IETF Logo Mail Archive

[MMUSIC] Fwd: draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?

Ben Campbell <ben@nostrum.com> Wed, 31 May 2017 20:22 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1646129AE7 for <mmusic@ietfa.amsl.com>; Wed, 31 May 2017 13:22:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.88
X-Spam-Level:
X-Spam-Status: No, score=-1.88 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w4ECKzfyDKx0 for <mmusic@ietfa.amsl.com>; Wed, 31 May 2017 13:22:54 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB98D12922E for <mmusic@ietf.org>; Wed, 31 May 2017 13:22:53 -0700 (PDT)
Received: from [10.0.1.63] (cpe-66-25-7-22.tx.res.rr.com [66.25.7.22]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v4VKMqUQ016774 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 31 May 2017 15:22:53 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-66-25-7-22.tx.res.rr.com [66.25.7.22] claimed to be [10.0.1.63]
From: Ben Campbell <ben@nostrum.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_B685000C-4EAC-4526-8D30-5F84578A1E1F"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 31 May 2017 15:22:52 -0500
References: <D551D683.1D429%christer.holmberg@ericsson.com>
Cc: mmusic-chairs@ietf.org, mmusic <mmusic@ietf.org>
To: Cullen Jennings <fluffy@iii.ca>, Eric Rescorla <ekr@rtfm.com>, Roman Shpount <roman@telurix.com>, Martin Thomson <martin.thomson@gmail.com>, Christer Holmberg <christer.holmberg@ericsson.com>
Message-Id: <22C94242-218F-4724-AE92-E0B1E8DC2C82@nostrum.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/P9qjcatJ3Im0cJHcedZA_XsZJzM>
Subject: [MMUSIC] Fwd: draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 May 2017 20:22:56 -0000

Can people live with the PR as it currently stands, even if it’s not “perfect”? If not, what would it take to be able to live with it? It’s been almost 2 months since the IETF LC completed. It would be nice to progress this soon.

Thanks!

Ben.

> Begin forwarded message:
> 
> From: Christer Holmberg <christer.holmberg@ericsson.com>
> Subject: Re: [MMUSIC] draft-dtls-sdp: Allow offerer to establish DTLS association before it has received the SDP answer?
> Date: May 29, 2017 at 5:41:19 AM CDT
> To: Martin Thomson <martin.thomson@gmail.com>, Eric Rescorla <ekr@rtfm.com>
> Cc: "mmusic@ietf.org" <mmusic@ietf.org>
> 
> Hi,
> 
> I have updated the PR.
> 
> The text now says ³complete² instead of ³finalise². In addition, I removed
> the text about attacks, and only kept the text saying that media received
> before the answer must be considered unauthenticated.
> 
> If people are still not happy with the text, I¹d really appreciate some
> text.
> 
> Regards,
> 
> Christer
> 
> 
> 
> On 26/05/17 14:32, "mmusic on behalf of Christer Holmberg"
> <mmusic-bounces@ietf.org on behalf of christer.holmberg@ericsson.com>
> wrote:
> 
>> Hi,
>> 
>> You are the DTLS gurus - please suggest changes that makes the text
>> correct - and still hopefully keeps Cullen happy :)
>> 
>> Regards,
>> 
>> Christer
>> 
>> 
>> On 26/05/17 14:01, "Martin Thomson" <martin.thomson@gmail.com> wrote:
>> 
>>> On 26 May 2017 at 20:37, Eric Rescorla <ekr@rtfm.com> wrote:
>>>> Also, you say that if you initiate the handshake before the answer
>>>> is received you are vulnerable to attacks. What attacks are those?
>>> 
>>> It should be "complete" - on the assumption that a completed handshake
>>> leads immediately to using the connection.  Really, it's using the
>>> connection (sending or receiving data or using exporters) that puts
>>> you at risk, but I don't think that it's worth putting that fine a
>>> distinction on it.
>> 
>> _______________________________________________
>> mmusic mailing list
>> mmusic@ietf.org
>> https://www.ietf.org/mailman/listinfo/mmusic
> 
> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic

v2.23.0 | Report a Bug | By Email