIKkKsFj5nLdHKT24igfrUcaj1EmGxGTs33Csr8LHxcmDSG9JOGmaCE75Z5f4DzEe+0QR6TlLGDOP82PFlqjkbYI0KtxDW68PIa3ZOOwRMzeQe64EP1KfgwK70NQlZxSgaQ5zWAdvXXLKPfv3cRT0QwtEwbjMdFcgrNBt4YuA1nvclkdHS2hZUW5TLgWGrI3k79o2HKAoFzgBaciQWaLFPnPzXYNAWgRT93CesMG/M32nmbwyDK5hxuVI49jA0uD0AevKvhARaIg5QP6BcN53tTdVyuH/J9FvQSGpf8yWU4P0VioxcfapXL0GHy4FwglMsGIIcnKzTZXw/tLrtP+lI4Xca/fCAVdRNCxhp3T+2zxZ3WiNs4eGThlmjrBZ+y7BD5opB4qxv76N4wQLvGMji4f0JavHQYnOvo49kbEp+2twCf/mOVgt4GL8Pml246PAjd3LwmlAf6aQMQVV8EUlycxDtev1YltsQgDt71vDBHhTqWXLtomYp0C4DRbWJuDEt1SWUsdKN/rqF8R+EGFx7EmvEMrOV+ISXnuNiDaV62IJ9/tpEq4a47DMztJIyCWbq6tnOG9RLiTK3aVv/tTyh5jVHuNQVUE/j3iCfaeOhEXjU9jaxuJ9C2OXwsvFEhe84OncgvPaNyRqWrH+YyetLtWGBQt1nr+FC8zEz16fOU2PiQwX8/aKhMm7qFfFF/h6e8Mgzq9TdlQqjJHxA7IitHAArw5ITJyw4nB
Content-Type: multipart/alternative; boundary="_000_CO1PR13MB4920FCE989FC4B1AAE8BDEAA853D2CO1PR13MB4920namp_"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR13MB4920.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 03458ac1-84ad-453f-8433-08dc53f905ac
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Apr 2024 16:13:38.6383 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: eiwuQFqdwIuvqw4nWl2gEGKukmSkKl2ARg3KsF9cukkmYj26TJEdynYXZjQC4Lb0hEUHXqlW3NZqcfDy395Cqg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO3PR13MB5720
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/XqjTJsJgCxnEckjQ4Xah8AXXejg>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-sframe-enc-07
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 16:13:53 -0000

Richards,

Thanks for the explanation.

The third paragraph of the Intro section says:

The Secure Real-Time Protocol (SRTP) is already widely used for HBH
encryption [RFC3711]. The SRTP "double encryption" scheme defines a
way to do E2E encryption in SRTP [RFC8723]. Unfortunately, this
scheme has poor efficiency and high complexity, and its entanglement
with RTP makes it unworkable in several realistic SFU scenarios.

Is Secure Frame intended for fixing the poor efficiency and high complexity of SRTP?  The SRTP used for HBH requires the SFU to perform the decryption, correct?
Can  Secure Frame  use the SRTP?

Thank you,

Linda


From: Richard Barnes <rlb@ipv.sx>
Sent: Wednesday, April 3, 2024 7:44 AM
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: gen-art@ietf.org; draft-ietf-sframe-enc.all@ietf.org; last-call@ietf.org; sframe@ietf.org
Subject: Re: Genart last call review of draft-ietf-sframe-enc-07

Hi Linda,

Secure Frames are *not* decrypted by the SFU.  The outer HBH encryption is decrypted by the SFU, but the point of the E2E encryption is that the SFU does not have the keys.

The document does not claim to save on SFU processing.  For a switching SFU, the processing should be roughly the same with or without SFrame.

--Richard



On Sat, Mar 30, 2024 at 9:23 AM Linda Dunbar via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote:
Reviewer: Linda Dunbar
Review result: Ready

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.

Document: draft-ietf-sframe-enc-??
Reviewer: Linda Dunbar
Review Date: 2024-03-30
IETF LC End Date: 2024-02-15
IESG Telechat date: 2024-04-04

Summary: This document describes the Secure Frame (SFrame) end-to-end
encryption and authentication mechanism for media frames.

Question: As the Secure Frames are decrypted by the SFU, why it is less
processing than the Hop-by-hop encryption between endpoint and SFU?

Thank you,
Linda

v2.23.0 | Report a Bug | By Email