Re: [MMUSIC] AD Evaluation of draft-ietf-mmusic-rfc4566bis-32: Private Sessions

Ben Campbell <ben@nostrum.com> Mon, 18 February 2019 21:11 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9A15130F7C; Mon, 18 Feb 2019 13:11:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.679
X-Spam-Level:
X-Spam-Status: No, score=-1.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B_6EM9_pQnhN; Mon, 18 Feb 2019 13:11:14 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39A9C128BCC; Mon, 18 Feb 2019 13:11:14 -0800 (PST)
Received: from [10.0.1.29] (cpe-70-122-203-106.tx.res.rr.com [70.122.203.106]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x1ILB0fa029307 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 18 Feb 2019 15:11:01 -0600 (CST) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1550524262; bh=WZoMqdlSrSWCcROl8iWqEC/I2oJR7itboBMxpjAqpGo=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=Syepe4PXxXgDe57dfM16IafOKgkyAD/eiCHuSrDkEnvB6EEPkxJq9TvHUfrADMygW cx3ZJ+SY7Q4j34TtWUylYXJhbA4iZskgolGruuN9IUEeOlb/hrEWmmgcQpTyX2bjyg 2CZck1dfXA2fYlQIKhfeqvGxoky4cjB6fPEMwR1Q=
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-122-203-106.tx.res.rr.com [70.122.203.106] claimed to be [10.0.1.29]
From: Ben Campbell <ben@nostrum.com>
Message-Id: <4DD323E5-0634-49FC-8A6F-F1D2056F3A57@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_B34DC6B0-79F5-46C0-85C8-AD0AA4CBDF10"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Mon, 18 Feb 2019 15:10:57 -0600
In-Reply-To: <30850d4c-9fe2-8d45-4b7c-8ccb36f79ade@alum.mit.edu>
Cc: Colin Perkins <csp@csperkins.org>, mmusic WG <mmusic@ietf.org>, draft-ietf-mmusic-rfc4566bis.all@ietf.org
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
References: <04CAFF8C-B6ED-4B7D-9FDD-ED37DCA2848B@nostrum.com> <e7e0042a-8079-8c0e-0ddd-1ea330f08e7c@alum.mit.edu> <E6D4F528-3738-4568-80E8-A2578D0B7C7D@csperkins.org> <30850d4c-9fe2-8d45-4b7c-8ccb36f79ade@alum.mit.edu>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/GHNqHbX0x_HUUu64B5P29EvMEzw>
Subject: Re: [MMUSIC] AD Evaluation of draft-ietf-mmusic-rfc4566bis-32: Private Sessions
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Feb 2019 21:11:17 -0000


> On Feb 18, 2019, at 2:49 PM, Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:
> 
> On 2/13/19 6:32 PM, Colin Perkins wrote:
>>> On 2/11/19 10:45 PM, Ben Campbell wrote:
>>>> - Deleted text formerly in §4.3: The removal of the “private sessions” section in its entirety deserves some explanatory text.
>>> 
>>> I don't recall why that was removed. I’ll try to find the discussion on it.
>> http://mailarchive.ietf.org/arch/msg/mmusic/W82Ba0vOboPUqbfWiZ0yJZqZMTQ
> 
> That is a reply from Christer. The relevant part says:
> 
>> My suggestion would be to remove the whole section. I can't remember any discussion where one would have used private vs public sessions. The Security Considerations should then cover encryption etc of SDP information.
> 
> We managed to do the part that deletes the Private Sessions section, but not the update to Security Considerations. When looked at from this perspective, Security Considerations does seem lacking.
> 
> Ben, will you be happy if this is addressed in Security Considerations? If so I'll open another discussion about that.

To be clear, I was asking for language along the lines of “4566 had this thing; we’re taking it out. Here’s why”. I’m fine if that is covered in the security considerations section. The “Summary of Changes” section could also work. This might be orthogonal to the security considerations language that Christer had in mind (which we should also add.)

> 
> 	Thanks,
> 	Paul