IETF Logo Mail Archive

Re: [MMUSIC] Draft new version: draft-ietf-mmusic-dtls-sdp-09

Paul Kyzivat <pkyzivat@alum.mit.edu> Wed, 02 March 2016 16:56 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCB791B2C43 for <mmusic@ietfa.amsl.com>; Wed, 2 Mar 2016 08:56:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1qGlNCG-Jllb for <mmusic@ietfa.amsl.com>; Wed, 2 Mar 2016 08:56:22 -0800 (PST)
Received: from resqmta-ch2-04v.sys.comcast.net (resqmta-ch2-04v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:36]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC1661A7025 for <mmusic@ietf.org>; Wed, 2 Mar 2016 08:56:21 -0800 (PST)
Received: from resomta-ch2-08v.sys.comcast.net ([69.252.207.104]) by resqmta-ch2-04v.sys.comcast.net with comcast id R4vt1s00A2Fh1PH014wMoY; Wed, 02 Mar 2016 16:56:21 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([73.218.51.154]) by resomta-ch2-08v.sys.comcast.net with comcast id R4wL1s00K3KdFy1014wLCF; Wed, 02 Mar 2016 16:56:21 +0000
To: Christer Holmberg <christer.holmberg@ericsson.com>, Roman Shpount <roman@telurix.com>
References: <7594FB04B1934943A5C02806D1A2204B37E45EA2@ESESSMB209.ericsson.se> <56D46C50.9060601@alum.mit.edu> <CABkgnnWxdbFmbeZaywyhrmXSkma1J0X1X+w-eDJRX5498_FYrw@mail.gmail.com> <56D6FDCA.5020802@alum.mit.edu> <7594FB04B1934943A5C02806D1A2204B37E542C0@ESESSMB209.ericsson.se> <CAD5OKxt4OhXaiNZxk-qC9Q9SMCZ+uzd-xdNs41T+i5kQ0iJYDw@mail.gmail.com> <7594FB04B1934943A5C02806D1A2204B37E5438A@ESESSMB209.ericsson.se>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <56D71B33.9000508@alum.mit.edu>
Date: Wed, 02 Mar 2016 11:56:19 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <7594FB04B1934943A5C02806D1A2204B37E5438A@ESESSMB209.ericsson.se>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1456937781; bh=4tBcOglZteJgQqfsCKgZqGB5DH4zGVvpQ/xT7evHmXc=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=PlJMw+hyZp7e0inj5F4buSuPztN8Ja9qC4Dq3m7DqZMq+4WziKW6f6gcncuAstOPg we07dolitEv7j3kkhSigAV/YiQj8XLVKBOF65nBn8eceBNkYBZsMNBWywkjhCYbub6 6FdufPLpz6F5j5jHibBoBcH/m5c5ewvwAva3S8cTTvzbGM5XUUex7bGZPzr9qdqd8G kQUhH0CKuxY7SUVeJKlj5u1C6fSeKr1QCswV9+YSrP+SYtS4VQkiSiY6Z/Zx2+PwHi Zz0KkRta1yKUSr2eN7xX7yqnhM8Ui82eeYraT1EorLIYkYdDSmtSnhNFqI+oUF6rUz ka4refeLYOoaQ==
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/6mv3FfX8xcmw83KsERreVbYsT8c>
Cc: "mmusic-chairs@ietf.org" <mmusic-chairs@ietf.org>, "mmusic@ietf.org" <mmusic@ietf.org>
Subject: Re: [MMUSIC] Draft new version: draft-ietf-mmusic-dtls-sdp-09
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2016 16:56:23 -0000

On 3/2/16 11:43 AM, Christer Holmberg wrote:
> So, do we still need some changes in draft-dtls-sdp?
>
> Perhaps we should completely remove section 3.4 (“Multiple SDP
> fingerprint attributes”), and cover it in the 4572 update?

Every place in the document that mentions "fingerprint" needs to be 
adjusted so it *allows* multiple fingerprints and makes sense if there 
are more than one. (You got some but not all of them.)

Hopefully anything that deals with the semantics of having multiple 
fingerprints can be delegated to 4572bis. That includes what it means if 
a fingerprint is added, removed, changed.

	Thanks,
	Paul

> Regards,
>
> Christer
>
> *From:*Roman Shpount [mailto:roman@telurix.com]
> *Sent:* 02 March 2016 18:27
> *To:* Christer Holmberg <christer.holmberg@ericsson.com>
> *Cc:* Paul Kyzivat <pkyzivat@alum.mit.edu>; Martin Thomson
> <martin.thomson@gmail.com>; mmusic-chairs@ietf.org; mmusic@ietf.org
> *Subject:* Re: [MMUSIC] Draft new version: draft-ietf-mmusic-dtls-sdp-09
>
> On Wed, Mar 2, 2016 at 11:25 AM, Christer Holmberg
> <christer.holmberg@ericsson.com <mailto:christer.holmberg@ericsson.com>>
> wrote:
>
>     Hi,
>
>      >>>     One of the certificates received during the DTLS handshake MUST
>      >>
>      >> Note: While there are multiple certificates in a DTLS handshake,
>     ONLY
>      >> the end-entity certificate should be checked.  Checking against
>     other
>      >> certificates would be a serious bug and a huge security
>     vulnerability.
>      >
>      > It would be good to say that somewhere.
>
>     Should that be said in the 4572 update? Or, is it DTLS-specific?
>
> This should be in 4572 update. This is not DTLS specific.
>
> _____________
> Roman Shpount
>

v2.23.0 | Report a Bug | By Email