Re: [MMUSIC] Review (by dhanes) of draft-holmberg-mmusic-udptl-dtls-02

Christer Holmberg <> Mon, 23 December 2013 13:09 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E00461ADFDD for <>; Mon, 23 Dec 2013 05:09:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.851
X-Spam-Status: No, score=-3.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id JdWsmrQxK7fT for <>; Mon, 23 Dec 2013 05:09:03 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id CDE6C1ADFDC for <>; Mon, 23 Dec 2013 05:09:02 -0800 (PST)
X-AuditID: c1b4fb2d-b7f1c8e000005ceb-80-52b835eac5bd
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id 39.62.23787.AE538B25; Mon, 23 Dec 2013 14:08:58 +0100 (CET)
Received: from ([]) by ([]) with mapi id 14.02.0347.000; Mon, 23 Dec 2013 14:08:56 +0100
From: Christer Holmberg <>
To: "David Hanes (dhanes)" <>, "" <>
Thread-Topic: Review (by dhanes) of draft-holmberg-mmusic-udptl-dtls-02
Thread-Index: AQHO/O75QCuznshz40mgGM8qEOtfl5phwtf/
Date: Mon, 23 Dec 2013 13:08:56 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrHLMWRmVeSWpSXmKPExsUyM+Jvre4r0x1BBp1XLSwurfjEYjF1+WMW ByaPKb83snosWfKTKYApissmJTUnsyy1SN8ugSvjyOMNzAX/lCoW7/vC0sC4X7KLkZNDQsBE YtLDDkYIW0ziwr31bF2MXBxCAocYJa7NO8kK4SxhlJh8cjGQw8HBJmAh0f1PG6RBRCBEov9U CxOILSzgJvHm8Wk2iLi7xPnd/xkhbCOJO6dngNWwCKhKbNl/mx3E5hXwldjSu48ZZKSQgI7E ulNxIGFOAV2J3fMvMIPYjED3fD+1BqyVWUBc4taT+UwQdwpILNlznhnCFpV4+fgf2GUSAooS y/vlIMp1JBbs/sQGYWtLLFv4mhliq6DEyZlPWCYwis5CMnUWkpZZSFpmIWlZwMiyipE9NzEz J73ccBMjMA4Obvmtu4Px1DmRQ4zSHCxK4rwf3joHCQmkJ5akZqemFqQWxReV5qQWH2Jk4uCU amCMcimKfBy5iXP2/5hZtbrCz4pYWPrmREeyPfGx1Ul8LSZesvHOasW/r+L1D977fjbnXimf yvPEF1lqWiGPA2tPvJ6dL7bzw7a648/nOV38b9AlzHjgfdmWXQe97MKXPet92lZVtyGc16v8 4M76Sp2S/dyubrUdT34rd8o1BP5fbZAewaPgLKXEUpyRaKjFXFScCAA2E+PgUQIAAA==
Subject: Re: [MMUSIC] Review (by dhanes) of draft-holmberg-mmusic-udptl-dtls-02
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 23 Dec 2013 13:09:06 -0000

Hi David,

Again, thanks for your comments! Reply inline.

> 1) For some reason, I can't seem to get past the wording on this first sentence in Section 1. I feel like it could be stated a bit clearer. The point 
> I think is that there are means to send faxes across the PSTN in a secure manner but it was never a priority due to the barrier of physical 
> access. This is probably just personal preference but I feel a wording similar to the following gets the point across better:
> "While it is possible to transmit highly sensitive documents using traditional telephony encryption devices, secure fax on the Public Switched
> Telephone Network (PSTN) was never widely considered or prioritized. This was mainly because of the challenges involved with physical access to telephony equipment."

I am ok with your suggested change.


> 2) In the last sentence of the first paragraph of Section 1, the following statement is made "Some of the security mechanisms for securing fax include:" and then a T.30 and T.38 
> scheme is mentioned. I think that this has been brought up before but SRTP using fax passthrough is more widely deployed in my experience than either of the other secure 
> faxing methods. I realize that this document is written under the context of UDPTL-based fax but here in the introduction the topic so far is secure fax in a general sense and it 
> has yet to be narrowed down to just UDPTL-based fax. It seems like a glaring omission that SRTP fax solutions are not mentioned here. I think SRTP needs to be added if this is 
> kept in its present form and wording. Or this section could be changed in a manner similar to the following.  This will address the omission of SRTP from my perspective:

I am ok with your suggested rewrite.

Note, though, that  [ITU.T38.2010] does define the usage of T.38 over RTP.

>   While telephony encryption devices have been traditionally used for
>   highly sensitive documents, secure fax on the Public Switched
>   Telephone Network (PSTN) was not as widely considered or prioritized
>   because of the challenges involved with physical access to telephony
>   equipment.  As real-time communications transition to IP networks,
>   where information might potentially be intercepted or spoofed, an
>   appropriate level of security for fax that offers integrity and
>   confidentiality protection is vital.
>   The overwhelmingly predominant fax transport protocol today is
>   UDPTL-based. The protocol stack for fax transport using UDPTL is shown
>   in Table 1.
>                      +-----------------------------+
>                      |           Protocol          |
>                      +-----------------------------+
>                      | Internet facsimile protocol |
>                      +-----------------------------+
>                      |            UDPTL            |
>                      +-----------------------------+
>                      |             UDP             |
>                      +-----------------------------+
>                      |              IP             |
>                      +-----------------------------+
>                Table 1: Protocol stack for UDPTL over UDP
>   Implementations exist today for securing this fax transport type. Some of these
>   mechanisms are:
>   o  [ITU.T30.2005] Annex H specifies integrity and confidentiality
>      protection of fax in application layer, independent of protocol
>      for fax transport.
>   o  [ITU.T38.2010] specifies fax transport over RTP/SAVP which enables
>      integrity and confidentiality protection of fax in IP network.
>   Despite these mechanisms to secure fax, there is no transport layer
>   security offering integrity and confidentiality protection for UDPTL. This issue
>   was addressed in a study by the 3rd Generation Partnership Project (3GPP)
>   on how to provide secure fax in the IP Multimedia Subsystem (IMS). They
>   concluded that secure fax shall be transported using UDPTL over DTLS.


>3) Shouldn't the title for Table 2 be "Protocol stack for UDPTL over DTLS" and not "Protocol stack for UDPTL over UDP"?

I guess it should be "Protocol stack for UDPTL over DTLS over UDP"