IETF Logo Mail Archive

Re: [MMUSIC] [Technical Errata Reported] RFC4568 (6291)

Roman Shpount <roman@telurix.com> Thu, 15 October 2020 03:01 UTC

Return-Path: <roman@telurix.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA90D3A1217 for <mmusic@ietfa.amsl.com>; Wed, 14 Oct 2020 20:01:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9MC7pVdaT-dr for <mmusic@ietfa.amsl.com>; Wed, 14 Oct 2020 20:01:51 -0700 (PDT)
Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com [IPv6:2607:f8b0:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA1323A121D for <mmusic@ietf.org>; Wed, 14 Oct 2020 20:01:51 -0700 (PDT)
Received: by mail-ot1-x32c.google.com with SMTP id n61so1607723ota.10 for <mmusic@ietf.org>; Wed, 14 Oct 2020 20:01:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KWEPDBbNmGu+ObO8I8PbSS0A+ESTo0vW0/5G2Jk/A7k=; b=TCq/UC1pRiU7nadHV63lkZqCaOJHwMPJc+UvDzGUq3X2FiDLP5MhNCgGXpwfrJH/ov 9w1mFX5mZU8MyVCz0znpcCsh3B4lgEQq7ep2H1Xiom1PFE1eL843GB/fJvMym/psHOyM CsyeuVGQv7QQbUq3BDjIn+v/HXch3KTfRcl5KH5WkSd45wV8O94TveR43z9/0WzxxG1b fAa31dJzPiHgTG1W6qHx75i9O0XW8jsh0LFaOoKrqCon4sD9FQmeTeGPec5mYXeang3I oVcPqEJSXaeRW9aCrdgdepAh5cL6eMp3HjWI2BbSR6lJCpFCufEY+mxipJEeJMq4ca9+ jSew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KWEPDBbNmGu+ObO8I8PbSS0A+ESTo0vW0/5G2Jk/A7k=; b=r6zdsBhKXxAwl51RrQ9w3pv3TZkBI+UFNt0/U9rkEhbhTedHcQjuAhJypZYOdwY9gY v8/rmcos4ueVKfNpD/DkGtXEAswhYtcAj494+hjPVo27uhf4t7zWPGuk49D2xRjlMOrh LrImJqZHqU48zQ++UyJYpBZHQRR6sOXUaXR27XaF9vkS+2Nd4cvcBTMkpFI2ga3kIF6S NGMFN//Eut9qfNYrOEqCevOMDEue02Z3UJHlxFzMvkuMM8Hyj1lxiNQGNHtI95z8iS6J UyYesP5UoUvKqGC9E22XSl6cf4LReNwTb8z+QjpZQRPSaM11BYFpNr1XykHSOo4B8vxI dzAg==
X-Gm-Message-State: AOAM531ZGUCuQMrfV8RlysXTxrd01oWz1axJcyANfiD3efglIOGQtQOK 5e9qVwCGjuNACArxn8wLNQTLPWFcArt8nw==
X-Google-Smtp-Source: ABdhPJwU5wTrjUa3QgT7K7hwxiDFKcvGpSowpINRZahkjJ3ijlcz72zO9+mixFp1kTWzt3T/2crTvg==
X-Received: by 2002:a9d:7f8e:: with SMTP id t14mr1299452otp.40.1602730910375; Wed, 14 Oct 2020 20:01:50 -0700 (PDT)
