Genart last call review of draft-ietf-perc-srtp-ekt-diet-09

Christer Holmberg <christer.holmberg@ericsson.com> Sat, 20 October 2018 22:06 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: gen-art@ietf.org
Cc: draft-ietf-perc-srtp-ekt-diet.all@ietf.org, ietf@ietf.org, perc@ietf.org
Subject: Genart last call review of draft-ietf-perc-srtp-ekt-diet-09
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <154007316490.13794.11476150183128445420@ietfa.amsl.com>
Date: Sat, 20 Oct 2018 15:06:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/Ek2egZEbitB3wxTV35sWneEJp7k>

Reviewer: Christer Holmberg
Review result: Ready with Issues

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-perc-srtp-ekt-diet-09
Reviewer: Christer Holmberg
Review Date: 2018-10-20
IETF LC End Date: 2018-11-01
IESG Telechat date: Not scheduled for a telechat

Summary: The document is well written, and easy to read. But, I think some
things still need to be clarified. I also have some editorial modification
suggestions.

Major issues:
--------------

Q1_1:

The text in section 1 says that EKT removes the need for co-ordinating SSRCs,
and that an endpoint can choose whatever value it wants.

However, I can't find any explanation on how EKT removes that need.

Q1_3:

The text in section 1 says that EKT is not intended to replace key
establishment mechanisms, but to "be used in conjunction".

However, there is no description on how that works in conjunction with existing
mechanisms (e.g., together with SDP Offer/Answer), and whether existing
mechanisms need to be modified in order to work in conjunction with EKT.

Section 5.3 does say that the SDP O/A exchange is not affected. If that is
true, then you need to describe how SSRC values etc signalled in SDP relate to
values signalled using EKT, what happens if there are mismatches etc.

Minor issues:
--------------

Q1_2:

The text in section 1 says:

   "However, there are several cases in which conventional signaling systems
   cannot easily provide all of the coordination required."

I think some examples would be useful.

Q1_4:

The text in section 1 says that providing SSRCs etc using signaling systems
cause layer violations.

Is this layer violation described somewhere? If so, I think a reference would
be useful.

Q4-2_1:

The text in section 4.2 says:

   "All of the received EKT parameter sets SHOULD be stored by all of the
   participants in an SRTP session, for use in processing inbound SRTP
   and SRTCP traffic."

What is the reason for SHOULD, instead of MUST? What happens if an endpoint
does NOT store the EKT parameter sets?

Q4-2-1_2:

The text in section 4.2.1 says:

   "Outbound packets SHOULD continue to use the old SRTP Master Key for
   250 ms after sending any new key."

What is the reason for SHOULD, instead of MUST?

Q4-3_2:

The text in section 4.3 says:

   "Section 4.2.1 recommends that SRTP senders continue using an old key
   for some time after sending a new key in an EKT tag."

The text in section 4.2.1 contains a SHOULD, so it is more than a
recommendation.

Nits/editorial comments:
--------------------------

Q1_5:

I think Section 1 should also indicate that EKT is an DTLS extension, similar
to the Abstract. Otherwise, when you say that EKT is a way to distribute
information, it is unclear why EKT doesn't violate layers.

I think that Section 2 (Overview) could be combined with Section 1
(Introduction). Introduction sections in RFCs typically provide both
background, problem statement and an overview of the mechanism - and sometimes
also the document structure.

Q4_1:

The text in section 4.1 says:

   "EKT MUST NOT be used in conjunction with SRTP's MKI (Master Key
   Identifier) or with SRTP's <From, To> [RFC3711], as those SRTP
   features duplicate some of the functions of EKT.  Senders MUST NOT
   include MKI when using EKT.  Receivers SHOULD simply ignore any MKI
   field received if EKT is in use."

I suggest to put this text in a dedicated Applicability section.

Q4-1_1:

The text in section 4.1 says:

   "Together, these data elements are called an EKT parameter set.  Each
   distinct EKT parameter set that is used MUST be associated with a
   distinct SPI value to avoid ambiguity."

I suggest to defined "EKT parameter set" in the same way as the other
terminology. I.e.,

  "EKT parameter set: The parameters indicated by the SPI"

...or something like that.

Q4-2-1_1:

For the section names of sections 4.2.1 and 4.2.2, I suggest to talk about
sending/transmitting and receiving instead of inbound and outbound.

Q4-3_1:

In section 4.3, I  think the name of the section ("Implementation Notes") is a
little confusing. Also, is there a reason why the text is not in section 4.2.1
and/or 4.2.2?

Q4-4_1:

Sections 4.4 and 4.4.1 have the same section names. Please change one of them
(e.g., change 4.4.1 to "Default Cipher").

Q4-6_1:

I think the text in section 4.6 should be placed in the Applicability section I
suggested earlier (Q4_1).

Q5_1:

In section 5, I  suggest to change the section name to "DTLS-SRTP
Considerations".

Genart last call review of draft-ietf-perc-srtp-e… Christer Holmberg
Re: [Perc] Genart last call review of draft-ietf-… Richard Barnes