Re: [MMUSIC] I-D Action: draft-ietf-mmusic-latching-01.txt

"Cullen Jennings (fluffy)" <fluffy@cisco.com> Tue, 11 June 2013 02:56 UTC

Return-Path: <fluffy@cisco.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 699D421E80A8 for <mmusic@ietfa.amsl.com>; Mon, 10 Jun 2013 19:56:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.733
X-Spam-Level:
X-Spam-Status: No, score=-109.733 tagged_above=-999 required=5 tests=[AWL=0.866, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHTh-jZi8Pa0 for <mmusic@ietfa.amsl.com>; Mon, 10 Jun 2013 19:56:04 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id 943B121E804E for <mmusic@ietf.org>; Mon, 10 Jun 2013 19:56:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=875; q=dns/txt; s=iport; t=1370919364; x=1372128964; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=FEIq2NEVXxVSr5E1x7gV9/WajEXoP53/IiGtGigI6/0=; b=YPQc5e9PSiFxygW1d/d9LizWcgjhm3D1s2/5sw2T2ZwSV8JyDGOmu26D Py4r8uye6Ic4A0sRsYpg7+fwHhboYPZzc0LtnIrDouF8aRygruue/5Ukx N3rwwKQumSUEUfOQmdMoTLDRjGcqXPelWSRscG89kIZ4ceaKUZFtmbRhN I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvMLAPWQtlGtJV2b/2dsb2JhbABZgwkwSYItvBQBAwEDAXsWdIIjAQEBAwFyBxACAQgOFCQyJQIEDg2Hfwa6GY8EAjEHgn9hA4hokAGQGYMPgic
X-IronPort-AV: E=Sophos;i="4.87,841,1363132800"; d="scan'208";a="221251098"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-4.cisco.com with ESMTP; 11 Jun 2013 02:56:03 +0000
Received: from xhc-aln-x07.cisco.com (xhc-aln-x07.cisco.com [173.36.12.81]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r5B2u2wP029891 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 11 Jun 2013 02:56:02 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.36]) by xhc-aln-x07.cisco.com ([173.36.12.81]) with mapi id 14.02.0318.004; Mon, 10 Jun 2013 21:56:02 -0500
From: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
To: Emil Ivov <emcho@jitsi.org>
Thread-Topic: [MMUSIC] I-D Action: draft-ietf-mmusic-latching-01.txt
Thread-Index: AQHOZe11EXDGbTPi/kGsN0Ab2PGjGpkwJl+A
Date: Tue, 11 Jun 2013 02:55:11 +0000
Message-ID: <C5E08FE080ACFD4DAE31E4BDBF944EB113558B54@xmb-aln-x02.cisco.com>
References: <20130507182905.15924.84115.idtracker@ietfa.amsl.com> <C5E08FE080ACFD4DAE31E4BDBF944EB1134DED4A@xmb-aln-x02.cisco.com> <518E169E.4050006@jitsi.org> <C5E08FE080ACFD4DAE31E4BDBF944EB1135230D4@xmb-aln-x02.cisco.com> <51B5EDB9.9030109@jitsi.org>
In-Reply-To: <51B5EDB9.9030109@jitsi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.70.230.50]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <57EEE4822FB2BD4C915C56650877290E@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "mmusic@ietf.org WG" <mmusic@ietf.org>
Subject: Re: [MMUSIC] I-D Action: draft-ietf-mmusic-latching-01.txt
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2013 02:56:09 -0000

> 
>> and discussing the issues it raises with relation to this draft.
>> 
>> Next I think you need to add a specific attack where two people are
>> both behind the same CGN.
> 
> This exact case was already described in the security considerations section:
> 
> tools.ietf.org/html/draft-ietf-mmusic-latching-02#page-11
> 
> (last paragraph on the page)

It was exactly this paragraph that I thought was pretty misleading. When I read " SBCs have various mechanisms to prevent this as well." I really wonder what they when both end points are behind a CGN. 

I think this paragraph should make it very clear that in the  CGN case, this technic allows interception of the media. If there are specific ways to stop that from happening, the draft should say it and if there are not it should be very explicitly clear about that.