Received: from mail-oi1-f177.google.com (mail-oi1-f177.google.com. [209.85.167.177]) by smtp.gmail.com with ESMTPSA id x13sm544399otg.66.2020.10.14.20.01.49 for <mmusic@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 14 Oct 2020 20:01:49 -0700 (PDT)
Received: by mail-oi1-f177.google.com with SMTP id 16so1516216oix.9 for <mmusic@ietf.org>; Wed, 14 Oct 2020 20:01:49 -0700 (PDT)
X-Received: by 2002:a05:6808:254:: with SMTP id m20mr807766oie.139.1602730908741; Wed, 14 Oct 2020 20:01:48 -0700 (PDT)
MIME-Version: 1.0
References: <20200916174633.E62DCF40776@rfc-editor.org> <b04d4902-5c9c-b2d0-17eb-21a2cf27663a@cisco.com> <CAD5OKxvbOOmdEfEFEM_iwV0dsi=nccUXS+x3mnTMOBFtdmDzFQ@mail.gmail.com> <335cdf8e-5f21-db82-a283-a53ed9f40136@cisco.com> <DAFACA3E-8D8F-4065-8E5B-D36B01F42C65@cisco.com> <901f92b5-7e91-bee3-f346-f64fae79341f@cisco.com> <C6EDA481-CB2B-431B-B3F6-D4ADBF4BF673@cisco.com>
In-Reply-To: <C6EDA481-CB2B-431B-B3F6-D4ADBF4BF673@cisco.com>
From: Roman Shpount <roman@telurix.com>
Date: Wed, 14 Oct 2020 23:01:37 -0400
X-Gmail-Original-Message-ID: <CAD5OKxuP_MxBo66NA3XTOLvVo_9Cpg01C+1R68G6wShCpQg0ng@mail.gmail.com>
Message-ID: <CAD5OKxuP_MxBo66NA3XTOLvVo_9Cpg01C+1R68G6wShCpQg0ng@mail.gmail.com>
To: "David Nguyen (davidtng)" <davidtng@cisco.com>
Cc: "Flemming Andreasen (fandreas)" <fandreas@cisco.com>, RFC Errata System <rfc-editor@rfc-editor.org>, "mbaugher@cisco.com" <mbaugher@cisco.com>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>, "Murray S. Kucherawy" <superuser@gmail.com>, "barryleiba@computer.org" <barryleiba@computer.org>, Bo Burman <bo.burman@ericsson.com>, mmusic WG <mmusic@ietf.org>, "Patrick Kinane (pkinane)" <pkinane@cisco.com>, "Venkata Amudalapalli -X (vamudala - INFOSYS LIMITED at Cisco)" <vamudala@cisco.com>
Content-Type: multipart/alternative; boundary="0000000000007c736105b1acde67"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/AcCWwZdm5acs9w-mHZQZVygLehw>
Subject: Re: [MMUSIC] [Technical Errata Reported] RFC4568 (6291)
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Oct 2020 03:01:55 -0000

