Re: [MMUSIC] Comments on draft-ietf-mmusic-sdp-capability-negotiation-05
Flemming Andreasen <fandreas@cisco.com> Thu, 15 March 2007 22:28 UTC
Return-path: <mmusic-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HRyQu-00051m-7d; Thu, 15 Mar 2007 18:28:28 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HRyQs-00051G-Sw for mmusic@ietf.org; Thu, 15 Mar 2007 18:28:26 -0400
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HRyQq-0005le-Gf for mmusic@ietf.org; Thu, 15 Mar 2007 18:28:26 -0400
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-3.cisco.com with ESMTP; 15 Mar 2007 15:28:25 -0700
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l2FMSN7Y000742; Thu, 15 Mar 2007 15:28:23 -0700
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l2FMSNMF027245; Thu, 15 Mar 2007 22:28:23 GMT
Received: from xfe-sjc-212.amer.cisco.com ([171.70.151.187]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 15 Mar 2007 15:28:23 -0700
Received: from [10.21.121.129] ([10.21.121.129]) by xfe-sjc-212.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 15 Mar 2007 15:28:23 -0700
Message-ID: <45F9C886.7060300@cisco.com>
Date: Thu, 15 Mar 2007 18:28:22 -0400
From: Flemming Andreasen <fandreas@cisco.com>
User-Agent: Thunderbird 1.5.0.10 (Windows/20070221)
MIME-Version: 1.0
To: EKR <ekr@networkresonance.com>
Subject: Re: [MMUSIC] Comments on draft-ietf-mmusic-sdp-capability-negotiation-05
References: <20070311035514.036491CC77@delta.rtfm.com>
In-Reply-To: <20070311035514.036491CC77@delta.rtfm.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 15 Mar 2007 22:28:23.0335 (UTC) FILETIME=[3DFCFB70:01C76751]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=4499; t=1173997704; x=1174861704; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fandreas@cisco.com; z=From:=20Flemming=20Andreasen=20<fandreas@cisco.com> |Subject:=20Re=3A=20[MMUSIC]=20Comments=20on=20draft-ietf-mmusic-sdp-capa bility-negotiation-05 |Sender:=20; bh=S42CfQFlOTibvhr2QvixgRlrK6e8vW6jMZU3ALCaDmM=; b=eEXQK/jVlNf1NfI4+Ndpzk1BPJgr8to1e2fHj/2B8kjh8xHF89kvnXS3dzls2smdC0MZLayf 3SM3Ado0ltR98dRPlqY4uGDOF/UYb2Ct+Y/ZLTePcNfcO/bFCJOrJdsL;
Authentication-Results: sj-dkim-2; header.From=fandreas@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: 1.1 (+)
X-Scan-Signature: 7fa173a723009a6ca8ce575a65a5d813
Cc: mmusic@ietf.org
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
Errors-To: mmusic-bounces@ietf.org
Thanks for the review and comments Ekr - responses below.... EKR wrote: > $Id: draft-ietf-mmusic-sdp-capability-negotitation-05-rev.txt,v 1.1 2007/03/11 04:06:19 ekr Exp $ > > This looks pretty complete. > > I've got some minor comments. > > S 3.1. > o A new attribute ("a=pcfg") that lists the potential > configurations supported. This is done by reference to the > capabilities from the SDP in question. Multiple potential > configurations have an explicitly indicated ordering > associated with them. Extension capabilities can be defined > and referenced in the potential configurations. > > o A new attribute ("a=acfg") to be used in an answer SDP. The > attribute identifies a potential configuration from an offer > SDP which were used as an actual configuration to form the > answer SDP. Extension capabilities can be included as well. > > pcfg goes in the offer and acfg in the answer, right? Can you say > that a little more explicitly. > > Will do. Also note that pcfg can go in an answer as well (as in we have not precluded that, but if I recall correctly, also did not say anything about that). > S 3.8/3.9.1. > The SDP capability negotiation framework does not define such an > alternative, however extensions may do so. For example, one technique > proposed for best-effort SRTP in [BESRTP] is to provide different RTP > payload type mappings for different transport protocols used, outside > of the actual configuration, while still allowing them to be used by > the answerer (exchange of keying material is still needed). The basic > SDP capability negotiation framework defined here does not include > the ability to do so, however extensions that enable that may be > defined. > > ... > > The rtpmap parameter binds an RTP payload type to a media format > (codec). While it is possible to provide rtpmaps for payload types > not found in the corresponding "m=" line, such rtpmaps provide no > value in normal offer/answer exchanges, since only the payload types > found in the "m=" line is part of the offer (or answer). This applies > to the core SDP capability negotiation framework as well: Only the > media formats (e.g. RTP payload types) provided in the "m=" line are > actually offered; inclusion of rtpmap attributes with other RTP > payload types in a potential configuration does not change this fact > and hence they do not provide any useful information. They may still > be useful as pure capabilities though (outside a potential > configuration). > > Should we offer some guidance about the payload type mappings being > as consistent as possible between the various potential configurations? > > Probably a good idea, at least as long as the potential configurations don't otherwise require receipt of the answer before you can process media based on them. > S 4.3. > > Finally, if Bob had chosen to use session-level MIKEY instead of SDP > security descriptions instead, the following answer would have been > generated: > > ... > > In the other examples, there has been an UPDATE to help out middleboxes. > This would have bad side effects with MIKEY, right, since you can't > guarantee that you won't (and in fact you probably will) have to > do a new DH computation and then rekey... > > The idea would be to include exaxtly the same keying material as in the previous offer/answer exchange. We've touched on that in the security preconditions draft (draft-ietf-mmusic-securityprecondition-03.txt) where the assumption is that such cases will not be interpreted as a replay attack. From security preconditions: <quote> Of course, this duplication of key exchange during precondition establishment is not to be interpreted as a replay attack. This issue may be solved if, e.g., the SDP implementation recognizes that the key management protocol data is identical in the second offer/answer exchange and avoids forwarding the information to the security layer for further processing. </quote> Should we add similar text to this draft ? -- Flemming > -Ekr > > > > _______________________________________________ > mmusic mailing list > mmusic@ietf.org > https://www1.ietf.org/mailman/listinfo/mmusic > > _______________________________________________ mmusic mailing list mmusic@ietf.org https://www1.ietf.org/mailman/listinfo/mmusic