Re: [MMUSIC] Secdir last call review of draft-ietf-mmusic-dtls-sdp-22

Christer Holmberg <> Thu, 06 April 2017 18:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 38B2E12741D; Thu, 6 Apr 2017 11:37:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hLeYD19iKbOu; Thu, 6 Apr 2017 11:37:07 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 86DE2127775; Thu, 6 Apr 2017 11:37:06 -0700 (PDT)
X-AuditID: c1b4fb2d-dadfe700000033e1-4c-58e68ace1958
Received: from (Unknown_Domain []) by (Symantec Mail Security) with SMTP id F4.C3.13281.ECA86E85; Thu, 6 Apr 2017 20:37:04 +0200 (CEST)
Received: from ([]) by ([]) with mapi id 14.03.0339.000; Thu, 6 Apr 2017 20:37:02 +0200
From: Christer Holmberg <>
To: Rich Salz <>, "" <>
CC: "" <>, "" <>, "" <>
Thread-Topic: Secdir last call review of draft-ietf-mmusic-dtls-sdp-22
Thread-Index: AQHSrvc7Q+l4Ggm5cUSsh7p7Glw+qqG4q/Pg
Date: Thu, 6 Apr 2017 18:37:32 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupkkeLIzCtJLcpLzFFi42KZGbE9SvdC17MIg2NtWhY77u5gs3i2cT6L xdTlj1ks/m/pZLH4sPAhiwOrx+QjC5g9liz5yRTAFMVlk5Kak1mWWqRvl8CVcfbfBJaCV0IV 525MZ25gXCPUxcjJISFgItHQ/Zili5GLQ0hgPaPE+mtH2SCcxYwSB16/Ye1i5OBgE7CQ6P6n DdIgIuAqsa33MzNIDbPAQkaJ72c/MYIkhIESk08eYIQocpNY8eAkG4RtJLH08ipmEJtFQEVi z+yHzCAzeQV8JX5OB5spJOAi8f9uHyuIzQk0prd9B5jNKCAm8f3UGiYQm1lAXOLWk/lMEEcL SCzZc54ZwhaVePn4HyuErSSx9vB2FpDxzAKaEut36UO0KkpM6X7IDmLzCghKnJz5hGUCo+gs JFNnIXTMQtIxC0nHAkaWVYyixanFxbnpRsZ6qUWZycXF+Xl6eaklmxiBEXRwy2/dHYyrXzse YhTgYFTi4U348SRCiDWxrLgy9xCjBAezkgiv+nugEG9KYmVValF+fFFpTmrxIUZpDhYlcV6H fRcihATSE0tSs1NTC1KLYLJMHJxSDYzafiEL/xjv2ey6MOeOtVybC8OW1eWnHzvdZj9+++zs G7M2x+xcYnMoui/zvUKcyMsX6455fb6n7z6nwDn/0JHv9r3/Hdjq/1248K9l8up625nFak2b 4w6E6Kmc1ubfayO6Zcuiee7yq4xCV82Xivcq+n06VL3U6M1TUaMFLqbSey6+7fedNrlSiaU4 I9FQi7moOBEAilxX65wCAAA=
Archived-At: <>
Subject: Re: [MMUSIC] Secdir last call review of draft-ietf-mmusic-dtls-sdp-22
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 06 Apr 2017 18:37:09 -0000

Hi Rich,

Thanks for your review!

Note that, based on discussions in Chicago, the draft will be extended to also cover TLS associations. So, it may end up on your table again at some point :)

Never the less, I will reply to your comments, because some of them are not related to the change.

>Reviewer: Rich Salz
>Review result: Has Nits
>The term "ufrag" should be explained, or at least have a reference on its first use.  It seems important :)

I will add a reference to draft-5245bis.

>I think the "fingerprint" reference should be moved up to the bullet list in section 4, from the bullet list in 5.1

I am not sure. The bullet list in section 4 talks about the fingerprint in general, while the bullet list in 5.1 talks about the fingerprint attribute.

>Sec 4 uses the term "cryptographic random function" which is not a common security term.  (See
>I would just say "strong random function"; it's the number of random bits that counts.  Or use CSPRNG as the term.

I will use "strong random function".

>In Sec 9, it seems like quoting all the old text is way too verbose. 
>I would just say "replace with the following NEW TEXT"
>If it's not replacing an entire section, then say "the nnn paragraphs starting with xxxxx" or similar construct.

This comes up everything a section is updated. Some people only want to updated parts, while others want the whole updated section - no matter how much or little has been updated. So, I'd like to keep it as it is.

Note, however, that based on the gen-art review I will place the updates of each individual section in a separate sub section of the draft.