David,

You can look at open source projects such as pjsip,  Asterisk, Freeswitch,
linphone.

I am fairly certain they reset the ROC count if either IP address changes,
but you are free to double check.
_____________
Roman Shpount


On Wed, Oct 14, 2020 at 10:21 PM David Nguyen (davidtng) <davidtng@cisco.com>
wrote:

> Thanks Flemming.  Who can we reach out to in order to get further input
> regarding your comments?
>
> a) What they have actually implemented
> b) What they believe is the propoer solution here.
>
>
>
> Thanks,
> David
>
> *From: *Flemming Andreasen <fandreas@cisco.com>
> *Date: *Tuesday, October 13, 2020 at 6:27 PM
> *To: *"David Nguyen (davidtng)" <davidtng@cisco.com>, Roman Shpount <
> roman@telurix.com>
> *Cc: *RFC Errata System <rfc-editor@rfc-editor.org>, "mbaugher@cisco.com"
> <mbaugher@cisco.com>, "dwing-ietf@fuggles.com" <dwing-ietf@fuggles.com>,
> "Murray S. Kucherawy" <superuser@gmail.com>, "barryleiba@computer.org" <
> barryleiba@computer.org>, Bo Burman <bo.burman@ericsson.com>, mmusic WG <
> mmusic@ietf.org>, "Patrick Kinane (pkinane)" <pkinane@cisco.com>,
> "Venkata Amudalapalli -X (vamudala - INFOSYS LIMITED at Cisco)" <
> vamudala@cisco.com>
> *Subject: *Re: [MMUSIC] [Technical Errata Reported] RFC4568 (6291)
>
>
>
>
>
> On 10/13/20 4:49 PM, David Nguyen (davidtng) wrote:
>
> Thanks Flemming.
>
>
>
> For the flow I posted in the Errata, which is also the reason for the
> Errata, your understanding is correct.  Due to Music on Hold (MOH) handling
> by CUCM, the c= IP address in the INVITE gets changed from IP1ofEXP to
> IP2ofMoH and then back to IP1ofEXP.  (The CUCM is only part of the
> signaling flow and not part of the actual media flow)  The problem is
> Expressway (or an IP phone) does not know about this IP address change and
> thus does not reset the crypto context/ROC for the media stream from SBC to
> EXP.
>
> Should the SBC in this case cache the crypto context from before the
> hold/resume to continue using it afterwards? (since they are using the same
> SSRC before and after hold/resume)
>
> It can do that as a workaround in this particular case, but it's not
> something that's defined in RFC 4568 (which, as noted below, doesn't seem
> to properly cover this call flow scenario).
>
> Thanks
>
> -- Flemming
>
>
>
>
> Thanks,
> David
>
>
>
> *From: *Flemming Andreasen <fandreas@cisco.com> <fandreas@cisco.com>
> *Date: *Tuesday, October 13, 2020 at 1:23 PM
> *To: *Roman Shpount <roman@telurix.com> <roman@telurix.com>
> *Cc: *RFC Errata System <rfc-editor@rfc-editor.org>
> <rfc-editor@rfc-editor.org>, "mbaugher@cisco.com" <mbaugher@cisco.com>
> <mbaugher@cisco.com> <mbaugher@cisco.com>, "dwing-ietf@fuggles.com"
> <dwing-ietf@fuggles.com> <dwing-ietf@fuggles.com> <dwing-ietf@fuggles.com>,
> "Murray S. Kucherawy" <superuser@gmail.com> <superuser@gmail.com>,
> "barryleiba@computer.org" <barryleiba@computer.org>
> <barryleiba@computer.org> <barryleiba@computer.org>, Bo Burman
> <bo.burman@ericsson.com> <bo.burman@ericsson.com>, "David Nguyen
> (davidtng)" <davidtng@cisco.com> <davidtng@cisco.com>, mmusic WG
> <mmusic@ietf.org> <mmusic@ietf.org>
> *Subject: *Re: [MMUSIC] [Technical Errata Reported] RFC4568 (6291)
>
>
>
>
>
> On 10/12/20 6:25 PM, Roman Shpount wrote:
>
> Hi Flemming,
>
>
>
> As far as I know, and as far as I understand this text, if either offerer
> or answerer changes the IP address, a new master key should be sent in SDP
> (either offer or answer) and new crypto contexts where the ROC is set to
> zero should be created in BOTH directions.
>
> I agree this is what needs to happen (or alternatively we need another way
> of resetting the ROC), but I don't think the current text says exactly
> that. For example, if only the answerer changes it's IP-address, then by
> definition, the offerer will keep his master key for media he is sending to
> the answerer. What you could do at that point of course is to require
> another offer/answer exchange where the offerer needs to change it's media
> transport address, but that has some side effects that need to be
> considered as well (e.g. NAT traversal).
>
>
>
> The reasoning for this is a decomposed SIP gateway or working with B2BUA.
> In these cases, there is no guarantee that the same two endpoints
> communicate and that that the current ROC counter is known.
>
> Right - that's the problem. It would be good to hear from more people as
> to
> a) What they have actually implemented
> b) What they believe is the propoer solution here.
>
> Thanks
>
> -- Flemming
>
>
>
> Best Regards,
>
> _____________
> Roman Shpount
>
>
>
