IETF Logo Mail Archive

Re: [MMUSIC] Comments on draft-ietf-mmusic-sdp-capability-negotiation-05

Flemming Andreasen <fandreas@cisco.com> Thu, 15 March 2007 22:28 UTC

Return-path: <mmusic-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HRyQu-00051m-7d; Thu, 15 Mar 2007 18:28:28 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HRyQs-00051G-Sw for mmusic@ietf.org; Thu, 15 Mar 2007 18:28:26 -0400
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HRyQq-0005le-Gf for mmusic@ietf.org; Thu, 15 Mar 2007 18:28:26 -0400
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-3.cisco.com with ESMTP; 15 Mar 2007 15:28:25 -0700
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l2FMSN7Y000742; Thu, 15 Mar 2007 15:28:23 -0700
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l2FMSNMF027245; Thu, 15 Mar 2007 22:28:23 GMT
Received: from xfe-sjc-212.amer.cisco.com ([171.70.151.187]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 15 Mar 2007 15:28:23 -0700
Received: from [10.21.121.129] ([10.21.121.129]) by xfe-sjc-212.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 15 Mar 2007 15:28:23 -0700
Message-ID: <45F9C886.7060300@cisco.com>
Date: Thu, 15 Mar 2007 18:28:22 -0400
From: Flemming Andreasen <fandreas@cisco.com>
User-Agent: Thunderbird 1.5.0.10 (Windows/20070221)
MIME-Version: 1.0
To: EKR <ekr@networkresonance.com>
Subject: Re: [MMUSIC] Comments on draft-ietf-mmusic-sdp-capability-negotiation-05
References: <20070311035514.036491CC77@delta.rtfm.com>
In-Reply-To: <20070311035514.036491CC77@delta.rtfm.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 15 Mar 2007 22:28:23.0335 (UTC) FILETIME=[3DFCFB70:01C76751]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=4499; t=1173997704; x=1174861704; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fandreas@cisco.com; z=From:=20Flemming=20Andreasen=20<fandreas@cisco.com> |Subject:=20Re=3A=20[MMUSIC]=20Comments=20on=20draft-ietf-mmusic-sdp-capa bility-negotiation-05 |Sender:=20; bh=S42CfQFlOTibvhr2QvixgRlrK6e8vW6jMZU3ALCaDmM=; b=eEXQK/jVlNf1NfI4+Ndpzk1BPJgr8to1e2fHj/2B8kjh8xHF89kvnXS3dzls2smdC0MZLayf 3SM3Ado0ltR98dRPlqY4uGDOF/UYb2Ct+Y/ZLTePcNfcO/bFCJOrJdsL;
Authentication-Results: sj-dkim-2; header.From=fandreas@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: 1.1 (+)
X-Scan-Signature: 7fa173a723009a6ca8ce575a65a5d813
Cc: mmusic@ietf.org
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
Errors-To: mmusic-bounces@ietf.org

Thanks for the review and comments Ekr - responses below....



EKR wrote:
> $Id: draft-ietf-mmusic-sdp-capability-negotitation-05-rev.txt,v 1.1 2007/03/11 04:06:19 ekr Exp $
>
> This looks pretty complete.
>
> I've got some minor comments.
>
> S 3.1.
>        o  A new attribute ("a=pcfg") that lists the potential 
>           configurations supported. This is done by reference to the 
>           capabilities from the SDP in question. Multiple potential 
>           configurations have an explicitly indicated ordering 
>           associated with them. Extension capabilities can be defined 
>           and referenced in the potential configurations.  
>
>        o  A new attribute ("a=acfg") to be used in an answer SDP. The 
>           attribute identifies a potential configuration from an offer 
>           SDP which were used as an actual configuration to form the 
>           answer SDP. Extension capabilities can be included as well. 
>
> pcfg goes in the offer and acfg in the answer, right? Can you say
> that a little more explicitly.
>
>   
Will do. Also note that pcfg can go in an answer as well (as in we have 
not precluded that, but if I recall correctly, also did not say anything 
about that).


> S 3.8/3.9.1.
>    The SDP capability negotiation framework does not define such an 
>    alternative, however extensions may do so. For example, one technique 
>    proposed for best-effort SRTP in [BESRTP] is to provide different RTP 
>    payload type mappings for different transport protocols used, outside 
>    of the actual configuration, while still allowing them to be used by 
>    the answerer (exchange of keying material is still needed). The basic 
>    SDP capability negotiation framework defined here does not include 
>    the ability to do so, however extensions that enable that may be 
>    defined.  
>
>    ...
>
>    The rtpmap parameter binds an RTP payload type to a media format 
>    (codec). While it is possible to provide rtpmaps for payload types 
>    not found in the corresponding "m=" line, such rtpmaps provide no 
>    value in normal offer/answer exchanges, since only the payload types 
>    found in the "m=" line is part of the offer (or answer). This applies 
>    to the core SDP capability negotiation framework as well: Only the 
>    media formats (e.g. RTP payload types) provided in the "m=" line are 
>    actually offered; inclusion of rtpmap attributes with other RTP 
>    payload types in a potential configuration does not change this fact 
>    and hence they do not provide any useful information. They may still 
>    be useful as pure capabilities though (outside a potential 
>    configuration).  
>
> Should we offer some guidance about the payload type mappings being
> as consistent as possible between the various potential configurations?
>
>   
Probably a good idea, at least as long as the potential configurations 
don't otherwise require receipt of the answer before you can process 
media based on them.

> S 4.3.
>
>    Finally, if Bob had chosen to use session-level MIKEY instead of SDP 
>    security descriptions instead, the following answer would have been 
>    generated: 
>
>    ...
>
> In the other examples, there has been an UPDATE to help out middleboxes.
> This would have bad side effects with MIKEY, right, since you can't
> guarantee that you won't (and in fact you probably will) have to
> do a new DH computation and then rekey...
>
>   
The idea would be to include exaxtly the same keying material as in the 
previous offer/answer exchange. We've touched on that in the security 
preconditions draft (draft-ietf-mmusic-securityprecondition-03.txt) 
where the assumption is that such cases will not be interpreted as a 
replay attack. From security preconditions:

<quote>
Of course, this duplication of key exchange during precondition 
establishment is not to be interpreted as a replay attack. This issue 
may be solved if, e.g., the SDP implementation recognizes that the key 
management protocol data is identical in the second offer/answer 
exchange and avoids forwarding the information to the security layer for 
further processing.
</quote>

Should we add similar text to this draft ?

-- Flemming


> -Ekr
>
>
>
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www1.ietf.org/mailman/listinfo/mmusic
>
>   

_______________________________________________
mmusic mailing list
mmusic@ietf.org
https://www1.ietf.org/mailman/listinfo/mmusic

v2.23.0 | Report a Bug | By Email