>
>
> On Mon, Oct 12, 2020 at 6:18 PM Flemming Andreasen <fandreas=
> 40cisco.com@dmarc.ietf.org> wrote:
>
> Sorry for the delay - it's been quite a while since I looked at SRTP and
> RFC 4568 in detail and hence it would be great if more people could take a
> closer look and chime in as well.
>
> In any case, please see below.
>
> On 9/16/20 1:46 PM, RFC Errata System wrote:
>
> The following errata report has been submitted for RFC4568,
>
> "Session Description Protocol (SDP) Security Descriptions for Media Streams".
>
>
>
> --------------------------------------
>
> You may review the report below and at:
>
> https://www.rfc-editor.org/errata/eid6291
>
>
>
> --------------------------------------
>
> Type: Technical
>
> Reported by: David Nguyen <davidtng@cisco.com> <davidtng@cisco.com>
>
>
>
> Section: 7.1.4
>
>
>
> Original Text
>
> -------------
>
> If the offerer includes an IP address and/or port that differs from
>
>    that used previously for a media stream (or FEC stream), the offerer
>
>    MUST include a new master key with the offer (and in so doing, it
>
>    will be creating a new crypto context where the ROC is set to zero).
>
>    Similarly, if the answerer includes an IP address and/or port that
>
>    differs from that used previously for a media stream (or FEC stream),
>
>    the answerer MUST include a new master key with the answer (and hence
>
>    create a new crypto context with the ROC set to zero).  The reason
>
>    for this is that when the answerer receives an offer or the offerer
>
>    receives an answer with an updated IP address and/or port, it is not
>
>    possible to determine if the other side has access to the old crypto
>
>    context parameters (and in particular the ROC).  For example, if one
>
>    side is a decomposed media gateway, or if a SIP back-to-back user
>
>    agent is involved, it is possible that the media endpoint changed and
>
>    no longer has access to the old crypto context.  By always requiring
>
>    a new master key in this case, the answerer/offerer will know that
>
>    the ROC is zero for this offer/answer, and any key lifetime
>
>    constraints will trivially be satisfied too.  Another consideration
>
>    here applies to media relays; if the relay changes the media endpoint
>
>    on one side transparently to the other side, the relay cannot operate
>
>    as a simple packet reflector but will have to actively engage in SRTP
>
>    packet processing and transformation (i.e., decryption and re-
>
>    encryption, etc.).
>
> Finally, note that if the new offer is rejected, the old crypto
>
>    parameters remain in place.
>
>
>
>
>
> Corrected Text
>
> --------------
>
>
>
>
>
> Notes
>
> -----
>
> (and in so doing, it
>
>    will be creating a new crypto context where the ROC is set to zero).
>
>     -Which crypto context for which direction?  Logically this would be the crypto context for media towards the new IP address ?
>
> Note that there is some asymmetry in the way SDP signaling is done in RFC
> 4568:
> - The transport address information (per normal SDP) refers to where media
> will be *received* (although in practice, symmetric RTP will lead to it
> being both the send and receive address)
> - The SRTP crypto parameters provided apply to media being *sent* by the
> endpoint that generated the SDP
>
> Furthermore, both the sender and receiver of SRTP media need to agree on
> the SRTP cryptographic context for a given SSRC.
>
> Having said that, the above text applies to media being generated (sent)
> by the offerer. The change in IP-address indicates that the offerer may not
> have access to the old cryptographic context parameters, and hence we must
> create a new one (on both the sending and receiving side).
>
>
>
>
> (and hence
>
>    create a new crypto context with the ROC set to zero).
>
>    -What if the offerer stays the same and only the answerer changes the IP address?
>
> New crypto context in direction towards new IP address?
>
> If the offer transport address stays the same, then the cryptographic
> context also stays the same (unless any of the parameters were changed in
> the offer). In other words, the offerer does not change the SRTP crypto
> context for media sent to the answerer.
>
> Conversely, if the answerer sends back a new transport address, then a new
> crypto context will be created for media sent from the answerer to the
> offerer.
>
> Now, there seems to be a potential problem here, since if only the
> answerer changed his IP-address, then the answer endpoint may have changed,
> and chances are he does not have the crypto context parameters for media
> sent to him. The current text does not seem to adequately handle this
> scenario.
>
>
>
> By always requiring
>
>    a new master key in this case, the answerer/offerer will know that
>
>    the ROC is zero for this offer/answer,
>
>    -Is this resetting crypto context for both directions of media flow?
>
> The current text treats each direction independently, and hence the answer
> is no (which as noted above can lead to problems).
>
> Note also that the above sentence is misleading when taken out of context:
> It is not the change in master key that causes the ROC to be reset to zero
> - it's the change in transport address as called out earlier in the
> paragraph for that sentence (if my re-read of SRTP [RFC 3711] is correct).
>
>
>
> Is this section based on having offer and answerer both change the IP address.
>
> What if the offerer did not change the IP address but the answerer does change it.
>
> What is the expected behavior for media/crypto context/ROC for both sides?
>
> The document does not seem to adequately address this scenario. A couple
> of options come to mind:
> 1) If the offerer sees a change in transport address information (but it
> kept the old crypto context itself), it can change the SSRC for media
> packets it sends, thereby forcing a new "late binding" event with a ROC=0
> (RFC 4568, Section 6.4.1)
> 2) Update RFC 4568 to clarify how the above situation should be handled.
> It's not immediately obvious to me how we can do that without either
> a) introducing some additional form of signaling where we include the
> current ROC value from the offerer
> b) require another O/A exchange with a new transport address from the
> offerer (and hence a new crypto context)
>
>
>
> What is expected for IP address of 0.0.0.0 for hold, should this reset crypto context as well?
>
> The text does not treat 0.0.0.0 as a special IP-address, so yes.
>
>
>
> How should all of this be handled for the case of switching to MoH server and then back to original call?
>
> SBC ------------- CUCM ------------ EXP (signaling)
>
> SBC --------------------------------- EXP (media stream 1)
>
> SBC --------------------------------- MOH (media stream 2)
>
>
>
> SBC ------------- CUCM ------------ EXP
>
> <--------------------SDP with IP1ofEXP part of early offer from SBC
>
> Crypto context for media towards EXP
>
> <--------------------SDP with IP2ofMoH part of delayed offer from CUCM and additional early offer CUCM.  CUCM initiates MoH signaling towards SBC.
>
> Crypto context for media towards MoH (only SBC and MoH know about this)
>
> <--------------------SDP with IP1ofEXP part of delayed offer from CUCM
>
> Crypto context for media towards EXP.  Should this be the same as the original if SSRC did not change for media from SBC towards Expressway?
>
> It's a bit difficult to follow given the lack of call flow detail above,
> but since there was an IP-address change from IP2ofMoH to IP1ofEXP, RFC
> 4568 Section 7.1.4 would want a new crypto context for media *from* the
> EXP.
>
> In terms of media *to* the EXP, the SBC sees a change in IP-address
> information (from IP2ofMoH to IP1ofEXP), so it should create a new crypto
> context. However, from EXP's point of view, it may or may not have seen a
> change in IP-address when the change to IP2ofMoH was made. If it did, then
> things should be ok. If it did not, then we are in a situation that is not
> properly covered by RFC 4568 (as far as I can tell) and one the above
> suggestions will have to be considered.
>
> Thanks
>
> -- Flemming
>
>
>
> Instructions:
>
> -------------
>
> This erratum is currently posted as "Reported". If necessary, please
>
> use "Reply All" to discuss whether it should be verified or
>
> rejected. When a decision is reached, the verifying party
>
> can log in to change the status and edit the report, if necessary.
>
>
>
> --------------------------------------
>
> RFC4568 (draft-ietf-mmusic-sdescriptions-12)
>
> --------------------------------------
>
> Title               : Session Description Protocol (SDP) Security Descriptions for Media Streams
>
> Publication Date    : July 2006
>
> Author(s)           : F. Andreasen, M. Baugher, D. Wing
>
> Category            : PROPOSED STANDARD
>
> Source              : Multiparty Multimedia Session Control RAI
>
> Area                : Real-time Applications and Infrastructure
>
> Stream              : IETF
>
> Verifying Party     : IESG
>
> .
>
>
>
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
>
>
>
>
>
>
>

v2.23.0 | Report a Bug | By Email